General

  • Target

    a283dfda4e6b1b1f7fcf3283047590eeb24df33a9f0f13584cfa17c26cfe1156-flubot.apk

  • Size

    3.8MB

  • Sample

    211004-q2wwcsgeaq

  • MD5

    d736713b28a637792d6176dbb771a8cc

  • SHA1

    8d4888272831d82f0e3ca0aa691a7cec2311f251

  • SHA256

    a283dfda4e6b1b1f7fcf3283047590eeb24df33a9f0f13584cfa17c26cfe1156

  • SHA512

    1ed04ac9d5d1041c756d88e24d4897be10a6ac9a8cbc7cfb3dfecf54409176ddbbffa8d050772145150e6d0a9285fce2c5082ef33b98a10f468cdfc75d4a26da

Malware Config

Targets

    • Target

      a283dfda4e6b1b1f7fcf3283047590eeb24df33a9f0f13584cfa17c26cfe1156-flubot.apk

    • Size

      3.8MB

    • MD5

      d736713b28a637792d6176dbb771a8cc

    • SHA1

      8d4888272831d82f0e3ca0aa691a7cec2311f251

    • SHA256

      a283dfda4e6b1b1f7fcf3283047590eeb24df33a9f0f13584cfa17c26cfe1156

    • SHA512

      1ed04ac9d5d1041c756d88e24d4897be10a6ac9a8cbc7cfb3dfecf54409176ddbbffa8d050772145150e6d0a9285fce2c5082ef33b98a10f468cdfc75d4a26da

    • FluBot

      FluBot is an android banking trojan that uses overlays.

    • FluBot Payload

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks