Overview

overview

10

Static

static

7

sample.apk

android_x86

10

sample.apk

android_x64

10

sample.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    01998d6e433b1ea41d7cd1528a79da62a91dd4533d6b8d2e5923d40360c343cf.apk

  • Size

    3.3MB

  • Sample

    220616-w8yanagfbp

  • MD5

    0433e8c3aeae9bb101a178a122c0ec5d

  • SHA1

    330fce8332a630a3f40fdaea1b71990e6a318c14

  • SHA256

    01998d6e433b1ea41d7cd1528a79da62a91dd4533d6b8d2e5923d40360c343cf

  • SHA512

    d268f4cb291d5153c13de874e508ecc80c43a7f0927f26352a675b85f18d4a27a7fe863473a746be0af123fc538873899d1394f48edc23e9e79a3494c081725e

Score
10/10
flubotandroidbankerinfostealerransomwaresuricatatrojan

Malware Config

Targets

    • Target

      sample

    • Size

      3.4MB

    • MD5

      9c187f8c200be61fce81de6a05b58b48

    • SHA1

      fe733f1019524a7dc867f0698907a8ff2b0c94e8

    • SHA256

      50ba1da49359b0771970ab8416eaa99eed8a3780a2f8c0bed360cd55ef02fc40

    • SHA512

      b8de15ebe15231292f40912ea3ebf669246679592d630588d1c0e180fceb3ec80c811bc82e57c3048267ce2c1ac3cae652d68a3c86896c6985409a911d9314bb

    Score
    10/10
    flubotbankerinfostealerransomwaresuricatatrojan

    • FluBot

      FluBot is an android banking trojan that uses overlays.

      bankertrojaninfostealerflubot

    • FluBot Payload

    • suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

      suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

      suricata

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks