General

  • Target

    18832427a4a7dd1c2960a40fc13fc0dfc5357ecafdf7dae9f89d721f4138bc25

  • Size

    1MB

  • Sample

    200813-m8qffw1xej

  • MD5

    b8d3cd2eed88a3dbd30e1447c1add48b

  • SHA1

    c21e13d788b4c177829ac43b8bd4c71487fe41f5

  • SHA256

    18832427a4a7dd1c2960a40fc13fc0dfc5357ecafdf7dae9f89d721f4138bc25

  • SHA512

    fe012a29fc00b8d76f9c293ca42618edeca8e2eec41f8117513ed162b3e9a178d2ee5ca3e9abcab0cc423c03c2d0b9a3867f428b9ed9f75cb06bfcbc8ab540f3

Malware Config

Extracted

Family

anubis

C2

http://ktosdelaetskrintotpidor.com

http://sositehuypidarasi.com

Targets

    • Target

      18832427a4a7dd1c2960a40fc13fc0dfc5357ecafdf7dae9f89d721f4138bc25

    • Size

      1MB

    • MD5

      b8d3cd2eed88a3dbd30e1447c1add48b

    • SHA1

      c21e13d788b4c177829ac43b8bd4c71487fe41f5

    • SHA256

      18832427a4a7dd1c2960a40fc13fc0dfc5357ecafdf7dae9f89d721f4138bc25

    • SHA512

      fe012a29fc00b8d76f9c293ca42618edeca8e2eec41f8117513ed162b3e9a178d2ee5ca3e9abcab0cc423c03c2d0b9a3867f428b9ed9f75cb06bfcbc8ab540f3

    • Anubis banker

      Android banker that uses overlays.

    • Removes its main activity from the application launcher

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

MITRE ATT&CK Matrix

Tasks