Overview

overview

10

Static

static

8

Android APK

android_x64

10

Analysis

  • max time kernel
    3977624s
  • max time network
    99s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    28-07-2021 12:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    34fa8ba91e4cdd55310c9be7ea50e027fa9595038330c38590cb322d2f18f7d1.apk

  • Size

    3.8MB

  • MD5

    9cd8ee4c4e75a2d35f70a3e8a117e88f

  • SHA1

    c7a2612a11828abae920b3d3c2db05938567c3ac

  • SHA256

    34fa8ba91e4cdd55310c9be7ea50e027fa9595038330c38590cb322d2f18f7d1

  • SHA512

    885e031a3d14b4e93ed398f76679848f2ce66214b7c2729fa20562f9697998233d0bf0e2c7b4dea8ff35bb161a6b2b6b1ee32ef65f7283ba28b05178fe5517fa

Score
10/10
flubotbankerinfostealerobfuscationransomwaretrojan

Malware Config

Signatures

  • FluBot

    FluBot is an android banking trojan that uses overlays.

    bankertrojaninfostealerflubot
  • FluBot Payload 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware
  • Uses reflection 1 IoCs
    obfuscation

Processes

  • com.eg.android.AlipayGphone
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    • Uses reflection
    PID:3678

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.eg.android.AlipayGphone/app_apkprotector_dex/gMEnqyx2.elk
    MD5

    dbee6172aa8fdae46921b708cc65b532

    SHA1

    9cf48bbe4dd4ef794cdb9def16a475ac3295e19b

    SHA256

    a7d60d533bef888c4e62776ff9931fd540072826421276479b248046fe194d02

    SHA512

    8f95f1326b18d14ae1c80cc3f943eff22a892e60016a6ad2a5d8ab57e2b64aa2eadf8319e38b0cbc2d842136a5735b9f4332ea88cac06e92b365af760b7979fb

    Download Submit
  • /data/user/0/com.eg.android.AlipayGphone/app_apkprotector_dex/gMEnqyx2.elk
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/com.eg.android.AlipayGphone/app_apkprotector_dex/gMEnqyx2.elk
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/com.eg.android.AlipayGphone/shared_prefs/Voicemail.xml
    MD5

    ad787b4633ad4a01a26c24af3b497a71

    SHA1

    b4391eb6dd813c874a3096d8a047f13f87002248

    SHA256

    4cd2c44696fbc976ded0d44a0821f1a6936adfde5b50c38bd709a2825c4b7371

    SHA512

    5d4842c915c9d52b258de4a0d54b373145794f2e407ab66c0eff88219a75778c2c4fe09b112b83f26bd50b15297d8a850baeef5e939266c18bd0848931ea6cc2

    Download Submit