General
-
Target
06dbf0e0bfab9f74c0744b8fe.exe
-
Size
3.8MB
-
Sample
230705-qpascseb4z
-
MD5
0a296c35e1d7ac2c69cd62b3de246a19
-
SHA1
9f941ba530d50b907257f9558697cd6ba1617f80
-
SHA256
06dbf0e0bfab9f74c0744b8fe29bec1cf48171bce9df7ff56be34a62babf15d2
-
SHA512
44e35b961022871e634d006e575a04c1a3b0cc7d0f07ba23dbdca64435a5aec635002fc701da5f02e6755eb773c5d01699ab8a304580700c74c3a2051e5fccca
-
SSDEEP
98304:2QJ1CPm1vI5Pzb9p9UQs6/TO41SUEsKo9xOssKR1eXl1TDr2K:2QHLIvpXRbOCJ1qs8XvD2K
Malware Config
Targets
-
-
Target
06dbf0e0bfab9f74c0744b8fe.exe
-
Size
3.8MB
-
MD5
0a296c35e1d7ac2c69cd62b3de246a19
-
SHA1
9f941ba530d50b907257f9558697cd6ba1617f80
-
SHA256
06dbf0e0bfab9f74c0744b8fe29bec1cf48171bce9df7ff56be34a62babf15d2
-
SHA512
44e35b961022871e634d006e575a04c1a3b0cc7d0f07ba23dbdca64435a5aec635002fc701da5f02e6755eb773c5d01699ab8a304580700c74c3a2051e5fccca
-
SSDEEP
98304:2QJ1CPm1vI5Pzb9p9UQs6/TO41SUEsKo9xOssKR1eXl1TDr2K:2QHLIvpXRbOCJ1qs8XvD2K
Score10/10-
FluBot
FluBot is an android banking trojan that uses overlays.
-
FluBot payload
-
Makes use of the framework's Accessibility service.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Requests enabling of the accessibility settings.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Removes a system notification.
-
Uses Crypto APIs (Might try to encrypt user data).
-
-
-
Target
CardViewController.js
-
Size
6KB
-
MD5
ddf8217937a55422d35c43220b849862
-
SHA1
e027fb75401d33c18a6f54e6a4942b94abdfc616
-
SHA256
43c4b5605490b161318cf49519357ce3088abedde4fb17ac18c9968ad18fe6a3
-
SHA512
010c2fcde2317ce8a2355e6164c6d6be54b4cf2bac71cbf801ba73ea008dfaf97b46242a2585166508957b98ffad2efaebe5921cfe2ba4aec197a4fafd955525
-
SSDEEP
96:z82mxeteP4VLA9xtxT2mHSTyS5fQsY0TPfp4ieY+xPm0bkG/glNFC4nXlQ3:wMteuSzy2S5fQGPfp1eY/pG/QC4nXl8
Score1/10 -
-
-
Target
CloudCardViewController.js
-
Size
4KB
-
MD5
93f02e9ebdafbd1b11d7d2f0c91fd56f
-
SHA1
ca18e616c9456fd3ea42acbf6af863768f2c5e6f
-
SHA256
eb4a032eb38894bf6ea3e7b26e767409af4a26bd0f9f1f9d7a9149e6fe3c326c
-
SHA512
b6ea67387312b058938f1b751ab75da2bbb1d80842b60699a6a91288f9151946f24e4ec8f3d69d5240aa0b459238f5abd5f39fc694d54d18eeae25444e7516b3
-
SSDEEP
96:HbbKzL1+4kVtvrGutIlpJtcbsmCg1HOKP8JLr8JuNGwTMry:6/dKkYjCfyYLrYyGA
Score1/10 -
-
-
Target
ImagesController.js
-
Size
2KB
-
MD5
162782ad9c857cbdebf8f68a76c51c96
-
SHA1
c9f8338570427b9d4320c544143c7f6560e0a6c2
-
SHA256
9a92ac4b16a0ba1fcc634c553febc9c8b73766c7f5d9773abca73fab22098ff0
-
SHA512
4c47fa4f5b43326b9a893cefb6c6361ebcd071cb05682dfff2bbede1e9e434b2d6f6d50096ee49addabcb2aae2c7ad21484a600ebf8556a06064bb5b6f75e6db
Score1/10 -
