Overview

overview

10

Static

static

7

e491d383e9...96.apk

android_x86

10

e491d383e9...96.apk

android_x64

10

e491d383e9...96.apk

android_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e491d383e9f89ba76864491598734e96

  • Size

    1.7MB

  • Sample

    220603-gaenbsdgfm

  • MD5

    e491d383e9f89ba76864491598734e96

  • SHA1

    7cb959f34dc4261d9cb37eb225319e72c8e91445

  • SHA256

    d1fa9401808354978fc1aa91165b88c265b549915211e2f0294e7f38db9af8dc

  • SHA512

    784114d1493e708a992570978d6add23fa0dc4835535b35c9fb4ef9037a7f85d38995509485cc772bc6f9edcb759f5752325687e3b34a5a26697ed88ceaf5fa2

Score
10/10
anubisandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

anubis

C2

http://r7ssh1ng.xyz

Targets

    • Target

      e491d383e9f89ba76864491598734e96

    • Size

      1.7MB

    • MD5

      e491d383e9f89ba76864491598734e96

    • SHA1

      7cb959f34dc4261d9cb37eb225319e72c8e91445

    • SHA256

      d1fa9401808354978fc1aa91165b88c265b549915211e2f0294e7f38db9af8dc

    • SHA512

      784114d1493e708a992570978d6add23fa0dc4835535b35c9fb4ef9037a7f85d38995509485cc772bc6f9edcb759f5752325687e3b34a5a26697ed88ceaf5fa2

    Score
    10/10
    anubisbankerevasioninfostealertrojan

    • Anubis banker

      Android banker that uses overlays.

      bankertrojaninfostealeranubis

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks