Analysis

  • max time kernel
    800006s
  • max time network
    39s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    10-08-2021 10:49

General

  • Target

    cfadda13dfd1ec1d1994b60fd457feeda2ae0f1c802ee828637f21d25b0d1f65.apk

  • Size

    3.4MB

  • MD5

    1cf419a0e1b371b0dfb98a8d5cf93ffb

  • SHA1

    604c25ba041c9899577ff3f1e0104e8a05b4b8a8

  • SHA256

    cfadda13dfd1ec1d1994b60fd457feeda2ae0f1c802ee828637f21d25b0d1f65

  • SHA512

    d19a8faaa078d0811f1fbfe026daf7ba403d9ac26b78ec94f4809e925244b432121473be9478c524150d3688ee44f169826148beb49b86401638c51d428800c4

Malware Config

Signatures

  • FluBot

    FluBot is an android banking trojan that uses overlays.

  • FluBot Payload 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.eg.android.AlipayGphone
    1⤵
    • Loads dropped Dex/Jar
    PID:3646

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads