Extracted

• • Target

    492f7f40145e0c0870d50a84da9acad7c9613c427e24ddd1e9f707519179cd36.bin

  • Size

    757KB

  • MD5

    0d6eb34cacc613e925c7b22de502eb8c

  • SHA1

    818d31e3407cf36bc9654421dc4c08df9f386c85

  • SHA256

    492f7f40145e0c0870d50a84da9acad7c9613c427e24ddd1e9f707519179cd36

  • SHA512

    c3cecb2a6a3ec40f22b18b845093e5685fb0fd3a336f20185cb444df51fab1175ef70dd2c8e427fb73a9e1bd1b8ba3d6e2cd53e34a611220cf815de6602771e7

  • SSDEEP

    12288:wOEG9a1a8LzeQ6ylJDBVDI685WmpYshXZPbGwidNpgLW:NEka1ameqlJNVc685WmD9idNpB

  Score

  7^/10

  bankerdefense_evasiondiscoverypersistenceimpactprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3