Extracted

• • Target

    d6d6edb2db197c0dc749bcc8036b8711bf2e4a6aec7f8da10a130a775fd18e9f.bin

  • Size

    760KB

  • MD5

    33af5bb97ebc1c9c3897b9da57e4a1ec

  • SHA1

    da6478b78540f7288feb0152364affd372b0224e

  • SHA256

    d6d6edb2db197c0dc749bcc8036b8711bf2e4a6aec7f8da10a130a775fd18e9f

  • SHA512

    e49bf9675d90c50914c28c5edd2cef33a33585cb635f137b2a4a9b060f57172223ee09f992855d6b54dfbffa94cb7e443520ec271fa3df2f1efe5b93df5c6c14

  • SSDEEP

    12288:LdQrUa1a8LzePFsePb7l5k5WmpYshXZPbGwidNpgzO:LEUa1amePBPPl5k5WmD9idNp9

  Score

  7^/10

  bankerdefense_evasiondiscoverypersistence

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Requests enabling of the accessibility settings.

  behavioral1behavioral2behavioral3