Extracted

• • Target

    0779e7a67ab89e29ad3bd77beb12853f788218ff239149e256af69a5d0f4f9ab.bin

  • Size

    760KB

  • MD5

    2e3324fe2ba530b27125cf55de1c1c6f

  • SHA1

    d70b6be667d54ccaf2d6d94ea2d9c20c5ac3ceff

  • SHA256

    0779e7a67ab89e29ad3bd77beb12853f788218ff239149e256af69a5d0f4f9ab

  • SHA512

    9d28eb2c9d53cbcd3a63d9878912d3dba36c55299e3aa2be5d2a9bacd63e50c7c7dff019f16e80c63ea9030b1dacf8a3ad37779563d53f238dc87b731caebcc6

  • SSDEEP

    12288:2vdBxa1a8LrewV+0QQtN5WmpYshXZPbGwidNpgQSz:2vFa1a2ewdQQtN5WmD9idNpu

  Score

  7^/10

  bankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3