Extracted

• • Target

    dc6289e307a17b478eddf62a86a358fdeb1fb0c46c3dab3c2f441f55722deeb9.bin

  • Size

    760KB

  • MD5

    c33bc312c00609b2226d6268c12a5f74

  • SHA1

    5e7cf587f8320b82f17f350d3240a06d602f31aa

  • SHA256

    dc6289e307a17b478eddf62a86a358fdeb1fb0c46c3dab3c2f441f55722deeb9

  • SHA512

    277d95ba21efd5bd127283efa90211cf9de9336275e601fbc514a66bf3c512f65f3d666a34294e878b2b8b3b7269eb23ea6dd99078c22d03f54d0535693ef432

  • SSDEEP

    12288:8P56p1a1a8LdexxhGn8wC5WmpYshXZPbGwidNpgzl:8P5+a1a6exyn8wC5WmD9idNpu

  Score

  7^/10

  bankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3