anubis | f3c56882c01b2b967887fc1ece06d0382b005bc50d3c006357cc6b566eca1992 | Triage

Submit
Reports

Overview

overview

Static

static

F3C56882C0...92.apk

android_x86

F3C56882C0...92.apk

android_x64

F3C56882C0...92.apk

android_x64

Sharing

General

Target

F3C56882C01B2B967887FC1ECE06D0382B005BC50D3C006357CC6B566ECA1992.apk
Size

273KB
Sample

220603-ged8cseafj
MD5

9dfc1fe77cce5df81bd1847135edbbf8
SHA1

c4ba5d537a1744ad198ec1243c191611b5a6058c
SHA256

f3c56882c01b2b967887fc1ece06d0382b005bc50d3c006357cc6b566eca1992
SHA512

886151b52315b4fa0267ba5a7a7e264c335dd456cdaf56abd585c5db3c1974067af394502d799187485043d0ad68803e6f492fc9c7ce47d84f69a47de396a6bd

Score

10^/10

anubis android banker evasion infostealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

F3C56882C01B2B967887FC1ECE06D0382B005BC50D3C006357CC6B566ECA1992.apk

Resource

android-x86-arm-20220310-en

anubis banker evasion infostealer trojan

android_x86

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

F3C56882C01B2B967887FC1ECE06D0382B005BC50D3C006357CC6B566ECA1992.apk

Resource

android-x64-20220310-en

anubis banker evasion infostealer trojan

android_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

F3C56882C01B2B967887FC1ECE06D0382B005BC50D3C006357CC6B566ECA1992.apk

Resource

android-x64-arm64-20220310-en

anubis banker evasion infostealer trojan

android_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

anubis

C2

http://192.168.0.133/

Targets

- Target
  
  F3C56882C01B2B967887FC1ECE06D0382B005BC50D3C006357CC6B566ECA1992.apk
- Size
  
  273KB
- MD5
  
  9dfc1fe77cce5df81bd1847135edbbf8
- SHA1
  
  c4ba5d537a1744ad198ec1243c191611b5a6058c
- SHA256
  
  f3c56882c01b2b967887fc1ece06d0382b005bc50d3c006357cc6b566eca1992
- SHA512
  
  886151b52315b4fa0267ba5a7a7e264c335dd456cdaf56abd585c5db3c1974067af394502d799187485043d0ad68803e6f492fc9c7ce47d84f69a47de396a6bd
Score

10^/10

anubis banker evasion infostealer trojan
- Anubis banker
  Android banker that uses overlays.
  banker trojan infostealer anubis
- Makes use of the framework's Accessibility service.
- Acquires the wake lock.
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

anubisbankerevasioninfostealertrojan

behavioral2

anubisbankerevasioninfostealertrojan

behavioral3

anubisbankerevasioninfostealertrojan

© 2018-2024

Terms | Privacy