Overview

overview

10

Static

static

Android APK

android_x86

10

Analysis

  • max time kernel
    4203081s
  • max time network
    20s
  • platform
    android_x86
  • resource
    android-x86_arm
  • submitted
    13-01-2021 06:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmpzk3y9vy7.apk

  • Size

    878KB

  • MD5

    66d73fe9f0e26d03a07a6ee705dec8e1

  • SHA1

    77720a200bfa99f6dafc325470a0e9d94ff16405

  • SHA256

    44ad15105d126df1ad1f4984dd2e0351fbc9a7ffd5340f4eb61754d7e7a12c7f

  • SHA512

    a80ae594a74903ebdb2c52e2a030ace63ff945dea6e5eeeb2c56b0f209a26627ddfb8743a5ec10f6888829cf691f36e8e53344291c66408704c13e72b2a69edf

Score
10/10
anubisbankerinfostealerstealthtrojan

Malware Config

Extracted

Family

anubis

C2

http://2bky.com

http://2bky.com

Signatures

  • Anubis banker

    Android banker that uses overlays.

    bankertrojaninfostealeranubis
  • Removes its main activity from the application launcher 1 IoCs
    stealthtrojan
  • Suspicious use of android.app.ActivityManager.getRunningServices 14 IoCs
  • Suspicious use of android.os.PowerManager$WakeLock.acquire 1 IoCs
  • Suspicious use of android.telephony.TelephonyManager.getNetworkCountryIso 2 IoCs

Processes

  • mcpj.cdydb.sewnlyp
    1⤵
    • Removes its main activity from the application launcher
    • Suspicious use of android.app.ActivityManager.getRunningServices
    • Suspicious use of android.os.PowerManager$WakeLock.acquire
    • Suspicious use of android.telephony.TelephonyManager.getNetworkCountryIso
    PID:4274

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads