Overview

overview

10

Static

static

7

e491d383e9...96.apk

android_x86

10

e491d383e9...96.apk

android_x64

10

e491d383e9...96.apk

android_x64

Analysis

  • max time kernel
    672947s
  • max time network
    161s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    03-06-2022 05:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e491d383e9f89ba76864491598734e96.apk

  • Size

    1.7MB

  • MD5

    e491d383e9f89ba76864491598734e96

  • SHA1

    7cb959f34dc4261d9cb37eb225319e72c8e91445

  • SHA256

    d1fa9401808354978fc1aa91165b88c265b549915211e2f0294e7f38db9af8dc

  • SHA512

    784114d1493e708a992570978d6add23fa0dc4835535b35c9fb4ef9037a7f85d38995509485cc772bc6f9edcb759f5752325687e3b34a5a26697ed88ceaf5fa2

Score
10/10
anubisbankerevasioninfostealertrojan

Malware Config

Extracted

Family

anubis

C2

http://r7ssh1ng.xyz

Signatures

  • Anubis banker

    Android banker that uses overlays.

    bankertrojaninfostealeranubis
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
    evasion

Processes

  • drdwdqauhhpmcupllolq.nldyxmytssfdufjcdampgkg.njlwxhyhpncfwfnucofygaeaosa
    1⤵
    • Loads dropped Dex/Jar
    • Listens for changes in the sensor environment (might be used to detect emulation).
    PID:6222

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/drdwdqauhhpmcupllolq.nldyxmytssfdufjcdampgkg.njlwxhyhpncfwfnucofygaeaosa/app_DynamicOptDex/PYpgl.json
    Filesize

    985KB

    MD5

    46fadd77f9a67dbf5c4c722b444a5123

    SHA1

    5f6ee674773c77d1ebe6a06c099a1ae56850f8d3

    SHA256

    0524edb314ec4369bd027c90f7c1e8c878132fb2f9f9cf95e7dcaae7758ac4ba

    SHA512

    0bd75a2a617ec7e7c0ad8737c03ab3036164559ffde2d3631b53d4d202d01efeec2c1aaa7e6b9b56e152f18ca4e448e5da31961a8cde2d3d51680d140fd1e97c

    Download Submit

  • /data/user/0/drdwdqauhhpmcupllolq.nldyxmytssfdufjcdampgkg.njlwxhyhpncfwfnucofygaeaosa/app_DynamicOptDex/PYpgl.json
    Filesize

    985KB

    MD5

    8d1d685af936b898622a88cd468980fa

    SHA1

    7d0a7bd7c16f33a81dcd4b5d8bfa45bfb879e687

    SHA256

    7978c6cef7b934373f218da8a6510c631aa9abb6ff5e3527e9e3051dc3b63bb5

    SHA512

    94a4d7aabcced27299f4d8b46a6b7f17d27140bfd82e2fb06ca10f86942aab822452b1fe980f29ae78e182faecfba3327c054bcac45984790819ad5363ac6e42

    Download Submit

  • /data/user/0/drdwdqauhhpmcupllolq.nldyxmytssfdufjcdampgkg.njlwxhyhpncfwfnucofygaeaosa/app_DynamicOptDex/PYpgl.json
    Filesize

    985KB

    MD5

    8d1d685af936b898622a88cd468980fa

    SHA1

    7d0a7bd7c16f33a81dcd4b5d8bfa45bfb879e687

    SHA256

    7978c6cef7b934373f218da8a6510c631aa9abb6ff5e3527e9e3051dc3b63bb5

    SHA512

    94a4d7aabcced27299f4d8b46a6b7f17d27140bfd82e2fb06ca10f86942aab822452b1fe980f29ae78e182faecfba3327c054bcac45984790819ad5363ac6e42

    Download Submit