Analysis
-
max time kernel
3891380s -
max time network
63s -
platform
android_x86 -
resource
android-x86-arm-20220310-en -
submitted
21-05-2022 18:44
Static task
static1
Behavioral task
behavioral1
Sample
3f00206aaed4612ce4655152b972aeb2787ca4133aeacc8c9acd8c4d38ea3f79.apk
Resource
android-x86-arm-20220310-en
Behavioral task
behavioral2
Sample
3f00206aaed4612ce4655152b972aeb2787ca4133aeacc8c9acd8c4d38ea3f79.apk
Resource
android-x64-20220310-en
Behavioral task
behavioral3
Sample
3f00206aaed4612ce4655152b972aeb2787ca4133aeacc8c9acd8c4d38ea3f79.apk
Resource
android-x64-arm64-20220310-en
General
-
Target
3f00206aaed4612ce4655152b972aeb2787ca4133aeacc8c9acd8c4d38ea3f79.apk
-
Size
354KB
-
MD5
17e3c903b5c0a1e8f86c89c64a0d07b3
-
SHA1
ec35c6afba2b78669efcf73d3821eeb876eecc7c
-
SHA256
3f00206aaed4612ce4655152b972aeb2787ca4133aeacc8c9acd8c4d38ea3f79
-
SHA512
6a11f00e427c6170c9b21bc3ad9c4555a7b57d02a6f423213517dcfbefa405d9c6215770708687266d70afa195567ce7ec49d0f7be4a3d1d13a4732200987140
Malware Config
Signatures
-
Anubis banker
Android banker that uses overlays.
-
Makes use of the framework's Accessibility service. 2 IoCs
Processes:
anubis.bot.myapplicationdescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId anubis.bot.myapplication Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText anubis.bot.myapplication -
Acquires the wake lock. 1 IoCs
Processes:
anubis.bot.myapplicationdescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock anubis.bot.myapplication -
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
Processes:
anubis.bot.myapplicationdescription ioc process Framework API call android.hardware.SensorManager.registerListener anubis.bot.myapplication