General

  • Target

    ce448fb2d1575f3a74ee59c611f6ec06

  • Size

    1.7MB

  • Sample

    220627-nd1tasagdp

  • MD5

    ce448fb2d1575f3a74ee59c611f6ec06

  • SHA1

    660ff941653eb59c2f21da93c36bffd90ec3926e

  • SHA256

    fcc8e879421efa4a87c18771ad6a5e20960dbdf80222f34024d110922a9ae63a

  • SHA512

    dff7e05e60611a5c62cdaab367cd7a99545541b75a4e21b3aa00c70369f1d9c62a84be1a0d3cf3bb29e2dc49dbe3e265e8cd3e4c21a8f560ca94e3bce4bbe264

Malware Config

Extracted

Family

anubis

C2

http://3n0rm0us.cc/

Targets

    • Target

      ce448fb2d1575f3a74ee59c611f6ec06

    • Size

      1.7MB

    • MD5

      ce448fb2d1575f3a74ee59c611f6ec06

    • SHA1

      660ff941653eb59c2f21da93c36bffd90ec3926e

    • SHA256

      fcc8e879421efa4a87c18771ad6a5e20960dbdf80222f34024d110922a9ae63a

    • SHA512

      dff7e05e60611a5c62cdaab367cd7a99545541b75a4e21b3aa00c70369f1d9c62a84be1a0d3cf3bb29e2dc49dbe3e265e8cd3e4c21a8f560ca94e3bce4bbe264

    • Anubis banker

      Android banker that uses overlays.

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks