General

  • Target

    72e7df1b02eb67ac2ff1a4d96f1c16e332f5eb593e0f03c9f19bfe777a6d1faf.apk

  • Size

    4.4MB

  • Sample

    210920-pk65bsggbp

  • MD5

    42d480e32c2fe948d47fa0c5df347a3e

  • SHA1

    4260b2c299d9c13e88aeaf7181023c0b2a88fbe4

  • SHA256

    72e7df1b02eb67ac2ff1a4d96f1c16e332f5eb593e0f03c9f19bfe777a6d1faf

  • SHA512

    25ddd44aa064913c687c3ccea5c2c66889b162112e73ae94ad098abbbbe79cad46a341b2eea685a6a26b9f666378fdb425d37a097fd39be80fb11832106b7dd3

Malware Config

Targets

    • Target

      72e7df1b02eb67ac2ff1a4d96f1c16e332f5eb593e0f03c9f19bfe777a6d1faf.apk

    • Size

      4.4MB

    • MD5

      42d480e32c2fe948d47fa0c5df347a3e

    • SHA1

      4260b2c299d9c13e88aeaf7181023c0b2a88fbe4

    • SHA256

      72e7df1b02eb67ac2ff1a4d96f1c16e332f5eb593e0f03c9f19bfe777a6d1faf

    • SHA512

      25ddd44aa064913c687c3ccea5c2c66889b162112e73ae94ad098abbbbe79cad46a341b2eea685a6a26b9f666378fdb425d37a097fd39be80fb11832106b7dd3

    • FluBot

      FluBot is an android banking trojan that uses overlays.

    • FluBot Payload

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks