Overview

overview

10

Static

static

7

ce448fb2d1...06.apk

android_x86

10

ce448fb2d1...06.apk

android_x64

10

ce448fb2d1...06.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ce448fb2d1575f3a74ee59c611f6ec06

  • Size

    1.7MB

  • Sample

    220603-gaf66ahhe9

  • MD5

    ce448fb2d1575f3a74ee59c611f6ec06

  • SHA1

    660ff941653eb59c2f21da93c36bffd90ec3926e

  • SHA256

    fcc8e879421efa4a87c18771ad6a5e20960dbdf80222f34024d110922a9ae63a

  • SHA512

    dff7e05e60611a5c62cdaab367cd7a99545541b75a4e21b3aa00c70369f1d9c62a84be1a0d3cf3bb29e2dc49dbe3e265e8cd3e4c21a8f560ca94e3bce4bbe264

Score
10/10
anubisandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

anubis

C2

http://3n0rm0us.cc/

Targets

    • Target

      ce448fb2d1575f3a74ee59c611f6ec06

    • Size

      1.7MB

    • MD5

      ce448fb2d1575f3a74ee59c611f6ec06

    • SHA1

      660ff941653eb59c2f21da93c36bffd90ec3926e

    • SHA256

      fcc8e879421efa4a87c18771ad6a5e20960dbdf80222f34024d110922a9ae63a

    • SHA512

      dff7e05e60611a5c62cdaab367cd7a99545541b75a4e21b3aa00c70369f1d9c62a84be1a0d3cf3bb29e2dc49dbe3e265e8cd3e4c21a8f560ca94e3bce4bbe264

    Score
    10/10
    anubisbankerevasioninfostealertrojan

    • Anubis banker

      Android banker that uses overlays.

      bankertrojaninfostealeranubis

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks