anubis | b39feeab21d00b673b9424a9580975e5aa4990ffe57199014b6dc37b8070660c | Triage

Submit
Reports

Overview

overview

Static

static

B39FEEAB21...0C.apk

android_x86

B39FEEAB21...0C.apk

android_x64

B39FEEAB21...0C.apk

android_x64

Sharing

General

Target

B39FEEAB21D00B673B9424A9580975E5AA4990FFE57199014B6DC37B8070660C.apk
Size

273KB
Sample

220603-gbxkjadhem
MD5

c7dc74dbcc22d1a658e13498459a3cf3
SHA1

9d077d4a2808f0c2f02eddedc88259203c3f9343
SHA256

b39feeab21d00b673b9424a9580975e5aa4990ffe57199014b6dc37b8070660c
SHA512

b25a25a4b5582fc3d0e89430c82eb46011f42e069904508c7a451cc0a6c4308c617ce95c819b994c98268856f739f5034ee57f05245caf35f64fc64eb5f5f1ae

Score

10^/10

anubis android banker evasion infostealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

B39FEEAB21D00B673B9424A9580975E5AA4990FFE57199014B6DC37B8070660C.apk

Resource

android-x86-arm-20220310-en

anubis banker evasion infostealer trojan

android_x86

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

B39FEEAB21D00B673B9424A9580975E5AA4990FFE57199014B6DC37B8070660C.apk

Resource

android-x64-20220310-en

anubis banker evasion infostealer trojan

android_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

B39FEEAB21D00B673B9424A9580975E5AA4990FFE57199014B6DC37B8070660C.apk

Resource

android-x64-arm64-20220310-en

anubis banker evasion infostealer trojan

android_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

anubis

C2

https://paneltominik.com/

Targets

- Target
  
  B39FEEAB21D00B673B9424A9580975E5AA4990FFE57199014B6DC37B8070660C.apk
- Size
  
  273KB
- MD5
  
  c7dc74dbcc22d1a658e13498459a3cf3
- SHA1
  
  9d077d4a2808f0c2f02eddedc88259203c3f9343
- SHA256
  
  b39feeab21d00b673b9424a9580975e5aa4990ffe57199014b6dc37b8070660c
- SHA512
  
  b25a25a4b5582fc3d0e89430c82eb46011f42e069904508c7a451cc0a6c4308c617ce95c819b994c98268856f739f5034ee57f05245caf35f64fc64eb5f5f1ae
Score

10^/10

anubis banker evasion infostealer trojan
- Anubis banker
  Android banker that uses overlays.
  banker trojan infostealer anubis
- Makes use of the framework's Accessibility service.
- Acquires the wake lock.
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

anubisbankerevasioninfostealertrojan

behavioral2

anubisbankerevasioninfostealertrojan

behavioral3

anubisbankerevasioninfostealertrojan

© 2018-2024

Terms | Privacy