Analysis
-
max time kernel
2564419s -
max time network
136s -
platform
android_x64 -
resource
android-x64-arm64-20220621-en -
submitted
25-06-2022 02:57
Static task
static1
Behavioral task
behavioral1
Sample
8d4b04f4e922ce15facf652b05b1fad9975a2e299469ced2cdc957086b4022cc.apk
Resource
android-x86-arm-20220621-en
Behavioral task
behavioral2
Sample
8d4b04f4e922ce15facf652b05b1fad9975a2e299469ced2cdc957086b4022cc.apk
Resource
android-x64-20220621-en
Behavioral task
behavioral3
Sample
8d4b04f4e922ce15facf652b05b1fad9975a2e299469ced2cdc957086b4022cc.apk
Resource
android-x64-arm64-20220621-en
General
-
Target
8d4b04f4e922ce15facf652b05b1fad9975a2e299469ced2cdc957086b4022cc.apk
-
Size
368KB
-
MD5
df1448113a4de8b48b68b4639bd5de76
-
SHA1
db5899157bc257324097e102f8543faea01546fb
-
SHA256
8d4b04f4e922ce15facf652b05b1fad9975a2e299469ced2cdc957086b4022cc
-
SHA512
91b6bf776ac66c2dedb1070df7255fea133efee4fa4e64451ea1de0c120464d76e6fd8d2e1231bc64177998966b68d6d609b5c12b1bea1dde006653aa0e58d2b
Malware Config
Signatures
-
Anubis banker
Android banker that uses overlays.
-
Makes use of the framework's Accessibility service. 2 IoCs
Processes:
anubis.bot.myapplicationdescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId anubis.bot.myapplication Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText anubis.bot.myapplication -
Acquires the wake lock. 1 IoCs
Processes:
anubis.bot.myapplicationdescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock anubis.bot.myapplication -
Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
Processes:
anubis.bot.myapplicationdescription ioc process Framework API call android.hardware.SensorManager.registerListener anubis.bot.myapplication