flubot | 5c4dc3463ce23ec3628f80cd65c90fae221bdab8e92631ef1e536704c2a47a60 | Triage

Submit
Reports

Overview

overview

Static

static

8

Android APK

android_x64

Sharing

General

Target

5c4dc3463ce23ec3628f80cd65c90fae221bdab8e92631ef1e536704c2a47a60.apk
Size

3.0MB
Sample

210720-pmmdbmzp82
MD5

6a679f7d5a4681fb7e95e730aa7363a0
SHA1

3260270aea544eb415ca07861a75b17d1e2a1c61
SHA256

5c4dc3463ce23ec3628f80cd65c90fae221bdab8e92631ef1e536704c2a47a60
SHA512

724185620d7964d0ed5e08d8f4a0a95ddbcc55333b6ffabc98fa3ae759ed839d546044ef80acc5096d3e0b1213b73ca4d6ebba37d803be1bbd3a496c74c4cfbd

Score

10^/10

flubot android banker infostealer obfuscation ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

5c4dc3463ce23ec3628f80cd65c90fae221bdab8e92631ef1e536704c2a47a60.apk

Resource

android-x64-arm64

flubot banker infostealer obfuscation ransomware trojan

android_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  5c4dc3463ce23ec3628f80cd65c90fae221bdab8e92631ef1e536704c2a47a60.apk
- Size
  
  3.0MB
- MD5
  
  6a679f7d5a4681fb7e95e730aa7363a0
- SHA1
  
  3260270aea544eb415ca07861a75b17d1e2a1c61
- SHA256
  
  5c4dc3463ce23ec3628f80cd65c90fae221bdab8e92631ef1e536704c2a47a60
- SHA512
  
  724185620d7964d0ed5e08d8f4a0a95ddbcc55333b6ffabc98fa3ae759ed839d546044ef80acc5096d3e0b1213b73ca4d6ebba37d803be1bbd3a496c74c4cfbd
Score

10^/10

flubot banker infostealer obfuscation ransomware trojan
- FluBot
  FluBot is an android banking trojan that uses overlays.
  banker trojan infostealer flubot
- FluBot Payload
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Requests enabling of the accessibility settings.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

flubotbankerinfostealerobfuscationransomwaretrojan

© 2018-2024

Terms | Privacy