General

  • Target

    25a5091406c412ecb379dc4b79ec7ff934e1ef260b3839e88f73eac430235301.apk

  • Size

    3.7MB

  • Sample

    210831-5t4qn9rd9x

  • MD5

    230df5328a4af2341914fbf5bea77998

  • SHA1

    c1cd71bd6a4d3e89d9f79ee954e730f33668ab29

  • SHA256

    25a5091406c412ecb379dc4b79ec7ff934e1ef260b3839e88f73eac430235301

  • SHA512

    4d41abc59474d73a8815455ce75a13f894367543d6273045d6dc07c0b3df34f60d7d8bfc14315b98a461d792a305bddd6d604144c25892a08d23bd6051c5c908

Malware Config

Targets

    • Target

      25a5091406c412ecb379dc4b79ec7ff934e1ef260b3839e88f73eac430235301.apk

    • Size

      3.7MB

    • MD5

      230df5328a4af2341914fbf5bea77998

    • SHA1

      c1cd71bd6a4d3e89d9f79ee954e730f33668ab29

    • SHA256

      25a5091406c412ecb379dc4b79ec7ff934e1ef260b3839e88f73eac430235301

    • SHA512

      4d41abc59474d73a8815455ce75a13f894367543d6273045d6dc07c0b3df34f60d7d8bfc14315b98a461d792a305bddd6d604144c25892a08d23bd6051c5c908

    • FluBot

      FluBot is an android banking trojan that uses overlays.

    • FluBot Payload

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks