anubis | 34bec3b2747ed7531993c73f04968c56e79f05f3b26b91cad256c9bbd5cf1beb | Triage

Resubmissions

18-10-2021 13:32

211018-qtexwadfb9 10

13-09-2021 12:07

210913-parxnadfb9 10

24-04-2021 15:32

210424-hbqmyl95wx 10

Analysis

max time kernel
75687s
max time network
34s
platform
android_x86_64
resource
android-x86_64_arm64
submitted
24-04-2021 15:32

Sharing

Report Analysis Logs

General

Target

Avast Antivirus ULTIMATE 2021.apk
Size

516KB
MD5

0c43708df373ed87213329c50381b767
SHA1

a29e9a87eba94d9019b50326434cd0837d5c3966
SHA256

34bec3b2747ed7531993c73f04968c56e79f05f3b26b91cad256c9bbd5cf1beb
SHA512

9ff771d0203374d55046796f003813ea716595cc0c8f9e9ca134e6344457a407a4d9978d838c373a44c90dba9d902ba7a395a0f9ccf5a078e876751dfb0eee84

Score

10^/10

anubis banker infostealer stealth trojan

Malware Config

Extracted

Family

anubis

C2

http://ktosdelaetskrintotpidor.com

http://sositehuypidarasi.com

AES_key

AES_key

AES_key

AES_key

AES_key

AES_key

Signatures

Anubis banker
Android banker that uses overlays.
banker trojan infostealer anubis
Removes its main activity from the application launcher 1 IoCs
stealth trojan

Processes:

wocwvy.czyxoxmbauu.slsa

pid process

4156 wocwvy.czyxoxmbauu.slsa

wocwvy.czyxoxmbauu.slsa
1⤵
- Removes its main activity from the application launcher
PID:4156

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...