-
-
Target
ImgViewController.js
-
Size
6KB
-
MD5
5f8bad69e86a6f8739b520188df8b5b3
-
SHA1
f7367cbaaa5c9dd1901130dab0d4597396d7d237
-
SHA256
7fb23b3ee8ccf6e36c039c8274a213e213198e1e71af92733e678cf63927ba3c
-
SHA512
3489586d47c143d79c2dab143f29f1aae0dd17b0e66742841fd27ecca5d5258d820d47c69e3397a41e7b12d211615dc0be4a1d0d3425933597e222a88182ccb2
-
SSDEEP
192:toUYXCRi2Yk5S+tlsqwt4+YMRwOu8eRGg+I6dSe:aURiLvTNlNR
Score1/10 -
-
-
Target
Template.js
-
Size
15KB
-
MD5
a68357d731497c0e5059373c88c77769
-
SHA1
28ad7715c30fde813e1ce367dc4b9565c4fc881e
-
SHA256
283dc95b7bee0df45b4183b9b7501033f3841503d83f9edfdf0e85a931cb1a13
-
SHA512
30cd20d07995ed72c3291080b8c25669aa562dd153f6876573d0825e3bc897cd298843fbc4e0d0ea1725ed40a65c0102a90a4111f913fbaff425353406d4dc76
-
SSDEEP
192:pdw4Xj8vKXrOSZRe17W1oXA4tvKXM+/1Cyc0bLyrAlN3X3:pdXz8yXrOkRY6f4tyXtZc0bLlN3n
Score1/10 -
-
-
Target
ViewController.js
-
Size
5KB
-
MD5
8e0a6e07535efe25c118594aa383e184
-
SHA1
54068de5a4d74be8303b8eb154dac3c67847c8c2
-
SHA256
5c4786d02891f18d3cdf2363a6749cf6f059ae01ef06ed9c4c2e97fe2642892a
-
SHA512
e9f04c26a15ac912f7a34a91b28874299a212b033b6e7e87ee5549c8c930ee275427a5c69d2b6bcf51634324b2b989b76ccb6fa33de59223d46ccc8adf8eb251
-
SSDEEP
96:cTtlfiN6aNwWPGW6L+DmVwWjpIY9eCYehSEwg4OP3ZQM+81kJcS2SSJYlyf59pXM:Mfi7NjF6VvFIecE1NvaaccS3WY2vZUJh
Score1/10 -
-
-
Target
android_utils.js
-
Size
1KB
-
MD5
b27898b6152f6827c80c5cef6b5b4139
-
SHA1
84c718d9d1a63f59bb5c5c87be36d5f6df8e0eaa
-
SHA256
c94e79136bbd729e1b24853d81b32c4c7f370e859a16e00db58adfe78d218fcb
-
SHA512
4dcec06e2cc7c6ed11b2ab42221bc396b9846111dec015f8b4f369590d00206c98348e09a15e4a764f440d8a2cae8ad37997688f8e17bf9b5add7bf20f866245
Score1/10 -
-
-
Target
aps-mraid.js
-
Size
10KB
-
MD5
c1d55bdb635f731b069bb1063afb8f2d
-
SHA1
61a36a2366aa7e1838b91427763cef6e3627bd05
-
SHA256
82a9efb22e2d220f9d9b4c2fb959f99cc65726e476b0875425efc2d9d8461603
-
SHA512
077d3475b19e3a6cfdce0615c010130d32c87229553d4580798b9122e2a39b2a19cc1a687c50c27643e549718fa4993a90c8dc76dd6aee79abff21c1a7e47c8f
-
SSDEEP
192:KiCDJIp5LQHMHP2i69SyLMnbcXn4+r/MH8CGgVHGl2yxSWfVwDEX:KJ+vQHoP2i6XMnCjMcCGgVk2S3NH
Score1/10 -
-
-
Target
attachmentCardFactory.js
-
Size
4KB
-
MD5
581128baab7cf52c06eaf3a506292333
-
SHA1
f608dc8461f86370e6a00f94c76a91a379e4d21c
-
SHA256
5a771d1f96e4c96fdd62540f64f3253469d7f8be12e030d834e8c8814f830ae8
-
SHA512
17591edfdccac026d0ffb60be700e75521119b70b5d8489278a790eaff88183b78575d40a224811b0ac28a662edf084e14f94d47f542db85dfda4b273080bdca
-
SSDEEP
48:dM/H3111+wSFsShwfq8CU/mpOnIOemUKa2/mHIS/xF8YDXzrHZoT4wXiz36LxAcN:dM/EXnUuizemUKJuN8YDXPHZorXiaW0
