General

  • Target

    aa444584a4bc3f78f37215aac14a5653f11580d823f977c78f52cb2f4c518108.apk

  • Size

    3.2MB

  • Sample

    210809-mykjrpvzqx

  • MD5

    a17a9761fa8a58d98f66894777190197

  • SHA1

    8fdb78b252d8b9a57f6a492684b20b108430e175

  • SHA256

    aa444584a4bc3f78f37215aac14a5653f11580d823f977c78f52cb2f4c518108

  • SHA512

    3556dc39ab1af1df6c90763edfdb6d5b42708a08d8b321fe58b1dc01b7986268455f85788ee5139a88ecb2c02e0519215a105f916449a66f697befffef2a2397

Malware Config

Targets

    • Target

      aa444584a4bc3f78f37215aac14a5653f11580d823f977c78f52cb2f4c518108.apk

    • Size

      3.2MB

    • MD5

      a17a9761fa8a58d98f66894777190197

    • SHA1

      8fdb78b252d8b9a57f6a492684b20b108430e175

    • SHA256

      aa444584a4bc3f78f37215aac14a5653f11580d823f977c78f52cb2f4c518108

    • SHA512

      3556dc39ab1af1df6c90763edfdb6d5b42708a08d8b321fe58b1dc01b7986268455f85788ee5139a88ecb2c02e0519215a105f916449a66f697befffef2a2397

    • FluBot

      FluBot is an android banking trojan that uses overlays.

    • FluBot Payload

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks