Extracted

• • Target

    431d0959eb69cc2c63c7c5af1b9170dcbecd09f8a42e980c3a87f53ba8eef6b4.bin

  • Size

    760KB

  • MD5

    16b05ca6a326611e01c6403983f7f4b7

  • SHA1

    f542d336fe32bba7daca470067fab65f4ed1afc8

  • SHA256

    431d0959eb69cc2c63c7c5af1b9170dcbecd09f8a42e980c3a87f53ba8eef6b4

  • SHA512

    0996a62fc8bc9154f4f1d12e7f3f835f0503c40b8aa04e308c0cc93e12286b22caed3c2b7fd1d26ea2c7e90eda21e8ac201554e201504d0b8bce49876ec0923e

  • SSDEEP

    12288:Ic4hlAa1a8LVeZvlzdK2E5WmpYshXZPbGwidNpg/:Ic4oa1aKeZJdK2E5WmD9idNpg

  Score

  7^/10

  bankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3