Overview

overview

10

Static

static

7

43b393b37c...42.apk

android_x86

10

43b393b37c...42.apk

android_x64

10

43b393b37c...42.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    43b393b37cb1c99d67812f7bf0fb266536929bb44e03c0fd26448e50689be842

  • Size

    4.6MB

  • Sample

    220707-1yhvfafff4

  • MD5

    e217d5f901d965a9571cc0e0f37acf8b

  • SHA1

    8a69948f3be45c2d7f3d26f98a55f5440e0f661e

  • SHA256

    43b393b37cb1c99d67812f7bf0fb266536929bb44e03c0fd26448e50689be842

  • SHA512

    5d3853d4ee21b915dbb5713c2538ba4e53409247899afd95130502cd2810e873981c12e22d9ab2a5d9d7190bb5804b373c9c1d7d20fae822c8ddb9342faf19c5

Score
10/10
flubotandroidbankerdiscoveryevasioninfostealerransomwaretrojan

Malware Config

Targets

    • Target

      43b393b37cb1c99d67812f7bf0fb266536929bb44e03c0fd26448e50689be842

    • Size

      4.6MB

    • MD5

      e217d5f901d965a9571cc0e0f37acf8b

    • SHA1

      8a69948f3be45c2d7f3d26f98a55f5440e0f661e

    • SHA256

      43b393b37cb1c99d67812f7bf0fb266536929bb44e03c0fd26448e50689be842

    • SHA512

      5d3853d4ee21b915dbb5713c2538ba4e53409247899afd95130502cd2810e873981c12e22d9ab2a5d9d7190bb5804b373c9c1d7d20fae822c8ddb9342faf19c5

    Score
    10/10
    flubotbankerdiscoveryevasioninfostealerransomwaretrojan

    • FluBot

      FluBot is an android banking trojan that uses overlays.

      bankertrojaninfostealerflubot

    • FluBot payload

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v6

Tasks