malibot | bfa9a861d953247eea496f4a587f59e9ee847e47a68c67a4946a927c37b042c4

Analysis

max time kernel
2240842s
max time network
162s
platform
android_x64
resource
android-x64-20220310-en
submitted
21-06-2022 09:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bfa9a861d953247eea496f4a587f59e9ee847e47a68c67a4946a927c37b042c4.apk
Size

4.6MB
MD5

f418c75d5a0eb0186f5111770180e6dd
SHA1

f098f8a8f7a195e2c16dc2127e74237a65dbf024
SHA256

bfa9a861d953247eea496f4a587f59e9ee847e47a68c67a4946a927c37b042c4
SHA512

eb78728d813583a0b74e3ba1226dea8935cd4659f8a88e273f4dd16466a7449f1b2d9eed58faa90496745eb57644e699d8c332bfb4a632530ea40f9490007fd1

Score

10^/10

malibot banker infostealer trojan

Malware Config

Signatures

Malibot payload 1 IoCs

Processes:

resource	yara_rule
/data/user/0/com.vvozewzes.zbggimdsu/httkGtUgfI/HUgItyj7It7Gauf/base.apk.w88gItg1.pUU	family_malibot

malibot
Malibot is an Android banking malware with the ability to bypass 2FA/MFA codes.
infostealer trojan banker malibot
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

com.vvozewzes.zbggimdsu

ioc pid process

/data/user/0/com.vvozewzes.zbggimdsu/httkGtUgfI/HUgItyj7It7Gauf/base.apk.w88gItg1.pUU 6225 com.vvozewzes.zbggimdsu

ioc	pid	process
/data/user/0/com.vvozewzes.zbggimdsu/httkGtUgfI/HUgItyj7It7Gauf/base.apk.w88gItg1.pUU	6225	com.vvozewzes.zbggimdsu

com.vvozewzes.zbggimdsu
1⤵
- Loads dropped Dex/Jar
PID:6225

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.vvozewzes.zbggimdsu/app_webview/.com.google.Chrome.Mrww1I
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/app_webview/Cookies
Filesize
64KB

MD5
9b23e6a88d5a95f155f205cb04b93cd0

SHA1
b62dccbbef087a0731f226b96d15d35d8aa5e5fc

SHA256
f2f3c3c0c7f085399a6f9a464c1ac30a59ceeb5a4b7026286fa5609e6e8ef857

SHA512
bce5f25d98e2e8296c4101b62082dcb6a43902f3431ff6f725e41be6b9aece76e887ef94c4818baf4da845708fd76fd51c37fb6915710c870647593868f27482

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/app_webview/Cookies-journal
Filesize
1KB

MD5
5b3832a2dc3f55e2c27351a24357957e

SHA1
35146e6741d8abff970bb78fa47fa764a9831ff9

SHA256
c01332b93c0a88d1e5b7e02152b4bd56d8400c609a33b5170bc12ee484455250

SHA512
66058d2237cee85dd8e129c1ff2699598c7bfb73fc72d7329f24a679895058f82a02efe0dde57b149ee7d4430c1df2e361a0f660b98c049a3ff459e85219143b

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/app_webview/GPUCache/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/app_webview/GPUCache/index-dir/temp-index
Filesize
96B

MD5
43f4d9172f814a3db326e09bf3db861d

SHA1
755572305847ac66d61d7d56d070f172aa7df6fa

SHA256
2ec9c03c45ca6ecb6ad097e75da9412db2f3e8f416174f21b48962ae0231bb1a

SHA512
fd9a29af0660079a77975794301b000026b0b8e87193ea19e29bdf9d812309ddada373e48516e7625f1c581ec11af6b977f5b4a9fdcd0eb9ff7dcada411e2314

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/app_webview/Web Data
Filesize
112KB

MD5
b663831f8cc130493476d94f2d7a5330

SHA1
043a1956ab8e40821d67043f8a9110a8eb36fb93

SHA256
c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

SHA512
e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/app_webview/Web Data-journal
Filesize
1KB

MD5
1ed42a7e1894659b0538635efc1e74dc

SHA1
bfe6439dc479e99349a093cf97d8932d2fda0368

SHA256
bbd17a700a24500aab8fbfe74c5fcacd483f0c577d879c135a0070bb7a1d9b50

SHA512
8517c66c8c29ffb41885cc73c66de221fa67feb3625cdb941a87eafb0275416a22f4adf4b3e13b4f2a9b1930ce3d498d7d12dc8dc5f61fdca5dfb5492b3d702b

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/app_webview/metrics_guid
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/app_webview/metrics_guid
Filesize
36B

MD5
2d3f24ff8ee9014d5dddb5d499e8e156

SHA1
fe5bbf7df0374ef2ac3cb5881ee3496558184b5e

SHA256
eb9fae7a4ed8210694967dc22ba0761de7d4106116eb4f9bd35988f910c1f209

SHA512
229a811d8e622f8d8a62fa645b63cce4e43ae4c13d16c547aa6edfe874477ae122c262d07290b908e471b019ebef206f6490b9e1e85132a1ad81155594b85d13

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/app_webview/webview_data.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/cache/WebView/Crashpad/settings.dat
Filesize
40B

MD5
d4b76a5c7452d5be4a61e579fb74be07

SHA1
5c9598d263135964288000ca6a32f0fa2d2d82cf

SHA256
501a2ffd29286d8831e7e823a4802336f4ad34fb9c073be0b6e64fe7d41950c5

SHA512
c07df5750912f1f76e4fdff7da3870de92021dab6be0ebbd173fdbed260d8a24f8deb8c811e30c6896e0ac7c4f8f6542bc28334e3aa839e323bdafa57c518816

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/cache/org.chromium.android_webview/4a3c275760892302_0
Filesize
326B

