General

  • Target

    b8f5b4833dfad08899190b96e8e05274e7486c212d75590d773f9ad0e1b20534.apk

  • Size

    4.1MB

  • Sample

    210728-r6vzfk1ns2

  • MD5

    a734b48f5d593c76a8a147f64602f855

  • SHA1

    cf3f799eac565500546b8bcbc337f3856cabf656

  • SHA256

    b8f5b4833dfad08899190b96e8e05274e7486c212d75590d773f9ad0e1b20534

  • SHA512

    22805437edf431b802e7467fb296e7beb6af08220389361edaa1469d06a9ce5a664a5ae1aa450e916ec1d9bf475f412e62356be1ab0afb0687fdc180f6a3b1b5

Malware Config

Targets

    • Target

      b8f5b4833dfad08899190b96e8e05274e7486c212d75590d773f9ad0e1b20534.apk

    • Size

      4.1MB

    • MD5

      a734b48f5d593c76a8a147f64602f855

    • SHA1

      cf3f799eac565500546b8bcbc337f3856cabf656

    • SHA256

      b8f5b4833dfad08899190b96e8e05274e7486c212d75590d773f9ad0e1b20534

    • SHA512

      22805437edf431b802e7467fb296e7beb6af08220389361edaa1469d06a9ce5a664a5ae1aa450e916ec1d9bf475f412e62356be1ab0afb0687fdc180f6a3b1b5

    • FluBot

      FluBot is an android banking trojan that uses overlays.

    • FluBot Payload

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks