Overview

overview

10

Static

static

7

d278e59a06...2e.apk

android_x86

10

d278e59a06...2e.apk

android_x64

10

d278e59a06...2e.apk

android_x64

10

Analysis

  • max time kernel
    3866306s
  • max time network
    162s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220310-en
  • submitted
    21-05-2022 11:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d278e59a0697412de383aba9e7f97f0ddda1ab61f18972318df67708a02d072e.apk

  • Size

    3.1MB

  • MD5

    026d960c10af24e1a378ba9d13639973

  • SHA1

    b15eadca5c027254617ae7005cd3bc3418b8ed68

  • SHA256

    d278e59a0697412de383aba9e7f97f0ddda1ab61f18972318df67708a02d072e

  • SHA512

    fa45067d8e71070ac7a8212d3c58a1fc03a486bcb8f4567c38189a3323f8f38915f0c002e8c2d752176fedf2e733cb83180f38b2175e6a1b75a06ce9bd7c34e1

Score
10/10
anubisbankerevasioninfostealertrojan

Malware Config

Signatures

  • Anubis banker

    Android banker that uses overlays.

    bankertrojaninfostealeranubis
  • Makes use of the framework's Accessibility service. 3 IoCs
  • Acquires the wake lock. 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
    evasion

Processes

  • cpsdqudregaeoemaddjp.qewxlpdi.kypzpgzcxk
    1⤵
    • Makes use of the framework's Accessibility service.
    • Acquires the wake lock.
    • Loads dropped Dex/Jar
    • Listens for changes in the sensor environment (might be used to detect emulation).
    PID:5717

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/cpsdqudregaeoemaddjp.qewxlpdi.kypzpgzcxk/app_DynamicOptDex/Ywkkl.json
    Filesize

    1.9MB

    MD5

    0cc136a4f091d22fb27cb627bb7b4fb1

    SHA1

    e8849a65806f880aff08a1ea359302b0d6218be3

    SHA256

    eea437a96bbd1be0acc0b5ad3a6129b494b958a608914711280606209590dc61

    SHA512

    b4e35eae765de23966feb81e8fb2ab97bbaad9e42b1ff7d0e396e68c90647aaf0b72984a6f65ec379f4e524d00fe04d4c7367c5394cc6724af66d208b5eece78

    Download Submit
  • /data/user/0/cpsdqudregaeoemaddjp.qewxlpdi.kypzpgzcxk/app_DynamicOptDex/Ywkkl.json
    Filesize

    1.9MB

    MD5

    a0dc86fe6bfbecdcf52999e66fe1690e

    SHA1

    0431ed81cded1b614ca8172ee0b80c321f73a924

    SHA256

    1bc230219fb31745ca6569b83732de799e9266bac86815bc83812d739cdeaad2

    SHA512

    1f13ae5865f14c8c1c20d2f1e1ed0f1f15a85b839317fb5dff0483168be45a643dd01e5833236c7c142d2336670642a67d4dd24fab10dfccd6e439219884e848

    Download Submit
  • /data/user/0/cpsdqudregaeoemaddjp.qewxlpdi.kypzpgzcxk/app_DynamicOptDex/Ywkkl.json
    Filesize

    1.9MB

    MD5

    a0dc86fe6bfbecdcf52999e66fe1690e

    SHA1

    0431ed81cded1b614ca8172ee0b80c321f73a924

    SHA256

    1bc230219fb31745ca6569b83732de799e9266bac86815bc83812d739cdeaad2

    SHA512

    1f13ae5865f14c8c1c20d2f1e1ed0f1f15a85b839317fb5dff0483168be45a643dd01e5833236c7c142d2336670642a67d4dd24fab10dfccd6e439219884e848

    Download Submit
  • /data/user/0/cpsdqudregaeoemaddjp.qewxlpdi.kypzpgzcxk/app_DynamicOptDex/oat/Ywkkl.json.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit