Extracted

• • Target

    74df1aea39d85d36492dec1891ff354b9685a0c6d5cc9ae7b8c213ef821979ee.bin

  • Size

    760KB

  • MD5

    92c2ceefc9b42275b539942fefefdd91

  • SHA1

    06f3807a40727a459d09310ebae70f7d9a66e9b0

  • SHA256

    74df1aea39d85d36492dec1891ff354b9685a0c6d5cc9ae7b8c213ef821979ee

  • SHA512

    db2e68cd5a34d10cc34dd24b7d1d9a30d95b09d07aa4155ac1ba6eaddae6b879ea9979aec17d89b90218736920925b6073e2d7be32e3a7310c59284d4db27c3f

  • SSDEEP

    12288:h4NvLxa1a8LVern/7HIIq5WmpYshXZPbGwidNpgwNg:h4da1aKerTHIIq5WmD9idNp+

  Score

  7^/10

  bankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3