Extracted

• • Target

    486d6a713d8c907df70a919729ac685328ab91a8977c2e352165640c4bd4d507.apk

  • Size

    3.7MB

  • MD5

    cee4b1fae8a45502d106a200593a9125

  • SHA1

    627ef79b459b7e4c001ec298e7fae9f82f16fc97

  • SHA256

    486d6a713d8c907df70a919729ac685328ab91a8977c2e352165640c4bd4d507

  • SHA512

    8ce3d4580af1855f39bc4714490731ff4414b0d425dacfc64055b1fd0618495149d148fdcdcfab66c47542d63ab0c7af80a056a8f3faf506b5e0899526bd8087

  • SSDEEP

    98304:S6YFtCZdYrO7+d00Vs18LnORE/TRZWT1wS/j3uoz:S6QCzYrOw00ayTPLTWT/5

  Score

  10^/10

  oscorp5884jaanhebankercollectioncredential_accessdefense_evasionevasionimpactinfostealerratstealthtrojan

  • Oscorp

    Oscorp is an Android stealer that targets multiple financial information first seen in Feb 2021.

    trojaninfostealerratbankeroscorp

  • Oscorp family

    oscorp

  • Removes its main activity from the application launcher

    stealthtrojanevasion

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectiondefense_evasioncredential_access

  • Performs UI accessibility actions on behalf of the user

    Application may abuse the accessibility service to prevent their removal.

    evasion

  • Requests enabling of the accessibility settings.

  behavioral1