flubot | c0a562759f136fc761fc23b299aadba8b4a96d4802adff067cd2e6c3461d68c1 | Triage

Submit
Reports

Overview

overview

Static

static

8

Android APK

android_x64

Sharing

General

Target

1.apk
Size

3.8MB
Sample

210611-4ytsssfc4s
MD5

af10d88e77b84853582d76352f5155dd
SHA1

484239200a2927b23c1b9706607b34a7fa26ee34
SHA256

c0a562759f136fc761fc23b299aadba8b4a96d4802adff067cd2e6c3461d68c1
SHA512

be1b10d848574c7e1c63585394e2e5f0f2b50e6481b205c68f6b34356e40001fc07767f09161cad6121d4f95adcfe95b5647d1a1e273eb995b9055d7130daf0f

Score

10^/10

flubot android banker infostealer obfuscation ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

1.apk

Resource

android-x64

flubot banker infostealer obfuscation ransomware trojan

android_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  1.apk
- Size
  
  3.8MB
- MD5
  
  af10d88e77b84853582d76352f5155dd
- SHA1
  
  484239200a2927b23c1b9706607b34a7fa26ee34
- SHA256
  
  c0a562759f136fc761fc23b299aadba8b4a96d4802adff067cd2e6c3461d68c1
- SHA512
  
  be1b10d848574c7e1c63585394e2e5f0f2b50e6481b205c68f6b34356e40001fc07767f09161cad6121d4f95adcfe95b5647d1a1e273eb995b9055d7130daf0f
Score

10^/10

flubot banker infostealer obfuscation ransomware trojan
- FluBot
  FluBot is an android banking trojan that uses overlays.
  banker trojan infostealer flubot
- FluBot Payload
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

flubotbankerinfostealerobfuscationransomwaretrojan

© 2018-2024

Terms | Privacy