General

  • Target

    50dd84bb63e99485575f556ea4a372cf8d9e9830274e8625239c5bf64d272169.apk

  • Size

    328KB

  • Sample

    220605-p8wcqsegfr

  • MD5

    2254002370c03cf14c3eabb27b3b826d

  • SHA1

    cd50bdb0df479d7dc3575b8160c32d06ad686a67

  • SHA256

    50dd84bb63e99485575f556ea4a372cf8d9e9830274e8625239c5bf64d272169

  • SHA512

    9535a3af7a1ecc634fdab6cd43724a6f2d013d1952fbbfffac688a226dd52cf60ff31e8a6c91be37cbd26a39669d861291b6dc4fc63aea4c49d7473d68d5c689

Malware Config

Extracted

Family

anubis

C2

http://190.14.37.139

Targets

    • Target

      50dd84bb63e99485575f556ea4a372cf8d9e9830274e8625239c5bf64d272169.apk

    • Size

      328KB

    • MD5

      2254002370c03cf14c3eabb27b3b826d

    • SHA1

      cd50bdb0df479d7dc3575b8160c32d06ad686a67

    • SHA256

      50dd84bb63e99485575f556ea4a372cf8d9e9830274e8625239c5bf64d272169

    • SHA512

      9535a3af7a1ecc634fdab6cd43724a6f2d013d1952fbbfffac688a226dd52cf60ff31e8a6c91be37cbd26a39669d861291b6dc4fc63aea4c49d7473d68d5c689

    • Anubis banker

      Android banker that uses overlays.

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks