Overview

overview

10

Static

static

7

010e254eb6...02.apk

android-9-x86

10

010e254eb6...02.apk

android-10-x64

10

010e254eb6...02.apk

android-11-x64

1

Analysis

  • max time kernel
    1798623s
  • max time network
    313s
  • platform
    android_x64
  • resource
    android-x64-20220621-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20220621-enlocale:en-usos:android-10-x64system
  • submitted
    04-08-2022 23:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    010e254eb6bf9494becdd888901245e1ccd03e5421a0996e59c102ac819dc202.apk

  • Size

    3.3MB

  • MD5

    a7b162b55d1e152244aae828a156fc40

  • SHA1

    049e5c032000259d053998db6844b6c76b30ab5d

  • SHA256

    010e254eb6bf9494becdd888901245e1ccd03e5421a0996e59c102ac819dc202

  • SHA512

    24526bc5ffcf4a173bfca984af7db0f1c4141c57a09086ba385401eddd39acdc64f263f00c971cd9d9f923191b4f8c66d6b0da18fca91ccc517cba51d74ee4cd

Score
10/10
flubotbankerdiscoveryinfostealerransomwaretrojan

Malware Config

Signatures

  • FluBot

    FluBot is an android banking trojan that uses overlays.

    bankertrojaninfostealerflubot
  • FluBot payload 3 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.sina.weibo
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:5748

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.sina.weibo/app_apkprotector_dex/Zw6IGlco.ppt
    Filesize

    2.3MB

    MD5

    44e5099c255320beb84c347c28d9ffba

    SHA1

    32bccc9ebf25868ac299f14f45da44e166f424f1

    SHA256

    51a29d7ced99b68bf97e8dfff99f3a99aa157c7e6f86161e83935f750c5c73d3

    SHA512

    4efcbd07e80007e6b2c178c203a218cdcdba2c58347010485148e237aa4bc4b6a8c9aa2b53a9907b430349a1643e5e262e4049541dbab09a171b4f0ce73a9d88

    Download Submit

  • /data/user/0/com.sina.weibo/app_apkprotector_dex/Zw6IGlco.ppt
    Filesize

    2.3MB

    MD5

    44e5099c255320beb84c347c28d9ffba

    SHA1

    32bccc9ebf25868ac299f14f45da44e166f424f1

    SHA256

    51a29d7ced99b68bf97e8dfff99f3a99aa157c7e6f86161e83935f750c5c73d3

    SHA512

    4efcbd07e80007e6b2c178c203a218cdcdba2c58347010485148e237aa4bc4b6a8c9aa2b53a9907b430349a1643e5e262e4049541dbab09a171b4f0ce73a9d88

    Download Submit

  • /data/user/0/com.sina.weibo/app_apkprotector_dex/Zw6IGlco.ppt
    Filesize

    2.3MB

    MD5

    44e5099c255320beb84c347c28d9ffba

    SHA1

    32bccc9ebf25868ac299f14f45da44e166f424f1

    SHA256

    51a29d7ced99b68bf97e8dfff99f3a99aa157c7e6f86161e83935f750c5c73d3

    SHA512

    4efcbd07e80007e6b2c178c203a218cdcdba2c58347010485148e237aa4bc4b6a8c9aa2b53a9907b430349a1643e5e262e4049541dbab09a171b4f0ce73a9d88

    Download Submit