Extracted

• • Target

    df6a1e1bf009c126f277b59795339f40507185910af69212237e060a3f2d4ece.bin

  • Size

    885KB

  • MD5

    4ee29dc7c21f73a922daa41f48b83e62

  • SHA1

    c32bb3bb2f2fd1a1c06c10e0420541d2acc08673

  • SHA256

    df6a1e1bf009c126f277b59795339f40507185910af69212237e060a3f2d4ece

  • SHA512

    ba9c64b1d2053941ec7dbe6c7910d15b73e5d51532f85966a2e787bcf22d56dca3d7a9e51ef05d40277554f7446762854df535fb600da13e98d6c26230b5e8b7

  • SSDEEP

    12288:Vtmjd3J6sgRwLzGLh8Y8tq3uFRO5Q1q5WmpYshXZPbGwidNpg2V:VcJ3J6sbLzGV0t1F51q5WmD9idNp1

  Score

  7^/10

  bankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3