Overview

overview

10

Static

static

7

eabe4a.apk

android_x64

10

Analysis

  • max time kernel
    754111s
  • max time network
    128s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    24-02-2022 18:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eabe4a.apk

  • Size

    4.8MB

  • MD5

    3c27c60e3677c0f86760a765701eaf82

  • SHA1

    f67a47fb399acf2a4efabf551687023d09481f4d

  • SHA256

    eabe4aef231ac85bbbd2e085d7cbe993d1aa66eddd75289c829a4d17ed2b500a

  • SHA512

    c5d751c829f3840db12ad5b5f7153882cc7cc8b5af677e40ea7326d8c65d7d247fa639775a55fc2feeca7de1c6d460df0424b2ea4bb18b7230288949c4044108

Score
10/10
flubotbankerinfostealerransomwaretrojan

Malware Config

Signatures

  • FluBot

    FluBot is an android banking trojan that uses overlays.

    bankertrojaninfostealerflubot
  • FluBot Payload 1 IoCs
  • Checks Qemu related system properties. 1 IoCs

    Checks for Android system properties related to Qemu for Emulator detection.

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.tencent.mobileqq
    1⤵
    • Checks Qemu related system properties.
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:3803

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads