General

  • Target

    09ba5092361b8af7701a04f154232ff552344fd0d176154bdaeca98ad9c2d2e8.apk

  • Size

    3.8MB

  • Sample

    211005-s9e9paaddq

  • MD5

    349338e8f32019b585eba43e7031a826

  • SHA1

    86b64bcc2a851f5b601317b5f84176dc18a73fc1

  • SHA256

    09ba5092361b8af7701a04f154232ff552344fd0d176154bdaeca98ad9c2d2e8

  • SHA512

    57997d00746cc6001928fefa5d25eecad98ad85e364539f88f26bb4e6395f3524812bbd189d2b8f0b158d3fa9efd09b7931a0b95f8baa95b31730031e4a4d252

Malware Config

Targets

    • Target

      09ba5092361b8af7701a04f154232ff552344fd0d176154bdaeca98ad9c2d2e8.apk

    • Size

      3.8MB

    • MD5

      349338e8f32019b585eba43e7031a826

    • SHA1

      86b64bcc2a851f5b601317b5f84176dc18a73fc1

    • SHA256

      09ba5092361b8af7701a04f154232ff552344fd0d176154bdaeca98ad9c2d2e8

    • SHA512

      57997d00746cc6001928fefa5d25eecad98ad85e364539f88f26bb4e6395f3524812bbd189d2b8f0b158d3fa9efd09b7931a0b95f8baa95b31730031e4a4d252

    • FluBot

      FluBot is an android banking trojan that uses overlays.

    • FluBot Payload

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks