anubis | 0803711244bf3ab0b36a0993d640691be059a8bf407070834bfb427396cbb600 | Triage

Submit
Reports

Overview

overview

Static

static

7

0803711244...00.apk

android_x86

0803711244...00.apk

android_x64

0803711244...00.apk

android_x64

Sharing

General

Target

0803711244BF3AB0B36A0993D640691BE059A8BF407070834BFB427396CBB600.apk
Size

2.6MB
Sample

220603-gbwcgadhdr
MD5

201aa553f5c98b69c975ab2e58704dce
SHA1

47a77bede86f2227491876a6dc8719fecd2c12fe
SHA256

0803711244bf3ab0b36a0993d640691be059a8bf407070834bfb427396cbb600
SHA512

cb08c024559862879182bbafcdb97c3a6e54ffa1d65b7948041f81b1b8327502035bbceb79806082c67ed970dc63cbfb37ba065c39e659041aaf6e5d37d5a93c

Score

10^/10

anubis android banker evasion infostealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

0803711244BF3AB0B36A0993D640691BE059A8BF407070834BFB427396CBB600.apk

Resource

android-x86-arm-20220310-en

anubis banker evasion infostealer trojan

android_x86

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0803711244BF3AB0B36A0993D640691BE059A8BF407070834BFB427396CBB600.apk

Resource

android-x64-20220310-en

anubis banker evasion infostealer trojan

android_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

0803711244BF3AB0B36A0993D640691BE059A8BF407070834BFB427396CBB600.apk

Resource

android-x64-arm64-20220310-en

android_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

anubis

C2

http://lastknight.xyz/

Targets

- Target
  
  0803711244BF3AB0B36A0993D640691BE059A8BF407070834BFB427396CBB600.apk
- Size
  
  2.6MB
- MD5
  
  201aa553f5c98b69c975ab2e58704dce
- SHA1
  
  47a77bede86f2227491876a6dc8719fecd2c12fe
- SHA256
  
  0803711244bf3ab0b36a0993d640691be059a8bf407070834bfb427396cbb600
- SHA512
  
  cb08c024559862879182bbafcdb97c3a6e54ffa1d65b7948041f81b1b8327502035bbceb79806082c67ed970dc63cbfb37ba065c39e659041aaf6e5d37d5a93c
Score

10^/10

anubis banker evasion infostealer trojan
- Anubis banker
  Android banker that uses overlays.
  banker trojan infostealer anubis
- Makes use of the framework's Accessibility service.
- Acquires the wake lock.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

anubisbankerevasioninfostealertrojan

behavioral2

anubisbankerevasioninfostealertrojan

behavioral3

© 2018-2024

Terms | Privacy