Analyzing #Bankbot libraries

Jun 7, 2017 · 3 min read
lib/ folders containing the .so files
.so file hex overview
httpPOST call disassembly overview
getProc(void) /proc/cmdline call
send_sms() method disassembly
VirusTotal detections as of 05.25.2017


Written by


malware analysis. armchair kernel development

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade