Extracted

• • Target

    a23d94671ca419c20c7621ffea0380863bdaf73014114357fc0c92a567da3cd1.bin

  • Size

    788KB

  • MD5

    9a4a80b973b477782f94a0773b7a9fa0

  • SHA1

    ac29704ac6b9f983aa42393934e66ad1f06a7b56

  • SHA256

    a23d94671ca419c20c7621ffea0380863bdaf73014114357fc0c92a567da3cd1

  • SHA512

    caf3a028f1e349ba91e287af24578b095b1168a24f5868861325935f60b9d49d65e7e9b5e9c178e9f13c87a6c78c69d581c0377feb5c19f9d8b85fd168fa35f7

  • SSDEEP

    12288:29ubWZlxi2odwvi/RwncvOmyarxefeGVL7J6sgRJLT9hb/yRt:29ubsPgw6ucvZyaNefeGtJ6scLTHT0

  Score

  7^/10

  bankerdefense_evasiondiscoverypersistence

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Requests enabling of the accessibility settings.

  behavioral1behavioral2behavioral3