MD5
4f06b9d5d7887d8b048673c69755611b

SHA1
f31a55033b67ec3b85e44b6cf27bab02f498d730

SHA256
4553c1f8a92c8bed9ea0db602d9ae0cda35d943a3e81f24e77a11e1c9f2b1751

SHA512
de44ccb3fb37bdcc6a200c7a15f8db3f27f5d7cfc60c2ba23de9def40a260ccc0dcdad420d5ceec60b6c8f32914636c7a2527400c6945debd98b4fc0048458c0

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/cache/org.chromium.android_webview/90a35d8d0b0a34ce_0
Filesize
328B

MD5
360026027ded381c06cf3c7e9fb01c67

SHA1
51927fd13a6007ca941122575bcc0ac068366658

SHA256
e7d2f8e2a588f240b187393e1d7decc0910dbd1e02eccb375509c85950ec3d33

SHA512
d4b706ad71bd91a6d05b7bad566ad1d2a62628982d2efc72b1a6466ca6240bbc361499204d90b582c2a516715cd7b12b3b79cb4ad8e65b0bc4a782d6f2444d9c

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/cache/org.chromium.android_webview/Code Cache/js/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
Filesize
96B

MD5
fc5b27941925a8c1607bce895a0ae365

SHA1
0aa4af858a0964c0b6b5b7ff013090cd30065b88

SHA256
dece2526efd03bec252a0d65dc87759d7ec0c642a6123828f4f76de8efa031f1

SHA512
df9f1ec2a14db305b1179d8ff277edc96678aab802e0724cfe0c7ce9c736e3e6c704e2692d478c0e4657f08c923cd89f70e2013703bf1ea351980dc74f3bcf1a

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/cache/org.chromium.android_webview/fff73d4bb627c766_0
Filesize
336B

MD5
78977d2c95af88911598dc73484ad0d9

SHA1
888ef3599741eb170a38317134e066322aee7043

SHA256
d79718406c5bfbab484e6e5207d1985a74d7cfc4f3f554d159b1f5a81a333e96

SHA512
ad0b35900884d59ed1cecd3879433ff876bbba76703a4c825d5fe7f019f2114c42c5e357ef61566fdafa05b3d9b24b7a7874860f4f4d28f4699bd314def8c59c

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/cache/org.chromium.android_webview/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/cache/org.chromium.android_webview/index-dir/temp-index
Filesize
96B

MD5
90e206efa3e245cdeca009f1b4786510

SHA1
7cb784281ad9e3248d060d8a52db7ff377392dfd

SHA256
be49a4ec9d3825fdedbce3115dcbe0e62cd97e29d2470dde8d52276a8455728b

SHA512
60f1729007a384781e3e5db50d3fa7d7a727105fccd442160d211284090620252a66d02b699aaa7c5441d4009b51dc625d6d3744175d13a020697c00869e4638

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/cache/org.chromium.android_webview/index-dir/temp-index
Filesize
96B

MD5
9fa69065bc1a4aa4319b6320bb0bb8dc

SHA1
e5a86cea49b181baaca47986bdfd4caa041f6fca

SHA256
6db7010d2af8e2c9b8e521bdea1f061a741fc65773e10215ce38b2166c5c51c8

SHA512
00ca6874047c147125d6ddea7876323c7ccf9da73cec233eaf997dba372cb107cefb27543f64b44fb4890f22f8e52b6b69468fe2661eaacf4c37501b0bfbb4ff

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/httkGtUgfI/HUgItyj7It7Gauf/base.apk.w88gItg1.pUU
Filesize
1.6MB

MD5
4b3be813c34424efcad30d504494195d

SHA1
abeedbd2027a0665d6bd4aa5183c1e6b1cc8eea0

SHA256
775f33a8982d6cd926c7caa95c7d11f497e9e7c3b389914f7812a1c2ded58938

SHA512
33f42ab3e8286682117a75216bfa34b22371805a8a902caaaf77d73fc3e89347f0a382e3de3c73803978f8ea5830f92b219c95cc553485a3e636c2be8520f2c1

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/httkGtUgfI/HUgItyj7It7Gauf/gghydtf8.yotI
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/httkGtUgfI/HUgItyj7It7Gauf/tmp-base.apk.w88gItg8210461638680785491.pUU
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/shared_prefs/WebViewChromiumPrefs.xml
Filesize
127B

MD5
6ef709b8536878951e87c29a1518fc2b

SHA1
24376c70b00152501b3d98df61fa7db435339172

SHA256
10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

SHA512
96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/shared_prefs/com.android.launcher3.prefs.xml
Filesize
128B

MD5
20837fd8daf2a2de8d6c4ccd8e90653a

SHA1
7ac08617bd4585151c239325aea243d9eca586f7

SHA256
e05f0ae0ee70ef2efac07e999da273b5f506462b67549f9080f6cdf469d70cec

SHA512
a4fd7ac1ce847a84fe4f47c2e7079f00b16b86213fe840b70e3a55992a043da99ca6fe1c9a723e709e2ee3985ed3b7c5a299d1cf5b29e8228f3f81d3cbb6876a

Download Submit
/data/user/0/com.vvozewzes.zbggimdsu/shared_prefs/multidex.version.xml
Filesize
305B

MD5
1ba3c628d2ec3a7f3f9e3b9f675c3f57

SHA1
7387b6c7e064dff30d766c272f63867be4ca7634

SHA256
0e4f39f7751b6f376ec97f8501c2c5846276fe027e831d8980adb1a97daa5578

SHA512
2c10b30877b386487893cd2683cf7b577925075558d66c41bff9a4e3c37973f9dad62adc0ea10f3844d394d03a0157016e05a30e173c0e40f11ff5758dc3993c

Download Submit