General

  • Target

    50ab8059254a9581b14b6c93f27ec254b3b1d8d4d87b6a7ba8fadb7983f5fa68.apk

  • Size

    3.2MB

  • Sample

    210730-wp834x122j

  • MD5

    144d6b46aa4cda85a2802117880ca351

  • SHA1

    21b9ed52e0b7ac7bbccdc96660fe38b8ff1e3847

  • SHA256

    50ab8059254a9581b14b6c93f27ec254b3b1d8d4d87b6a7ba8fadb7983f5fa68

  • SHA512

    ddda482d17c5b7e81756b2d5fe2f3e4a663fac409cb13ec6d40e185ec178c450df57ca8d072bce23c18913b01fe273e2cbaa4104fc4b1783bbedfd8b808eb84b

Malware Config

Targets

    • Target

      50ab8059254a9581b14b6c93f27ec254b3b1d8d4d87b6a7ba8fadb7983f5fa68.apk

    • Size

      3.2MB

    • MD5

      144d6b46aa4cda85a2802117880ca351

    • SHA1

      21b9ed52e0b7ac7bbccdc96660fe38b8ff1e3847

    • SHA256

      50ab8059254a9581b14b6c93f27ec254b3b1d8d4d87b6a7ba8fadb7983f5fa68

    • SHA512

      ddda482d17c5b7e81756b2d5fe2f3e4a663fac409cb13ec6d40e185ec178c450df57ca8d072bce23c18913b01fe273e2cbaa4104fc4b1783bbedfd8b808eb84b

    • FluBot

      FluBot is an android banking trojan that uses overlays.

    • FluBot Payload

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks