General

  • Target

    b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52.apk

  • Size

    2.3MB

  • Sample

    220928-kbqnrsgedl

  • MD5

    0533968891354ac78b45c486600a7890

  • SHA1

    4e9bc1bcbeec32ad93762482b9e1295c7f1bcee5

  • SHA256

    b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52

  • SHA512

    cdf2fcb3d7968b113563b602a476e54bdad4bf30548492941d7d18072c4542007c0f29dd2174ce1cf196c0369651788dc01e5d9f8d5ece9fa0aeeeccdf7348ce

  • SSDEEP

    24576:JbuUHfXVoL6D8RyE2cZBGUMfYm3At+y6/DA4kf4TyQ0jPwVCnY4DDMpkghSUPFE+:JqKlomDBy+y6/DPkQzuY4OhxdEuX

Malware Config

Targets

    • Target

      b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52.apk

    • Size

      2.3MB

    • MD5

      0533968891354ac78b45c486600a7890

    • SHA1

      4e9bc1bcbeec32ad93762482b9e1295c7f1bcee5

    • SHA256

      b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52

    • SHA512

      cdf2fcb3d7968b113563b602a476e54bdad4bf30548492941d7d18072c4542007c0f29dd2174ce1cf196c0369651788dc01e5d9f8d5ece9fa0aeeeccdf7348ce

    • SSDEEP

      24576:JbuUHfXVoL6D8RyE2cZBGUMfYm3At+y6/DA4kf4TyQ0jPwVCnY4DDMpkghSUPFE+:JqKlomDBy+y6/DPkQzuY4OhxdEuX

    • Malibot payload

    • malibot

      Malibot is an Android banking malware with the ability to bypass 2FA/MFA codes.

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

MITRE ATT&CK Matrix

Tasks