General
-
Target
b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52.apk
-
Size
2.3MB
-
Sample
220928-kbqnrsgedl
-
MD5
0533968891354ac78b45c486600a7890
-
SHA1
4e9bc1bcbeec32ad93762482b9e1295c7f1bcee5
-
SHA256
b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52
-
SHA512
cdf2fcb3d7968b113563b602a476e54bdad4bf30548492941d7d18072c4542007c0f29dd2174ce1cf196c0369651788dc01e5d9f8d5ece9fa0aeeeccdf7348ce
-
SSDEEP
24576:JbuUHfXVoL6D8RyE2cZBGUMfYm3At+y6/DA4kf4TyQ0jPwVCnY4DDMpkghSUPFE+:JqKlomDBy+y6/DPkQzuY4OhxdEuX
Static task
static1
Behavioral task
behavioral1
Sample
b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52.apk
Resource
android-x86-arm-20220823-en
Behavioral task
behavioral2
Sample
b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52.apk
Resource
android-x64-20220823-en
Behavioral task
behavioral3
Sample
b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52.apk
Resource
android-x64-arm64-20220823-en
Malware Config
Targets
-
-
Target
b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52.apk
-
Size
2.3MB
-
MD5
0533968891354ac78b45c486600a7890
-
SHA1
4e9bc1bcbeec32ad93762482b9e1295c7f1bcee5
-
SHA256
b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52
-
SHA512
cdf2fcb3d7968b113563b602a476e54bdad4bf30548492941d7d18072c4542007c0f29dd2174ce1cf196c0369651788dc01e5d9f8d5ece9fa0aeeeccdf7348ce
-
SSDEEP
24576:JbuUHfXVoL6D8RyE2cZBGUMfYm3At+y6/DA4kf4TyQ0jPwVCnY4DDMpkghSUPFE+:JqKlomDBy+y6/DPkQzuY4OhxdEuX
Score10/10-
Malibot payload
-
malibot
Malibot is an Android banking malware with the ability to bypass 2FA/MFA codes.
-
Makes use of the framework's Accessibility service.
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-