Overview

overview

10

Static

static

8

Android APK

android_x64

10

Analysis

  • max time kernel
    3368062s
  • max time network
    58s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    21-07-2021 11:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    81d09b68ccddda05085807a382bc7f87024eb53030b84abf29d5cb99341471dc.apk

  • Size

    4.5MB

  • MD5

    de8c38f483bfba1f632f74ef3233ad04

  • SHA1

    9bb92968b432c31bceee7265bd73ef9ff9602e67

  • SHA256

    81d09b68ccddda05085807a382bc7f87024eb53030b84abf29d5cb99341471dc

  • SHA512

    bce8f34db119369c12763200b3fb35a49aa980577ae3412b468089c856674a45493448d729d73fbfe213d2cf59c00e7f3c1377e55fd96fe42444560ca6dbfa35

Score
10/10
flubotbankerinfostealerobfuscationransomwaretrojan

Malware Config

Signatures

  • FluBot

    FluBot is an android banking trojan that uses overlays.

    bankertrojaninfostealerflubot
  • FluBot Payload 1 IoCs
  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware
  • Uses reflection 1 IoCs
    obfuscation

Processes

  • com.bilibili.app.in
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    • Uses reflection
    PID:3766

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.bilibili.app.in/app_apkprotector_dex/hf94IPlR.pi
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/data/com.bilibili.app.in/app_apkprotector_dex/hf94IPlR.pi
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/com.bilibili.app.in/app_apkprotector_dex/hf94IPlR.pi
    MD5

    4682a5c768f1be9ab78f783d926066b1

    SHA1

    b8d53fb928e30039715918d185800434d7d013c5

    SHA256

    66efc83131839cf5f89e4396ccc83d0091b203c557df22f5c925482c198acf03

    SHA512

    4cdd288a3a73fc4600148a19e759cc8a2ec97fad7d9ec27628ff02fb0803b87a799f5099996a241c85ef223bfbb2c2a92597dcb235181f0416746385cb63d8e9

    Download Submit
  • /data/user/0/com.bilibili.app.in/app_apkprotector_dex/hf94IPlR.pi
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/com.bilibili.app.in/app_apkprotector_dex/hf94IPlR.pi
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/com.bilibili.app.in/shared_prefs/Voicemail.xml
    MD5

    28ef11647f26515c8554de55bc735ec8

    SHA1

    172d8f52550c7bb276a687943334145f689c996c

    SHA256

    20301be89c38268c419db1a802edee905e232698126c92deda2a8d951cd8865f

    SHA512

    4529477673cb31bf62354a640d83c63cd04984a679cc0d5948ff6e34f41a5a53cdae5c3410ec38062eef63f898cb69d48f075fec2eb39bbc8b77e1ee9fe03f8d

    Download Submit