flubot | 36158735c5442bb6a2f5432226403905551f360d7ce99fa51e9d2b54b7cd02e7 | Triage

Submit
Reports

Overview

overview

Static

static

7

Voicemail52.apk

android_x64

Sharing

General

Target

Voicemail52.apk
Size

5.0MB
Sample

211126-rnfgwsgah7
MD5

5e3fb4a6f144335016f5d0773b0113fd
SHA1

1a555e9e7f65ebe7ab2c6a48e126c63bb38e7612
SHA256

36158735c5442bb6a2f5432226403905551f360d7ce99fa51e9d2b54b7cd02e7
SHA512

cd0aeedac720253a5ef1afbdfdaed7c7db9efa13c3423c329a83917746ca9cdc968ab4c01f2ee07dac6093a497d6224c0849348ade75d51b635411bf280ad340

Score

10^/10

flubot android banker infostealer ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

Voicemail52.apk

Resource

android-x64-arm64

flubot banker infostealer ransomware trojan

android_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Voicemail52.apk
- Size
  
  5.0MB
- MD5
  
  5e3fb4a6f144335016f5d0773b0113fd
- SHA1
  
  1a555e9e7f65ebe7ab2c6a48e126c63bb38e7612
- SHA256
  
  36158735c5442bb6a2f5432226403905551f360d7ce99fa51e9d2b54b7cd02e7
- SHA512
  
  cd0aeedac720253a5ef1afbdfdaed7c7db9efa13c3423c329a83917746ca9cdc968ab4c01f2ee07dac6093a497d6224c0849348ade75d51b635411bf280ad340
Score

10^/10

flubot banker infostealer ransomware trojan
- FluBot
  FluBot is an android banking trojan that uses overlays.
  banker trojan infostealer flubot
- FluBot Payload
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

flubotbankerinfostealerransomwaretrojan

© 2018-2024

Terms | Privacy