Analysis

  • max time kernel
    1305905s
  • max time network
    69s
  • platform
    android_x64
  • resource
    android-x64-arm64
  • submitted
    16-08-2021 07:20

General

  • Target

    55f479f47852acadd57595f0a08628c13318842633a2a0b94d6bbe45f10d31ef.apk

  • Size

    4.6MB

  • MD5

    016d5ee98f7773e1d95f60a2393a8a0c

  • SHA1

    58266a8c727a531a575d0fd31fdb110a5cc1c083

  • SHA256

    55f479f47852acadd57595f0a08628c13318842633a2a0b94d6bbe45f10d31ef

  • SHA512

    6248badfc2a5b3af6be435f85baa74bc494745d50f3928c440ab89f0fb571393216e0488c441314281f16c0347a660e0d971621de82e6078c81b63656cd001ae

Malware Config

Signatures

  • FluBot

    FluBot is an android banking trojan that uses overlays.

  • FluBot Payload 2 IoCs
  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

Processes

  • com.baidu.searchbox
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4228

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads