General

  • Target

    b7cbb06f8dadeb1530eb99a7a38834433ef0d9f5e9d049d79c70d41ea6690642

  • Size

    3MB

  • Sample

    220521-xdarjsegem

  • MD5

    9c4de47597b35a666200242b4ad7445e

  • SHA1

    bfed23c651753ec341f9d398a974f03944c28c1a

  • SHA256

    b7cbb06f8dadeb1530eb99a7a38834433ef0d9f5e9d049d79c70d41ea6690642

  • SHA512

    eb93729e7d65f5d4746974a0c4e6de5dfc04286f855f903bb635930118ba25c562375b6a2482944d61855454303d14772edc7330e5b17a7fb3f87f3787aa2ac7

Malware Config

Targets

    • Target

      b7cbb06f8dadeb1530eb99a7a38834433ef0d9f5e9d049d79c70d41ea6690642

    • Size

      3MB

    • MD5

      9c4de47597b35a666200242b4ad7445e

    • SHA1

      bfed23c651753ec341f9d398a974f03944c28c1a

    • SHA256

      b7cbb06f8dadeb1530eb99a7a38834433ef0d9f5e9d049d79c70d41ea6690642

    • SHA512

      eb93729e7d65f5d4746974a0c4e6de5dfc04286f855f903bb635930118ba25c562375b6a2482944d61855454303d14772edc7330e5b17a7fb3f87f3787aa2ac7

    • Anubis banker

      Android banker that uses overlays.

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks