Overview

overview

10

Static

static

7

DHLx25.apk

android-9-x86

10

DHLx25.apk

android-10-x64

10

DHLx25.apk

android-11-x64

10

Analysis

  • max time kernel
    3483761s
  • max time network
    159s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    24-08-2022 11:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DHLx25.apk

  • Size

    4.5MB

  • MD5

    6c0c1ee3e7975428e7c1423275598148

  • SHA1

    7c0d4db1a811ac5b309862096fd83369488f479c

  • SHA256

    446c6ef506cdc21f0c207f5de701fe1170bf4b2f2a7874c9d957b41702ea398d

  • SHA512

    4a7a71d2fd2b2ee916219a1575526de5a2e3c1c2d5bc1142799fd633cb74e6310e5836a68ad11744e3b4e29740fe0f41c650f2e8e64053c21f76c21a4e752d0c

  • SSDEEP

    98304:FMX/zsBkQwFIpogLIdEwviHkTDvfMdTfrXkJ+r1/94fAPbYj3W3w19:FowBDwINIawsk3p8r+D3d

Score
10/10
flubotbankerdiscoveryevasioninfostealertrojan

Malware Config

Signatures

  • FluBot

    FluBot is an android banking trojan that uses overlays.

    bankertrojaninfostealerflubot
  • FluBot payload 2 IoCs
  • Makes use of the framework's Accessibility service. 3 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Reads information about phone network operator.
  • Removes a system notification. 1 IoCs
    evasion

Processes

  • com.thestore.main
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    • Removes a system notification.
    PID:4148
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.thestore.main/swc5ul9hkh/dg9xbvk4elihluh/base.apk.ihjcGzk1.hvk --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.thestore.main/swc5ul9hkh/dg9xbvk4elihluh/oat/x86/base.apk.ihjcGzk1.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4246

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.thestore.main/shared_prefs/DHL.xml
    Filesize

    133B

    MD5

    5c9cb5d401409ff50c51660571fe82d5

    SHA1

    c6fbfe01e5e6c39e7d7b69bae69c06b75b97971f

    SHA256

    f854279c69e4c768caba47eefb035af0b9a27f3d1bc618cafb53213bd10500a2

    SHA512

    433e850179678fb146d727005c863290206c2a98a4ad8c6c1b9cdce24d222b67619ff50fa42050a8344d803f3ec1e4cbc0a632b3b2a73d6f731da33e79eef0cf

    Download Submit

  • /data/user/0/com.thestore.main/shared_prefs/DHL.xml
    Filesize

    197B

    MD5

    a644d516b22d02e57177009202f64c0e

    SHA1

    23bd195bb6afb24442a8ac0122edd587476ee621

    SHA256

    7e9586f1ef8e54a20cbbbc4e06056391cf97f9aaf952d6c858547b96bb9628e8

    SHA512

    cdda6c77823ce736bfadc0559e83d1183dc572d987eff20bc6ab681dad2e48ee4aa8256650271f1cae299dae3433ec724d5282b5cb3d28b8de3f8a5be290f192

    Download Submit

  • /data/user/0/com.thestore.main/shared_prefs/multidex.version.xml
    Filesize

    307B

    MD5

    200d735ed78f3c892eb627af9914fdaa

    SHA1

    b173d0a94a9c3713e28884ad06f0ef039001162e

    SHA256

    7c6589b5accdc062ac17b7181fdf488771bc7d55a5a6a99db3bbadd5bf3514af

    SHA512

    444161a4023f4631aa7dbbc2f7254fa4abe70c0e135c8573b99f9c2496514da936888d24f6b1b1cfee0ee41853ff974374b422985a1825f8fd701c370ea38fb6

    Download Submit

  • /data/user/0/com.thestore.main/swc5ul9hkh/dg9xbvk4elihluh/base.apk.ihjcGzk1.hvk
    Filesize

    2.2MB

    MD5

    6db3d821ef57fa7dad56bf0985b7b5e1

    SHA1

    fde4d3821fa12b5aa5cf8a11bca6b300cfde3647

    SHA256

    da4f94e79356567b31fec1077ab5bb5b0258e24749859301000267c74ef43a6f

    SHA512

    e487cd6e673c109d6232e43d407c9afcffc2a3f0c3e41a63d3756b46af5ebc61a3f22cae570e5dde668e69cfe15cccc0510bff658831c94677e79da7c6fb830d

    Download Submit

  • /data/user/0/com.thestore.main/swc5ul9hkh/dg9xbvk4elihluh/base.apk.ihjcGzk1.hvk
    Filesize

    2.2MB

    MD5

    8ef59a9262f65398228bfa972668a458

    SHA1

    f091981c474eefa2f3abf2fde99379cc7744bbce

    SHA256

    f914d1cd45e713bec8dd0c20f0fbbcdf0dbe5099bb428e5911cfbf7c5cfff311

    SHA512

    b8baab8ecf5830ba587f6e18f9d9c07e9b6797dc2678cdbed566671b11f17ab1c873930ae36fcab3a90cea143637418e94b26665e2c31403cb8ce57fdff9724b

    Download Submit

  • /data/user/0/com.thestore.main/swc5ul9hkh/dg9xbvk4elihluh/base.apk.ihjcGzk1.hvk.x86.flock
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.thestore.main/swc5ul9hkh/dg9xbvk4elihluh/hdcdzkhh.kvo9
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.thestore.main/swc5ul9hkh/dg9xbvk4elihluh/oat/x86/base.apk.ihjcGzk1.odex
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.thestore.main/swc5ul9hkh/dg9xbvk4elihluh/oat/x86/base.apk.ihjcGzk1.vdex
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.thestore.main/swc5ul9hkh/dg9xbvk4elihluh/tmp-base.apk.ihjcGzk8130106843630363477.hvk
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit