Extracted

• • Target

    59f554d6222f027a3cb4df6d37b90189e307d643c0e79219869468756eb9951f.bin

  • Size

    792KB

  • MD5

    d65eaa5a070af1ea7572ee646187f145

  • SHA1

    cd28a0b617a072012002f6c62dce9dfbf07b611d

  • SHA256

    59f554d6222f027a3cb4df6d37b90189e307d643c0e79219869468756eb9951f

  • SHA512

    288f81a41c85ea5cafd980e6363f1e60b4daaeb1e01d5b2f18d655c15c97ddee7972ec7617cd2c54c8e930ca4f106664b6a389616e6ffc8b7877910c93aba295

  • SSDEEP

    12288:oMgfa1a8LdeC+RB0yJ+0T6Wk5WmpYshXZPbGwidNpgfe:oxa1a6eC+RBrJHT6Wk5WmD9idNp5

  Score

  7^/10

  bankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3