Overview

overview

10

Static

static

10

5bb0e4469e...b7.apk

android_x86

10

5bb0e4469e...b7.apk

android_x64

1

5bb0e4469e...b7.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5bb0e4469e0d98df5c0ab4c60360c88246a41f6c30e677954a5a2fe5eb2818b7

  • Size

    207KB

  • Sample

    220708-vgf2mababr

  • MD5

    01bc9a13dd0b091b2ddce9ee2e682c0c

  • SHA1

    5ecc5dd65118441b067bf2a9b5451d7a90ae124a

  • SHA256

    5bb0e4469e0d98df5c0ab4c60360c88246a41f6c30e677954a5a2fe5eb2818b7

  • SHA512

    fd1487ec14c5ee6e8e8d0c0464e95e00d07f6725985b6d5b965960a3fa88193cf989b774794388645d5a56037ba8f13160de6023017c23b22281cd1d67e4fca0

Score
10/10
anubisandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

anubis

C2

http://wadascx1wesa.club/admin_panel/

Targets

    • Target

      5bb0e4469e0d98df5c0ab4c60360c88246a41f6c30e677954a5a2fe5eb2818b7

    • Size

      207KB

    • MD5

      01bc9a13dd0b091b2ddce9ee2e682c0c

    • SHA1

      5ecc5dd65118441b067bf2a9b5451d7a90ae124a

    • SHA256

      5bb0e4469e0d98df5c0ab4c60360c88246a41f6c30e677954a5a2fe5eb2818b7

    • SHA512

      fd1487ec14c5ee6e8e8d0c0464e95e00d07f6725985b6d5b965960a3fa88193cf989b774794388645d5a56037ba8f13160de6023017c23b22281cd1d67e4fca0

    Score
    10/10
    anubisbankerevasioninfostealertrojan

    • Anubis banker

      Android banker that uses overlays.

      bankertrojaninfostealeranubis

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Requests enabling of the accessibility settings.

    • Reads information about phone network operator.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks