Overview

overview

10

Static

static

8

ffaebdbc8c...24.apk

android_x64

10

Resubmissions

15-06-2021 18:35

210615-nab8r25hp6 10

15-06-2021 15:20

210615-a9th5lxqa2 10

Analysis

  • max time kernel
    284681s
  • max time network
    121s
  • platform
    android_x64
  • resource
    android-x64-arm64
  • submitted
    15-06-2021 18:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffaebdbc8c2ecd63f9b97781bb16edc62b2e91b5c69e56e675f6fbba2d792924.apk

  • Size

    3.8MB

  • MD5

    10f8ddd80b1eb94540b5aace12b8824a

  • SHA1

    5f6d13b57112441cd92a9cd2f9d115d9e492f158

  • SHA256

    ffaebdbc8c2ecd63f9b97781bb16edc62b2e91b5c69e56e675f6fbba2d792924

  • SHA512

    66ed579fa60280488142c6fce852bb8751b7cab2f7e323ba05c62bc925b24e4da2cf8733a2ab5c63bbd5ef128108d23398d33d052fd574fc40ed368c75ffb5a0

Score
10/10
flubotbankerinfostealerobfuscationransomwaretrojan

Malware Config

Signatures

  • FluBot

    FluBot is an android banking trojan that uses overlays.

    bankertrojaninfostealerflubot
  • FluBot Payload 2 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware
  • Uses reflection 1 IoCs
    obfuscation

Processes

  • com.tencent.qqlivei18n.us
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    • Uses reflection
    PID:4044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.tencent.qqlivei18n.us/app_apkprotector_dex/LqMKL1Kz.gl
    MD5

    b06e27376e19980b87d16882bdfc994f

    SHA1

    a6da96484cdaa277639f1511c69173cf98b792b4

    SHA256

    8d844b5c2a27836e503320e5890e6eb714ab6c5108765e8c0ad4b5afeaf65ac9

    SHA512

    6403271a2d9edc63bad1fed08f41e0c543b0fbe2334ee739dadc677e4766aa79256ddc9e5e13431d159b1973da3198e10b4026dc7c9a880dbcb7415fb1917c8e

    Download Submit
  • /data/user/0/com.tencent.qqlivei18n.us/app_apkprotector_dex/LqMKL1Kz.gl
    MD5

    7080d5da543119f20b98afd827c74986

    SHA1

    0287ea50c65959f460fa7c011f329b212a142f98

    SHA256

    4e7b2d9db998235580646fbac36820853963a26395e9c1a4014f1a49209959d2

    SHA512

    1949f982b15cc2393e5aa4aa922c926812b1551339399a730ecb2c3a2858d671243ea92e8570559242f95e1469b874c47d43bcf20297aa7a3820f5445491b7ec

    Download Submit
  • /data/user/0/com.tencent.qqlivei18n.us/app_apkprotector_dex/LqMKL1Kz.gl
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/com.tencent.qqlivei18n.us/shared_prefs/Voicemail.xml
    MD5

    92a7ee3de953d42971aa770890502e22

    SHA1

    0ef062b199fb24f628d50fea999defd2d4e957ad

    SHA256

    fda66ceb7e3c8fd742e1740087dc07cd7114daa7c5257cb51b2808a86fda7b8f

    SHA512

    65fd6d85c6e0280b9b16813d4a6334aef3882e56e450565d7cf92380f26d4d1c433064e78968603722ecdc3379bbf418c1f0cb5e3bb9e7050ef2dcf311a235bd

    Download Submit