540f2fea12850eb21e4b190286581a02250782f2febd6a7689a344edb8ce71fa

General
Target

540f2fea12850eb21e4b190286581a02250782f2febd6a7689a344edb8ce71fa

Size

3MB

Sample

220521-xdf9bsegfm

Score
10 /10
MD5

2d827db9557250e275102eeb2cf98b92

SHA1

8bf0d90029f41487a30524aefb8129a6c4f72cac

SHA256

540f2fea12850eb21e4b190286581a02250782f2febd6a7689a344edb8ce71fa

SHA512

cb9ba045de274ce211ecb926e6524c1d57644b952dc4b976709ff3d8208c0b6d667b0e0835a78652d74456e8aa4e68293ac03e6ccc6fd976944a60f95ee6edf1

Malware Config
Targets
Target

540f2fea12850eb21e4b190286581a02250782f2febd6a7689a344edb8ce71fa

MD5

2d827db9557250e275102eeb2cf98b92

Filesize

3MB

Score
10/10
SHA1

8bf0d90029f41487a30524aefb8129a6c4f72cac

SHA256

540f2fea12850eb21e4b190286581a02250782f2febd6a7689a344edb8ce71fa

SHA512

cb9ba045de274ce211ecb926e6524c1d57644b952dc4b976709ff3d8208c0b6d667b0e0835a78652d74456e8aa4e68293ac03e6ccc6fd976944a60f95ee6edf1

Tags

Signatures

  • Anubis banker

    Description

    Android banker that uses overlays.

    Tags

  • Makes use of the framework's Accessibility service.

  • Acquires the wake lock.

  • Loads dropped Dex/Jar

    Description

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          7/10

                          behavioral1

                          8/10

                          behavioral3

                          1/10