Overview

overview

10

Static

static

7

BD352E14A8...77.apk

android_x86

10

BD352E14A8...77.apk

android_x64

10

BD352E14A8...77.apk

android_x64

10

Analysis

  • max time kernel
    688726s
  • max time network
    172s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    03-06-2022 08:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BD352E14A8E2C65637BC0A8DE6749F1AC8E1B43AF64FFB78CEA50325018C4477.apk

  • Size

    1.9MB

  • MD5

    f819be0886ed50a6ccd6791043edbd7c

  • SHA1

    c982ae497b689a0418abd6f4d27a4bbecd237eb3

  • SHA256

    bd352e14a8e2c65637bc0a8de6749f1ac8e1b43af64ffb78cea50325018c4477

  • SHA512

    6a168a147fa98d021a38065bdd8425e16d78fcde4579c30efe91fd2c8c0c87965c2549f1493b5d2fd0b7bed982b1b8ba7e6c9cc6bb8bf699e577084c2badf5b8

Score
10/10
anubisbankerevasioninfostealertrojan

Malware Config

Extracted

Family

anubis

C2

http://ourplanet.xyz/

Signatures

  • Anubis banker

    Android banker that uses overlays.

    bankertrojaninfostealeranubis
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
    evasion

Processes

  • wqumtczkrehhh.shftzobzrpkdseucrhnhqzu.mkfmftteznamnlcjzjfasx
    1⤵
    • Loads dropped Dex/Jar
    • Listens for changes in the sensor environment (might be used to detect emulation).
    PID:6278

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/wqumtczkrehhh.shftzobzrpkdseucrhnhqzu.mkfmftteznamnlcjzjfasx/app_DynamicOptDex/ARRN.json
    Filesize

    887KB

    MD5

    f5abb065aff58add1c1d17348fe4c726

    SHA1

    cc1889e7367dbab286b26f7eb610855d07afaa7d

    SHA256

    0b800a5a3678e2a04414691fd587e9aaef19c2425c48732029a6cc421d78ec52

    SHA512

    decb72b5fb6a124f7f5d38658bd9f4987ec5f327415b11cbe1a60ff327bebf88b7242733d5b6df2a290760cd54e85e2d25807fb80f837243549683ecc041a0dd

    Download Submit

  • /data/user/0/wqumtczkrehhh.shftzobzrpkdseucrhnhqzu.mkfmftteznamnlcjzjfasx/app_DynamicOptDex/ARRN.json
    Filesize

    887KB

    MD5

    23dd85fcb4d2b3ccfba71cf777470b2f

    SHA1

    4c56af0b39d3a85e465676d0d95086fc59ebb940

    SHA256

    59d624744688bc7c0eb7002276610fb16898c0265edf2c2050f607be068a8b79

    SHA512

    5e33644abc8654c7d7fccd69302bb7ec3dc28e5173e13d0698e525a895b917c6a068d2cf285ab00a22784c3acc5b9c00f3776e9622e3330e24801a4890369dbf

    Download Submit

  • /data/user/0/wqumtczkrehhh.shftzobzrpkdseucrhnhqzu.mkfmftteznamnlcjzjfasx/app_DynamicOptDex/ARRN.json
    Filesize

    887KB

    MD5

    23dd85fcb4d2b3ccfba71cf777470b2f

    SHA1

    4c56af0b39d3a85e465676d0d95086fc59ebb940

    SHA256

    59d624744688bc7c0eb7002276610fb16898c0265edf2c2050f607be068a8b79

    SHA512

    5e33644abc8654c7d7fccd69302bb7ec3dc28e5173e13d0698e525a895b917c6a068d2cf285ab00a22784c3acc5b9c00f3776e9622e3330e24801a4890369dbf

    Download Submit