Resubmissions
13-10-2022 15:48
221013-s89f5sbhen 1006-10-2022 16:41
221006-t7h38sacan 1005-10-2022 13:53
221005-q667wseeb2 1031-08-2022 20:23
220831-y6g7rsdba5 1031-08-2022 20:11
220831-yykb6abbdk 1031-08-2022 19:40
220831-ydqy7sagfk 1031-08-2022 17:36
220831-v6tzsahdgm 1031-08-2022 17:32
220831-v4htqshddn 7General
-
Target
ndQOhY0ypd.apk
-
Size
5.2MB
-
Sample
220831-ydqy7sagfk
-
MD5
ca559118f4605b0316a13b8cfa321f65
-
SHA1
5ef4d5784738d79f22f9bc5e8db7c94985bc1a3a
-
SHA256
3eb7efa71648ae819f1bff89399717805129487081e8261dd65bf596f2467054
-
SHA512
091f07d51e9d7c924666f28a30b03e5ff887e239ad2ed9a99cbd65e7b9350c6fc89cafdbbe05de27f8ea6dc90ff8484c1b692fc891b58fcc6104fa6878e8f3d7
-
SSDEEP
98304:+Ld3yR0X7GPzP21DeReIrJ0jJMooanGHNdyc7scnuB5k9MWdU:+LxyR0X7Qz/diMolGfyXcNMWdU
Malware Config
Targets
-
-
Target
ndQOhY0ypd.apk
-
Size
5.2MB
-
MD5
ca559118f4605b0316a13b8cfa321f65
-
SHA1
5ef4d5784738d79f22f9bc5e8db7c94985bc1a3a
-
SHA256
3eb7efa71648ae819f1bff89399717805129487081e8261dd65bf596f2467054
-
SHA512
091f07d51e9d7c924666f28a30b03e5ff887e239ad2ed9a99cbd65e7b9350c6fc89cafdbbe05de27f8ea6dc90ff8484c1b692fc891b58fcc6104fa6878e8f3d7
-
SSDEEP
98304:+Ld3yR0X7GPzP21DeReIrJ0jJMooanGHNdyc7scnuB5k9MWdU:+LxyR0X7Qz/diMolGfyXcNMWdU
Score10/10-
Malibot payload
-
malibot
Malibot is an Android banking malware with the ability to bypass 2FA/MFA codes.
-
Makes use of the framework's Accessibility service.
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-