Extracted

• • Target

    2955d3b29478cfa7cef60cec968225d5541edd94ab4f08ba037843368d86806f

  • Size

    12.7MB

  • MD5

    198b09fea9e34251de6eb1970814cdf6

  • SHA1

    f430c95ce40aae9565008abe064f708bff63f295

  • SHA256

    2955d3b29478cfa7cef60cec968225d5541edd94ab4f08ba037843368d86806f

  • SHA512

    51d7eede38aeb80ab5f87ac25ed64421113a4be739076931cd92c37db138aecf8756d9dac2247c12cc2247c623bd87fe8272d85f4991da082ec45b005aacc4d8

  • SSDEEP

    393216:ipAM02+p7+IB2rhNumqYZz1xwPmLH+luHeFoDcJ6FSoRlK/a:ipAM02OuT3ZzzB7eV6A9a

  Score

  7^/10

  bankercollectioncredential_accessdefense_evasiondiscoveryevasionpersistenceimpact

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectiondefense_evasioncredential_access

  • Obtains sensitive information copied to the device clipboard

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Acquires the wake lock

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Performs UI accessibility actions on behalf of the user

    Application may abuse the accessibility service to prevent their removal.

    evasion

  • Queries information about the current Wi-Fi connection

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery

  • Queries the mobile country code (MCC)

    discovery
  behavioral1behavioral2