Analysis

  • max time kernel
    1395330s
  • max time network
    21s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    17-08-2021 08:10

General

  • Target

    152cd810aa27c2878d7b464e519a4a5be05347933ca2f916b78fa75f2bda1a03.apk

  • Size

    4.0MB

  • MD5

    0bca41c5ad1e7892f35b9a1ccf4606a1

  • SHA1

    0edd6af252b424016cc3c8943ecfba0da15203be

  • SHA256

    152cd810aa27c2878d7b464e519a4a5be05347933ca2f916b78fa75f2bda1a03

  • SHA512

    81af17a406c85aa695d9fbf2383e9910a6a4a7924d21d0bfecac9500a1b8df0ff491baf05aa69131f0abfed067bcc98b0d5f40071df338d83ce665450839fd57

Malware Config

Signatures

  • FluBot

    FluBot is an android banking trojan that uses overlays.

  • FluBot Payload 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
  • Uses reflection 1 IoCs

Processes

  • com.weico.international
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    • Uses reflection
    PID:3593

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads