Overview

overview

10

Static

static

7

a2d3292bb8...61.apk

android_x64

10

Analysis

  • max time kernel
    2512950s
  • max time network
    55s
  • platform
    android_x64
  • resource
    android-x64-arm64
  • submitted
    07-12-2021 16:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a2d3292bb87f8d6b3ce4b45d9ae6d61b4b7398770f732b72c881f43b66a49461.apk

  • Size

    4.4MB

  • MD5

    e4b7d12eca4451af72379738e8d425f1

  • SHA1

    db43b7bec37baa08461a5ec1efec59d14479e5d9

  • SHA256

    a2d3292bb87f8d6b3ce4b45d9ae6d61b4b7398770f732b72c881f43b66a49461

  • SHA512

    a38d59569da4181c970d897f1d6dd22f588d43ad0e6190193fc5fb034104a740ebed585c684647f5ff1472602335ecd0a08580395230c147f96ede0cefcd50c3

Score
10/10
flubotbankerinfostealerransomwaretrojan

Malware Config

Signatures

  • FluBot

    FluBot is an android banking trojan that uses overlays.

    bankertrojaninfostealerflubot
  • FluBot Payload 4 IoCs
  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.eg.android.AlipayGphone
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4622

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads