How to analyze mobile malware: a Cabassous/FluBot Case study
Tags
country: Germany Hungary Italy Spain
maec-delivery-vectors: Watering Hole
attack-pattern: Data Domains - T1583.001 Domains - T1584.001 Hooking - T1617 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Sms Messages - T1636.004 Tool - T1588.002 Connection Proxy - T1090 Hooking - T1179 Hooking
Show in Graph
Common Information
Type Value
UUID d52f4fb2-1ad8-4036-99da-90685b24644d
Fingerprint 2e0d29112da1868d
Analysis status DONE
Considered CTI value -2
Text language
Published April 19, 2021, 2:20 p.m.
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Nov. 18, 2024, 9:16 p.m.
Headline How to analyze mobile malware: a Cabassous/FluBot Case study
Title How to analyze mobile malware: a Cabassous/FluBot Case study
Detected Hints/Tags/Attributes 66/3/20
Source URLs
Redirection Url
Details Source https://blog.nviso.eu/2021/04/19/how-to-analyze-mobile-malware-a-cabassous-flubot-case-study/
URL Provider
Details Provider Source level domain
Details nviso.eu blog.nviso.eu
Attributes
Details Type #Events CTI Value
Details Domain 1 
libreactnativeblob.so
Details Domain 1 
apkdiff.py
Details Domain 1 
deobfuscator.app
Details Domain 1 
vtcslaabqljbnco.com
Details Domain 1 
urqisbcliipfrac.com
Details Domain 1 
vloxaloyfmdqxti.ru
Details Domain 1 
cjcpldfquycghnf.ru
Details File 2 
classes-v1.bin
Details File 1 
apkdiff.py
Details File 9 
com.apk
Details File 1 
cabassous.apk
Details File 366 
console.log
Details File 1 
theme.ico
Details File 33 
com.bin
Details File 1 
bancamovil.png
Details sha256 1 
acb38742fddfc3dcb511e5b0b2b2a2e4cef3d67cc6188b29aeb4475a717f5f95
Details IPv4 1 
2.21.3.19
Details Url 1 
http://chiangma....com/track/?sl6zxys4ifyp
Details Url 1 
http://chiangma....com/track/?7l818osbxj9f
Details Url 1 
http://chiangma....com/track/?uk5imbr210yue