malibot | b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52 | Triage

Submit
Reports

Overview

overview

Static

static

7

b01b74aaf2...52.apk

android-9-x86

b01b74aaf2...52.apk

android-10-x64

b01b74aaf2...52.apk

android-11-x64

Sharing

General

Target

b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52.apk
Size

2.3MB
Sample

220928-kbqnrsgedl
MD5

0533968891354ac78b45c486600a7890
SHA1

4e9bc1bcbeec32ad93762482b9e1295c7f1bcee5
SHA256

b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52
SHA512

cdf2fcb3d7968b113563b602a476e54bdad4bf30548492941d7d18072c4542007c0f29dd2174ce1cf196c0369651788dc01e5d9f8d5ece9fa0aeeeccdf7348ce
SSDEEP

24576:JbuUHfXVoL6D8RyE2cZBGUMfYm3At+y6/DA4kf4TyQ0jPwVCnY4DDMpkghSUPFE+:JqKlomDBy+y6/DPkQzuY4OhxdEuX

Score

10^/10

malibot android banker evasion infostealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52.apk

Resource

android-x86-arm-20220823-en

malibot banker evasion infostealer trojan

android-9-x86

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52.apk

Resource

android-x64-20220823-en

malibot banker infostealer trojan

android-10-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52.apk

Resource

android-x64-arm64-20220823-en

malibot banker infostealer trojan

android-11-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52.apk
- Size
  
  2.3MB
- MD5
  
  0533968891354ac78b45c486600a7890
- SHA1
  
  4e9bc1bcbeec32ad93762482b9e1295c7f1bcee5
- SHA256
  
  b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52
- SHA512
  
  cdf2fcb3d7968b113563b602a476e54bdad4bf30548492941d7d18072c4542007c0f29dd2174ce1cf196c0369651788dc01e5d9f8d5ece9fa0aeeeccdf7348ce
- SSDEEP
  
  24576:JbuUHfXVoL6D8RyE2cZBGUMfYm3At+y6/DA4kf4TyQ0jPwVCnY4DDMpkghSUPFE+:JqKlomDBy+y6/DPkQzuY4OhxdEuX
Score

10^/10

malibot banker evasion infostealer trojan
- Malibot payload
- malibot
  Malibot is an Android banking malware with the ability to bypass 2FA/MFA codes.
  infostealer trojan banker malibot
- Makes use of the framework's Accessibility service.
- Acquires the wake lock.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Removes a system notification.
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

malibotbankerevasioninfostealertrojan

behavioral2

malibotbankerinfostealertrojan

behavioral3

malibotbankerinfostealertrojan

© 2018-2024

Terms | Privacy