Score1/10 -
-
-
Target
attachmentsController.js
-
Size
12KB
-
MD5
363c71a428fcbd8c849465703569a358
-
SHA1
c8d27e21dc67a94209a67429afb12c4e338677b0
-
SHA256
edecf1a6b0a5697d91a4e1777580cf9ce6377397daa93a18376542367cadbfdc
-
SHA512
9cbefea630506818a80a6b7c260fa515fc8bebd491c20901e85ca0a1030671bce93ba687cffe613edb7a5987747efe56e8a9a23209ed41a8dd6f9e1175967543
-
SSDEEP
192:P0W6whhj4Qo5NRgjX01oCPD21ziCF5/qem4+pJgvkdAXf9ziiigzXS8KggHdyx4V:P0W6uCQo/yp54gvkKziiBPKTR2SJ
Score1/10 -
-
-
Target
autoSaveController.js
-
Size
1KB
-
MD5
a79a7ae165f297a0f83adacd54d9406a
-
SHA1
9ced7645af7480d6fd919f5e7b459914ea5dce0c
-
SHA256
cc47dfc973e3ce803cb4fa408114b32a50dca1ca1f848f710e73083dbc6e3284
-
SHA512
b2d120e01e290730b0d54c5c909be41a2fbcd6c6f5450ae83f7a86dd716c3b608a6e731dfd08cbd2a0a1804bc76e57f49dade42caf10e7f7299d8d63a86607eb
Score1/10 -
-
-
Target
ccBccFromSummaryFieldController.js
-
Size
4KB
-
MD5
0dcb03b4a5823e2b22314e0865ad4411
-
SHA1
1f5645b5912f60174438378c804aaa3dea858687
-
SHA256
3ecc8fddbc45f8c632d09a2a6a5707403fea6771f80058219d35db0aed407b62
-
SHA512
e470b44db17e4696e148f4bb6bb6a5705b88ab70e46319117baa31c22ca6975821300ccd4f852c34fa68283c0253d6ee8d0fa695d27034c4a95e742e0a98d525
-
SSDEEP
96:d9VynbUs8EMn5p8RJVst9MMV536eaf1PUOUnXzTPdE:dC6p6eaf1P3gXzjdE
Score1/10 -
-
-
Target
composeContentFocusController.js
-
Size
7KB
-
MD5
4aeedcb1b612944859317ba99e5fa44b
-
SHA1
69c83cdd30eceb650fe85b20f3ed3f1506aee720
-
SHA256
b04907cd7199539295b0bfd16959173f57a357c1b594eb6d9a6162cdaab39a3a
-
SHA512
c2ad7592090800b483a867b1977de2abb875cd21e5f3fae60c780510e830ac7d6d9059a8a18ce609ae4be26ec7f46e09665b5ccd92a56072116b596105beac29
-
SSDEEP
192:PGwJm56Jz6ei33tDBf/9OVhwkWcYh58SCxY:526JOBtpEavXJ
Score1/10 -
-
-
Target
composer.html
-
Size
13KB
-
MD5
1023ad498f59e13bfeca0c7fbebeea52
-
SHA1
6260356b214f66218f9ca43ecad84cd0c27995c2
-
SHA256
d0517bb25ed43dc2056ad3d913f103c42d3fa4fa246415b5c1fdae777f021c2e
-
SHA512
8c8e3b96d0c5399e0152e57ed9589cd794aae6b32e4df11aad41ce3051d5105623a9e6fe3a38aa2c0127ec3d30b65cbc0e889b01885423dc2bbbc28945649462
-
SSDEEP
96:ajjiRgkTwNIvxoeRI6LTfWYry9uLF3ztrqwM51IB8jFuSIr0ybDp:c+RgS1vry9uZtrq37IB8jFuSybN
Score1/10 -
-
-
Target
composer.js
-
Size
17KB
-
MD5
9e18f65c7042db6ce3b1f98c40a8cdaf
-
SHA1
b574082a3e50f11db8b06bcbcfdb27ae0cff8e7e
-
SHA256
69f8a69df5ab97aaa947137d93ef20ac1dc4ec725e7611ed772f17ec620c8df8
-
SHA512
2ce1f489b961a4895f7f3f0d11f6a1f9dee52c34bf3544184bbebb0ff7546ee8d5c05b52208870a82814f09f72697492fc5cc350db202e2857d5897007aa769b
-
SSDEEP
384:BOmUDWYhIW/6I/K8DLTj+wj5e6UV6HqLzffPl/:BOmUDWYhIW/6I/K8DLTj+wj5e6UzHPZ
Score1/10 -