General

  • Target

    e9eb8990343abac3664761125ab88ac21c2cc08e010e976883e7dcb0a5ceb5d6.apk

  • Size

    3.0MB

  • Sample

    210728-8mq5pece9j

  • MD5

    394edb611e14492bd2eee8664c4fb45f

  • SHA1

    03afd838bdae5b9c8cf668d41e2ba05cf3ef6fe9

  • SHA256

    e9eb8990343abac3664761125ab88ac21c2cc08e010e976883e7dcb0a5ceb5d6

  • SHA512

    0c5d726a656c077dd3eae70b6980baa86ae1959e39555302caae3a0774f5ce749a7b5922980cc7b9035061583ee2ce6136f5cdf188b6e5463b7ee9a17a9892a4

Malware Config

Targets

    • Target

      e9eb8990343abac3664761125ab88ac21c2cc08e010e976883e7dcb0a5ceb5d6.apk

    • Size

      3.0MB

    • MD5

      394edb611e14492bd2eee8664c4fb45f

    • SHA1

      03afd838bdae5b9c8cf668d41e2ba05cf3ef6fe9

    • SHA256

      e9eb8990343abac3664761125ab88ac21c2cc08e010e976883e7dcb0a5ceb5d6

    • SHA512

      0c5d726a656c077dd3eae70b6980baa86ae1959e39555302caae3a0774f5ce749a7b5922980cc7b9035061583ee2ce6136f5cdf188b6e5463b7ee9a17a9892a4

    • FluBot

      FluBot is an android banking trojan that uses overlays.

    • FluBot Payload

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Reads name of network operator

      Uses Android APIs to discover system information.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks