Resubmissions

13-08-2021 14:18

210813-a2lr1cn6vs 7

Analysis

  • max time kernel
    1410227s
  • max time network
    315s
  • platform
    android_x64
  • resource
    android-x64-arm64
  • submitted
    17-08-2021 11:08

General

  • Target

    a0181864eed9294cac0d278fa0eadabe68b3adb333eeb2e26cc082836f82489d.apk

  • Size

    3.8MB

  • MD5

    c23426edaf37a2fc6fc3a6e5daa17bfa

  • SHA1

    a362e1aaf8bc7a7491b10eab252c3b7ee8532a46

  • SHA256

    a0181864eed9294cac0d278fa0eadabe68b3adb333eeb2e26cc082836f82489d

  • SHA512

    98b78e62a63d87ddc55722658e85acb5f9ba4b792578ca8868e8214e04f4336e9728bec2c386b6afbac4f2183f8232d6e958b215c5c0948746f4254d32ffa2ff

Malware Config

Signatures

  • FluBot

    FluBot is an android banking trojan that uses overlays.

  • FluBot Payload 1 IoCs
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 1 IoCs

Processes

  • com.didiglobal.passenger
    1⤵
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:4135

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads