General

  • Target

    7608ac960fe7fc04d858384217c12017717f2b757192973462eb45001c07f6cb.apk

  • Size

    4.0MB

  • Sample

    210730-p4jq8b1wde

  • MD5

    e417823363af8a188fee2d61e456966b

  • SHA1

    1cb10bc583d37675e290158400c44804259ee8df

  • SHA256

    7608ac960fe7fc04d858384217c12017717f2b757192973462eb45001c07f6cb

  • SHA512

    994ac1049744d16fe36d02e9c541fb7cf2ab3978c2705b073f7779989b46c65176feb2d9a937aeca2b30046ca23fd815d44c95b481eaec9d33d6fe9be2c5f608

Malware Config

Targets

    • Target

      7608ac960fe7fc04d858384217c12017717f2b757192973462eb45001c07f6cb.apk

    • Size

      4.0MB

    • MD5

      e417823363af8a188fee2d61e456966b

    • SHA1

      1cb10bc583d37675e290158400c44804259ee8df

    • SHA256

      7608ac960fe7fc04d858384217c12017717f2b757192973462eb45001c07f6cb

    • SHA512

      994ac1049744d16fe36d02e9c541fb7cf2ab3978c2705b073f7779989b46c65176feb2d9a937aeca2b30046ca23fd815d44c95b481eaec9d33d6fe9be2c5f608

    • FluBot

      FluBot is an android banking trojan that uses overlays.

    • FluBot Payload

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Reads name of network operator

      Uses Android APIs to discover system information.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks