Overview

overview

10

Static

static

7

b600fa379c...7e.apk

android_x86

10

b600fa379c...7e.apk

android_x64

10

b600fa379c...7e.apk

android_x64

10

Analysis

  • max time kernel
    3868148s
  • max time network
    160s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220310-en
  • submitted
    21-05-2022 11:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b600fa379cabfd33a6ebc2e69fd71910bff442b2d90d0163ccaa997cc2199b7e.apk

  • Size

    3.3MB

  • MD5

    98f48dacd555fc1a4f90d69fb91ae4e8

  • SHA1

    b8aec6d580883393cba4bcfa8e41857b130fa95d

  • SHA256

    b600fa379cabfd33a6ebc2e69fd71910bff442b2d90d0163ccaa997cc2199b7e

  • SHA512

    5dde926dea76716c1a8ff19e74d2393cec02f20eea00c9d228640c74231a2934df3137c1f3fc4d465c067012f7260699a62e5d4400d0b9696807b344359716b3

Score
10/10
anubisbankerevasioninfostealertrojan

Malware Config

Signatures

  • Anubis banker

    Android banker that uses overlays.

    bankertrojaninfostealeranubis
  • Makes use of the framework's Accessibility service. 3 IoCs
  • Acquires the wake lock. 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
    evasion

Processes

  • wzgcfrnkoecbdhyefubrbhpwqg.rblxehp.bfryhoyngspymwbuztgls
    1⤵
    • Makes use of the framework's Accessibility service.
    • Acquires the wake lock.
    • Loads dropped Dex/Jar
    • Listens for changes in the sensor environment (might be used to detect emulation).
    PID:5725

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/wzgcfrnkoecbdhyefubrbhpwqg.rblxehp.bfryhoyngspymwbuztgls/app_DynamicOptDex/Mnrr.json
    Filesize

    2.1MB

    MD5

    f6435dd229bfa1783f8d36942965b54a

    SHA1

    33ff7384a347e57fa75a171334daa8d11563cd3f

    SHA256

    8ca71b7faedae899f9c9b53bddc2577891bf85d33eddd80ecc973b62299c9147

    SHA512

    5b5345c5838db53a570c13f49475d2ad7945f052b97d3f0f30d7c1701a36927a8bcd3036d661432a26e251e22f4e2859825010129e7a11403e6451b1207cde91

    Download Submit
  • /data/user/0/wzgcfrnkoecbdhyefubrbhpwqg.rblxehp.bfryhoyngspymwbuztgls/app_DynamicOptDex/Mnrr.json
    Filesize

    2.1MB

    MD5

    85906cde5d00bcc1230e87598b8a7bfc

    SHA1

    b54fc492fb25e7843029a57cf03f9bf24120287d

    SHA256

    c1751a864c125e703b5507e5404d99f762679bb183b2b4d654d16ffa0e25d470

    SHA512

    75a08b98a5c0126b5bcb40dda4ca867992828617db44761354a8ebe04518a1cd97629c323197b5af1fb6383007befa3ff3fcac6acb3405de2c46a2a96f7ef376

    Download Submit
  • /data/user/0/wzgcfrnkoecbdhyefubrbhpwqg.rblxehp.bfryhoyngspymwbuztgls/app_DynamicOptDex/Mnrr.json
    Filesize

    2.1MB

    MD5

    85906cde5d00bcc1230e87598b8a7bfc

    SHA1

    b54fc492fb25e7843029a57cf03f9bf24120287d

    SHA256

    c1751a864c125e703b5507e5404d99f762679bb183b2b4d654d16ffa0e25d470

    SHA512

    75a08b98a5c0126b5bcb40dda4ca867992828617db44761354a8ebe04518a1cd97629c323197b5af1fb6383007befa3ff3fcac6acb3405de2c46a2a96f7ef376

    Download Submit
  • /data/user/0/wzgcfrnkoecbdhyefubrbhpwqg.rblxehp.bfryhoyngspymwbuztgls/app_DynamicOptDex/oat/Mnrr.json.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit