Analysis
-
max time kernel
800006s -
max time network
39s -
platform
android_x64 -
resource
android-x64 -
submitted
10-08-2021 10:49
Static task
static1
Behavioral task
behavioral1
Sample
cfadda13dfd1ec1d1994b60fd457feeda2ae0f1c802ee828637f21d25b0d1f65.apk
Resource
android-x64
0 signatures
0 seconds
General
-
Target
cfadda13dfd1ec1d1994b60fd457feeda2ae0f1c802ee828637f21d25b0d1f65.apk
-
Size
3.4MB
-
MD5
1cf419a0e1b371b0dfb98a8d5cf93ffb
-
SHA1
604c25ba041c9899577ff3f1e0104e8a05b4b8a8
-
SHA256
cfadda13dfd1ec1d1994b60fd457feeda2ae0f1c802ee828637f21d25b0d1f65
-
SHA512
d19a8faaa078d0811f1fbfe026daf7ba403d9ac26b78ec94f4809e925244b432121473be9478c524150d3688ee44f169826148beb49b86401638c51d428800c4
Score
10/10
Malware Config
Signatures
-
FluBot
FluBot is an android banking trojan that uses overlays.
-
FluBot Payload 1 IoCs
resource yara_rule behavioral1/files/3646-0.dat family_flubot -
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.eg.android.AlipayGphone/app_apkprotector_dex/classes-v1.bin 3646 com.eg.android.AlipayGphone /data/user/0/com.eg.android.AlipayGphone/app_apkprotector_dex/classes-v1.bin 3646 com.eg.android.AlipayGphone