wocwvy.czyxoxmbauu.slsa.ncec.myvbo
android.intent.action.MAIN
wocwvy.czyxoxmbauu.slsa.opzsdswiddt
android.intent.action.SEND
android.intent.action.SENDTO
General
-
Target
5bb0e4469e0d98df5c0ab4c60360c88246a41f6c30e677954a5a2fe5eb2818b7
-
Size
207KB
-
MD5
01bc9a13dd0b091b2ddce9ee2e682c0c
-
SHA1
5ecc5dd65118441b067bf2a9b5451d7a90ae124a
-
SHA256
5bb0e4469e0d98df5c0ab4c60360c88246a41f6c30e677954a5a2fe5eb2818b7
-
SHA512
fd1487ec14c5ee6e8e8d0c0464e95e00d07f6725985b6d5b965960a3fa88193cf989b774794388645d5a56037ba8f13160de6023017c23b22281cd1d67e4fca0
-
SSDEEP
3072:f0z5S+J7lqKuxqc/hwe/Q3TY5y1XScXuZCkzpxdSL69TnwmCWIgFTbDZamg:f00I70f4OhPMzX0RzPdx0
Score
10/10
Malware Config
Extracted
Family
anubis
C2
http://wadascx1wesa.club/admin_panel/
Signatures
-
Anubis family
-
Requests dangerous framework permissions 10 IoCs
Files
-
5bb0e4469e0d98df5c0ab4c60360c88246a41f6c30e677954a5a2fe5eb2818b7
wocwvy.czyxoxmbauu.slsa
wocwvy.czyxoxmbauu.slsa.ncec.myvbo
Android Permissions
5bb0e4469e0d98df5c0ab4c60360c88246a41f6c30e677954a5a2fe5eb2818b7
Permissions
android.permission.ACCESS_FINE_LOCATION
android.permission.GET_TASKS
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.PACKAGE_USAGE_STATS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_NETWORK_STATE
android.permission.CALL_PHONE
android.permission.INTERNET
android.permission.SEND_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.RECORD_AUDIO
android.permission.READ_CONTACTS
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS