Extracted

• • Target

    e150184e76ef3742a8c9300b8d2585e4bf1f77046e0a0b662a2d89357914f52e.bin

  • Size

    807KB

  • MD5

    04997458dec372e59dfe505e25a14130

  • SHA1

    9df4db4487c5d6cfff161cf38e72229c1bed1b0b

  • SHA256

    e150184e76ef3742a8c9300b8d2585e4bf1f77046e0a0b662a2d89357914f52e

  • SHA512

    b3b11f4a7d4a7add6c1a8d42d44aa6d8a40272e1c183d8b06e8331dddd3003149de5ba30e734e64b81573182705dcb2255d080eb03d5b50e353b1b3cea772aa6

  • SSDEEP

    12288:FvCEa1a8LVe+xXzvLiQ6cTHXv5WmpYshXZPbGwidNpgdS:FKEa1aKegXzjiQ66Xv5WmD9idNp3

  Score

  7^/10

  bankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3