Android Malware Vultur Expands Its Wingspan [Friday, March 29, 2024]

The authors behind Android banking malware Vultur have added new features allowing more remote interaction with victim devices. Vultur encrypts C2 ...
Android Malware Vultur Expands Its Wingspan [Friday, March 29, 2024]
Android Malware Vultur Expands Its Wingspan

Android Malware Vultur Expands Its Wingspan

Description :
The authors behind Android banking malware Vultur have added new features allowing more remote interaction with victim devices. Vultur encrypts C2 communication, uses multiple encrypted payloads, and disguises as legitimate apps. New features include file management, blocking apps, custom notifications, disabling lock screen. Vultur correlates to Android dropper Brunhilda.

Published Created Modified
2024-03-29 12:41:05 2024-03-29 12:41:05 2024-03-29 13:05:33

Tags

Indicators

URLs : Domains : Malwares :
  • Vultur
  • Brunhilda
Hashes :
  • 627529bb010b98511cfa1ad1aaa08760b158f4733e2bbccfd54050838c7b7fa3
  • 7337a79d832a57531b20b09c2fc17b4257a6d4e93fcaeb961eb7c6a95b071a06
  • 001fd4af41df8883957c515703e9b6b08e36fde3fd1d127b283ee75a32d575fc
  • 4fed4a42aadea8b3e937856318f9fbd056e2f46c19a6316df0660921dd5ba6c5
  • fa6111216966a98561a2af9e4ac97db036bcd551635be5b230995faad40b7607
  • 2a97ed20f1ae2ea5ef2b162d61279b2f9b68eba7cf27920e2a82a115fd68e31f
  • 5d86c9afd1d33e4affa9ba61225aded26ecaeb01755eeb861bb4db9bbb39191c
  • edef007f1ca60fdf75a7d5c5ffe09f1fc3fb560153633ec18c5ddb46cc75ea21
  • 1fc81b03703d64339d1417a079720bf0480fece3d017c303d88d18c70c7aabc3
  • f5ce27a49eaf59292f11af07851383e7d721a4d60019f3aceb8ca914259056af
  • c646c8e6a632e23a9c2e60590f012c7b5cb40340194cb0a597161676961b4de0
  • 26f9e19c2a82d2ed4d940c2ec535ff2aba8583ae3867502899a7790fe3628400
  • 7f1a344d8141e75c69a3c5cf61197f1d4b5038053fd777a68589ecdb29168e0c
  • dc4f24f07d99e4e34d1f50de0535f88ea52cc62bfb520452bdd730b94d6d8c0e
  • fb1e68ee3509993d0fe767b0372752d2fec8f5b0bf03d5c10a30b042a830ae1a
  • 0f2f8adce0f1e1971cba5851e383846b68e5504679d916d7dad10133cc965851
  • 819044d01e8726a47fc5970efc80ceddea0ac9bf7c1c5d08b293f0ae571369a9
  • 92af567452ecd02e48a2ebc762a318ce526ab28e192e89407cac9df3c317e78d
  • fc8c69bddd40a24d6d28fbf0c0d43a1a57067b19e6c3cc07e2664ef4879c221b
  • 89625cf2caed9028b41121c4589d9e35fa7981a2381aa293d4979b36cf5c8ff2
  • 5724589c46f3e469dc9f048e1e2601b8d7d1bafcc54e3d9460bc0adeeada022d
  • c0f3cb3d837d39aa3abccada0b4ecdb840621a8539519c104b27e2a646d7d50d
  • fd3b36455e58ba3531e8cce0326cce782723cc5d1cc0998b775e07e6c2622160
  • 7ca6989ccfb0ad0571aef7b263125410a5037976f41e17ee7c022097f827bd74
  • f4d7e9ec4eda034c29b8d73d479084658858f56e67909c2ffedf9223d7ca9bd2
  • d3dc4e22611ed20d700b6dd292ffddbc595c42453f18879f2ae4693a4d4d925a
Intrusion set :
  • Vultur
MITRE ATT&CK Techniques : Other observables :
  • Finance

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.