Extracted

• • Target

    085ecdbc26e753f303c76efb4150d2d8b03dba6e6c3c87f42fbcd91d32d640aa.bin

  • Size

    816KB

  • MD5

    c86122be0dc05312aecc99fa67038dfd

  • SHA1

    f3bbd333974cc71dadfe1f2efa5bc6dd2a513fdf

  • SHA256

    085ecdbc26e753f303c76efb4150d2d8b03dba6e6c3c87f42fbcd91d32d640aa

  • SHA512

    6e3490b0bef477c481cc74d84b8efc94bf6f4d44f349d54fb06748aff50c509251c69b14c8315f39b9518c1a4de80f307e1a856cae2ee41e1f85b2a0037f10ad

  • SSDEEP

    12288:Q52/9mziH2PIwT/2FsCmUNIzXRF2HC62pC7pLRYLLLLJi+JvEchgsRczv0:Q52/9mz/wwTHCjNIzXiHfV8vEchfq0

  Score

  8^/10

  bankerdefense_evasiondiscoveryevasionpersistencestealthtrojan

  • Removes its main activity from the application launcher

    stealthtrojanevasion

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence
  behavioral1behavioral2behavioral3