flubot | a778818cc08d213d1f66db5fa8b34aabc862569ecb99fd1aea37ff6ccab48400

Analysis

max time kernel
2927596s
max time network
76s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
12-06-2023 07:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

3.3MB
MD5

15328ea6d31bef8ddd15a81e0f5a549b
SHA1

c52f12651d91a9bf0d625a879b34d194eba69ed4
SHA256

a778818cc08d213d1f66db5fa8b34aabc862569ecb99fd1aea37ff6ccab48400
SHA512

5939a527d289315ff6d354bbd6e834ae9b3f452aebc54114a0fb46cb5422e5537ff0592aa62fbd20d753162f6a3ae56cfd97c4320613d1377a9b5a7d6a525336
SSDEEP

49152:qLzu436uB6iejEyNRe1kqqGI18iNwDelhcTUr4T1S0NwBbGJ3H5+ELr42SKn2IQI:qHuKB6BzReWqqGWNN8g4ETBaJ7n2Izl

Score

10^/10

flubot banker infostealer trojan

Malware Config

Signatures

FluBot
FluBot is an android banking trojan that uses overlays.
banker trojan infostealer flubot

FluBot payload 3 IoCs

Processes:

resource	yara_rule
/data/user/0/com.sina.weibo/app_apkprotector_dex/Zw6IGlco.ppt	family_flubot
/data/user/0/com.sina.weibo/app_apkprotector_dex/Zw6IGlco.ppt	family_flubot
/data/user/0/com.sina.weibo/app_apkprotector_dex/Zw6IGlco.ppt	family_flubot

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

com.sina.weibo

ioc	pid	process
/data/user/0/com.sina.weibo/app_apkprotector_dex/Zw6IGlco.ppt	4733	com.sina.weibo
/data/user/0/com.sina.weibo/app_apkprotector_dex/Zw6IGlco.ppt	4733	com.sina.weibo

com.sina.weibo
1⤵
- Loads dropped Dex/Jar
PID:4733

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.sina.weibo/app_apkprotector_dex/Zw6IGlco.ppt

Filesize
2.3MB

MD5
44e5099c255320beb84c347c28d9ffba

SHA1
32bccc9ebf25868ac299f14f45da44e166f424f1

SHA256
51a29d7ced99b68bf97e8dfff99f3a99aa157c7e6f86161e83935f750c5c73d3

SHA512
4efcbd07e80007e6b2c178c203a218cdcdba2c58347010485148e237aa4bc4b6a8c9aa2b53a9907b430349a1643e5e262e4049541dbab09a171b4f0ce73a9d88

Download Submit
/data/user/0/com.sina.weibo/app_apkprotector_dex/Zw6IGlco.ppt

Filesize
2.3MB

MD5
44e5099c255320beb84c347c28d9ffba

SHA1
32bccc9ebf25868ac299f14f45da44e166f424f1

SHA256
51a29d7ced99b68bf97e8dfff99f3a99aa157c7e6f86161e83935f750c5c73d3

SHA512
4efcbd07e80007e6b2c178c203a218cdcdba2c58347010485148e237aa4bc4b6a8c9aa2b53a9907b430349a1643e5e262e4049541dbab09a171b4f0ce73a9d88

Download Submit
/data/user/0/com.sina.weibo/app_apkprotector_dex/Zw6IGlco.ppt

Filesize
2.3MB

MD5
44e5099c255320beb84c347c28d9ffba

SHA1
32bccc9ebf25868ac299f14f45da44e166f424f1

SHA256
51a29d7ced99b68bf97e8dfff99f3a99aa157c7e6f86161e83935f750c5c73d3

SHA512
4efcbd07e80007e6b2c178c203a218cdcdba2c58347010485148e237aa4bc4b6a8c9aa2b53a9907b430349a1643e5e262e4049541dbab09a171b4f0ce73a9d88

Download Submit
/data/user/0/com.sina.weibo/shared_prefs/Voicemail.xml

Filesize
133B

MD5
12f17c5d7a8ef60baf8c9ed1cac9f1d2

SHA1
79374aa3b75e3d3b217eabe08d0d9eba636386cd

SHA256
3a028b6a67001bf21486deb67ae7fd2d0a9f99a8f46d22bbd5781d40c791fa4c

SHA512
ce11579ff9c6824f9ef117af3481cc4854a3327d202c8ae40239bc31408c8315a67636baea6f76d1bb8ed76185795c315d813ea3c0fe37dcf652edd3aaa399bc

Download Submit
/data/user/0/com.sina.weibo/shared_prefs/Voicemail.xml

Filesize
197B

MD5
92f4b709b35731e030b1951241acc5c2

SHA1
052d31a787c7fdad96890acb19cad6c66dcae049

SHA256
98c3cba01f053e97c17b8d754bff9b29c954bd9973b9654a4ec0cfb558322953

SHA512
fd06ec7fefb1e2ca6c40ba2195f0175c68e0426569f540654872ba9c417494b829918cbe38149f40aa2e7cd04006380e6e15acb53e9d933d25fcfbc6c5d41be6

Download Submit