Overview

overview

10

Static

static

7

04765e3f8e...52.apk

android_x86

10

04765e3f8e...52.apk

android_x64

10

04765e3f8e...52.apk

android_x64

10

Analysis

  • max time kernel
    3844352s
  • max time network
    162s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220310-en
  • submitted
    21-05-2022 03:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    04765e3f8e4c1c3befe2855eeb6e7cef1904bd6a4f675fcef711e98908c7f752.apk

  • Size

    580KB

  • MD5

    4790085f52069d85a4c0ece1f1ab48eb

  • SHA1

    fa5b9226d7b9546f22412e884d74aa8bb9f8e402

  • SHA256

    04765e3f8e4c1c3befe2855eeb6e7cef1904bd6a4f675fcef711e98908c7f752

  • SHA512

    b512b11c107f8f5525f3ca8a15b87738e4e65c46254b5d82f98c2c296bded2395ee7c5d0776d27b1eca57b5e0ab2d11483efc68d1354eb78186117c2c5c3afca

Score
10/10
anubisbankerevasioninfostealertrojan

Malware Config

Extracted

Family

anubis

C2

http://www.flashl1ght.top

Signatures

  • Anubis banker

    Android banker that uses overlays.

    bankertrojaninfostealeranubis
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Acquires the wake lock. 1 IoCs
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
    evasion

Processes

  • com.rtqejxiahcqy.sujaon
    1⤵
    • Makes use of the framework's Accessibility service.
    • Acquires the wake lock.
    • Loads dropped Dex/Jar
    • Listens for changes in the sensor environment (might be used to detect emulation).
    PID:5577

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.rtqejxiahcqy.sujaon/app_files/exfikcpitj.jar
    Filesize

    177KB

    MD5

    d0e4ca32449c701017b72ca26b36cc17

    SHA1

    36510a6e41becf0adfd6d4a43aa734fa6f16e64d

    SHA256

    ddbd8a9fe8f9e43a2188b1aefe72e21b6478f84035519a35bf43ceebacd7f960

    SHA512

    f187e6454dbebcb8d5e3d05b54a55add8f2e4e8223d4a697467b60749801c758bb4368c6168e8844e6c5a90af5fac81110e01e019345ec31382a3b12d0e46073

    Download Submit
  • /data/user/0/com.rtqejxiahcqy.sujaon/app_files/exfikcpitj.jar
    Filesize

    345KB

    MD5

    c46dabf0042f3455e05e07045bda6bbe

    SHA1

    1b68ba83f6488a53f4f5d524c9e3c278288e9cb2

    SHA256

    6f00a8e758c4c5f04c866f3f74a0149e5abd6c3e610558493365e1cb60745cd4

    SHA512

    372039d6736da89cf4ba11908e6762c4a5a35aec471b0af3ace34299ee880806a34085c892a222cedb9f3bcd5ef17122c6b715d6b1cd337b49fe008824133ccb

    Download Submit
  • /data/user/0/com.rtqejxiahcqy.sujaon/app_files/oat/exfikcpitj.jar.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit