Extracted

• • Target

    8002fd29cc59104db90643f6559bda9b8aad0ed5ea2b4d915ce5cb33d16c459c.bin

  • Size

    760KB

  • MD5

    4a288df4b49dacb4f6d91efb88270edc

  • SHA1

    0cae846eeb9ff16c5525671ec66a23a40fbf2820

  • SHA256

    8002fd29cc59104db90643f6559bda9b8aad0ed5ea2b4d915ce5cb33d16c459c

  • SHA512

    8a42fa6b87214ac2fbde1b7f11b4c722628d9249e375c438e5d28d91b6a02b7f37afcc168a3a9d3dbc715f6bebacaa5605249c5cd2b50cfaac5f8ed34d8d6937

  • SSDEEP

    12288:EBOVdtUIFa1a8LzeF2tgyRRO5WmpYshXZPbGwidNpgjz:EcTt3a1ameF7yRRO5WmD9idNpA

  Score

  7^/10

  bankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3