Extracted

• • Target

    4dc084be529febc78b4cf0a44eb537d1c585539e57cec1e4d80adcc975bc01ec.bin

  • Size

    760KB

  • MD5

    9e58be30ad23d7d29cdf6e59c1764f59

  • SHA1

    2e4c306b6a58ba42414faace03c4b73328cdc6e9

  • SHA256

    4dc084be529febc78b4cf0a44eb537d1c585539e57cec1e4d80adcc975bc01ec

  • SHA512

    01438391153c6713e397ff27d4983057c5cc9c84c956cc9b797f42534906558f17b2f57430c66a1dd6fdfb8553eaca2127a5ef0f3339b369ec614e773cc54fec

  • SSDEEP

    12288:XcLcWFa1a8LVe9NFUzXIu5WmpYshXZPbGwidNpgGKI:XcLLa1aKe9EzXIu5WmD9idNp9

  Score

  7^/10

  bankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3