flubot | eabe4aef231ac85bbbd2e085d7cbe993d1aa66eddd75289c829a4d17ed2b500a | Triage

Submit
Reports

Overview

overview

Static

static

7

eabe4a.apk

android_x64

Sharing

General

Target

eabe4a.apk
Size

4.8MB
Sample

220224-wvldyaddh3
MD5

3c27c60e3677c0f86760a765701eaf82
SHA1

f67a47fb399acf2a4efabf551687023d09481f4d
SHA256

eabe4aef231ac85bbbd2e085d7cbe993d1aa66eddd75289c829a4d17ed2b500a
SHA512

c5d751c829f3840db12ad5b5f7153882cc7cc8b5af677e40ea7326d8c65d7d247fa639775a55fc2feeca7de1c6d460df0424b2ea4bb18b7230288949c4044108

Score

10^/10

flubot android banker infostealer ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

eabe4a.apk

Resource

android-x64

flubot banker infostealer ransomware trojan

android_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  eabe4a.apk
- Size
  
  4.8MB
- MD5
  
  3c27c60e3677c0f86760a765701eaf82
- SHA1
  
  f67a47fb399acf2a4efabf551687023d09481f4d
- SHA256
  
  eabe4aef231ac85bbbd2e085d7cbe993d1aa66eddd75289c829a4d17ed2b500a
- SHA512
  
  c5d751c829f3840db12ad5b5f7153882cc7cc8b5af677e40ea7326d8c65d7d247fa639775a55fc2feeca7de1c6d460df0424b2ea4bb18b7230288949c4044108
Score

10^/10

flubot banker infostealer ransomware trojan
- FluBot
  FluBot is an android banking trojan that uses overlays.
  banker trojan infostealer flubot
- FluBot Payload
- Checks Qemu related system properties.
  Checks for Android system properties related to Qemu for Emulator detection.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

flubotbankerinfostealerransomwaretrojan

© 2018-2025

Terms | Privacy