General

  • Target

    Voicemail77.apk

  • Size

    3.0MB

  • Sample

    210724-m92wyxr9ys

  • MD5

    8b116440dae67d7a258c225fd7770bfd

  • SHA1

    975d318bc82096c586913654e9f15ca643cfabd7

  • SHA256

    7dcb4c377eebc1d4c5efd5ef873d9d82fc0dcf1ed1ec7ce9884ca09341fc012e

  • SHA512

    b3f64e1532f030988daef21287fd52f9d1abf9a3fcad8eb5e8edbcabd47c1d413259b00f5c409221ded18ba66c5639df13245438369f5bbf20094fffeedc559e

Malware Config

Targets

    • Target

      Voicemail77.apk

    • Size

      3.0MB

    • MD5

      8b116440dae67d7a258c225fd7770bfd

    • SHA1

      975d318bc82096c586913654e9f15ca643cfabd7

    • SHA256

      7dcb4c377eebc1d4c5efd5ef873d9d82fc0dcf1ed1ec7ce9884ca09341fc012e

    • SHA512

      b3f64e1532f030988daef21287fd52f9d1abf9a3fcad8eb5e8edbcabd47c1d413259b00f5c409221ded18ba66c5639df13245438369f5bbf20094fffeedc559e

    • FluBot

      FluBot is an android banking trojan that uses overlays.

    • FluBot Payload

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

MITRE ATT&CK Matrix

Tasks