Overview

overview

10

Static

static

7

DHLx25.apk

android-9-x86

10

DHLx25.apk

android-10-x64

10

DHLx25.apk

android-11-x64

10

Analysis

  • max time kernel
    3483764s
  • max time network
    163s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220823-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
  • submitted
    24-08-2022 11:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DHLx25.apk

  • Size

    4.5MB

  • MD5

    6c0c1ee3e7975428e7c1423275598148

  • SHA1

    7c0d4db1a811ac5b309862096fd83369488f479c

  • SHA256

    446c6ef506cdc21f0c207f5de701fe1170bf4b2f2a7874c9d957b41702ea398d

  • SHA512

    4a7a71d2fd2b2ee916219a1575526de5a2e3c1c2d5bc1142799fd633cb74e6310e5836a68ad11744e3b4e29740fe0f41c650f2e8e64053c21f76c21a4e752d0c

  • SSDEEP

    98304:FMX/zsBkQwFIpogLIdEwviHkTDvfMdTfrXkJ+r1/94fAPbYj3W3w19:FowBDwINIawsk3p8r+D3d

Score
10/10
flubotbankerevasioninfostealertrojan

Malware Config

Signatures

  • FluBot

    FluBot is an android banking trojan that uses overlays.

    bankertrojaninfostealerflubot
  • FluBot payload 1 IoCs
  • Makes use of the framework's Accessibility service. 3 IoCs
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Requests enabling of the accessibility settings. 1 IoCs
  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
    evasion
  • Removes a system notification. 1 IoCs
    evasion

Processes

  • com.thestore.main
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    • Requests enabling of the accessibility settings.
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    • Removes a system notification.
    PID:4564

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.thestore.main/shared_prefs/DHL.xml
    Filesize

    133B

    MD5

    1516e3a281b99a8ab2fc8b22022bfd9e

    SHA1

    d3883a7aa3434c624a402f3304082edf9da7f1ab

    SHA256

    c03a91ac128d5c57bdb4447cafc2b68a74dc58d31f494b1ee18716280ec49c74

    SHA512

    9ec9f05e12de4409dd6043b7467c23033bd6c87ebd7dfc20e70c12e2bd928f9dec01a82a005dd821423b24539b235251da338643ab410a24d2f4cbe7b61bacb5

    Download Submit

  • /data/user/0/com.thestore.main/shared_prefs/DHL.xml
    Filesize

    197B

    MD5

    f310905b6111913dc94541c58474e45d

    SHA1

    5e939ea1801be16ae5f1cfaed81b8a8343e595a2

    SHA256

    940aa345eba0b38f2e094f26d577ec171f62895e335978f9f434a5e0a0941126

    SHA512

    d3d75885a2db42ae4a342f1c73a0ef9f36089609269dd1bdd938dba0c9addd87d531db1fcf9a080e89afa9096a890f6741f52316c1b659a004004fc755b11de1

    Download Submit

  • /data/user/0/com.thestore.main/shared_prefs/multidex.version.xml
    Filesize

    307B

    MD5

    49d549812a8cf2d7ac8cbd9e0ee402c4

    SHA1

    5c557d5c0f69a756ce83a265fcd84b1a88523c42

    SHA256

    0d1c8a01b22e9e91650e5f03fc1b350d027dd00c2df6a3439d74b62e7d3aaff5

    SHA512

    aa51b97e44c09552a83fe06d193df2d41bbed8c6ac5e45640ad0d8da24c31893fc7eba82180cf6444aa3e30d504affb42e84ffaf2148aa713988e8c86ed2326f

    Download Submit

  • /data/user/0/com.thestore.main/swc5ul9hkh/dg9xbvk4elihluh/base.apk.ihjcGzk1.hvk
    Filesize

    2.2MB

    MD5

    8ef59a9262f65398228bfa972668a458

    SHA1

    f091981c474eefa2f3abf2fde99379cc7744bbce

    SHA256

    f914d1cd45e713bec8dd0c20f0fbbcdf0dbe5099bb428e5911cfbf7c5cfff311

    SHA512

    b8baab8ecf5830ba587f6e18f9d9c07e9b6797dc2678cdbed566671b11f17ab1c873930ae36fcab3a90cea143637418e94b26665e2c31403cb8ce57fdff9724b

    Download Submit

  • /data/user/0/com.thestore.main/swc5ul9hkh/dg9xbvk4elihluh/hdcdzkhh.kvo9
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.thestore.main/swc5ul9hkh/dg9xbvk4elihluh/tmp-base.apk.ihjcGzk8055745064519839347.hvk
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit