flubot | 4b359ff36b1de73c5e2bc4e4b9ff2ae33a62707abff05e7bb7128ca880101b33 | Triage

Submit
Reports

Overview

overview

Static

static

7

6a03efa4ff...5e.apk

android_x86

Resubmissions

31-05-2022 16:17

220531-trrensbgb3 10

31-05-2022 16:16

220531-tq3rbafdcj 10

30-05-2022 16:50

220530-vcrmkagdbr 10

Sharing

General

Target

6a03efa4ffa38032edfb5b604672e8c9e01a324f8857b5848e8160593dfb325e.zip
Size

3.8MB
Sample

220531-tq3rbafdcj
MD5

ac33e882e71c51c017daea9a1b66faff
SHA1

bd46a0dd74a665bc75ae26350211dfe4a1a641ad
SHA256

4b359ff36b1de73c5e2bc4e4b9ff2ae33a62707abff05e7bb7128ca880101b33
SHA512

900d48e5a8dce78d820a33050529e8e8575a0cdc53898ccc339e7ad875b8790d7890b110ee8303fbca7f6717a9fbd133934885324a2f7a4ba4f04cfad6e9833b

Score

10^/10

flubot android banker infostealer ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

6a03efa4ffa38032edfb5b604672e8c9e01a324f8857b5848e8160593dfb325e.apk

Resource

android-x86-arm-20220310-en

flubot banker infostealer ransomware trojan

android_x86

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  6a03efa4ffa38032edfb5b604672e8c9e01a324f8857b5848e8160593dfb325e.apk
- Size
  
  4.0MB
- MD5
  
  1edd97885a8a7e88694be9971ac317e5
- SHA1
  
  64c4b39176709a7fa9be936b925b17fb53544da9
- SHA256
  
  6a03efa4ffa38032edfb5b604672e8c9e01a324f8857b5848e8160593dfb325e
- SHA512
  
  2aa25bae46e2c3f1ebdd2360c378f711ebc40fe82f9541d6a52d48f3ee14f46801a7125d6b02afdeaa342dfd96b6b22017cf7011e81fad749ce864b1703a077a
Score

10^/10

flubot banker infostealer ransomware trojan
- FluBot
  FluBot is an android banking trojan that uses overlays.
  banker trojan infostealer flubot
- FluBot Payload
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

flubotbankerinfostealerransomwaretrojan

© 2018-2024

Terms | Privacy