Overview

overview

10

Static

static

7

eda5253756...4c.apk

android-9-x86

8

eda5253756...4c.apk

android-10-x64

1

eda5253756...4c.apk

android-11-x64

10

Resubmissions

18-08-2022 13:17

220818-qjnf9shhf3 10

Analysis

  • max time kernel
    2971424s
  • max time network
    144s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220621-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220621-enlocale:en-usos:android-11-x64system
  • submitted
    18-08-2022 13:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eda525375692b2217a9a12aad727fb4c.apk

  • Size

    258KB

  • MD5

    eda525375692b2217a9a12aad727fb4c

  • SHA1

    16a0c2426e88b72902bd5f9900c0ebe4955b6029

  • SHA256

    4aaefc66c082701e09bc1690f83571944b748bc0c958334cd505beebcc2ed4aa

  • SHA512

    bd1915f8c497a20f4bbd409e332dc9c28736c854537e796ce9641a2d8093aeb5cd510b5e7da22477e1afa2ad7623aba3d1443a6f4b23c5eb73c94d05c57d42bf

Score
10/10
anubisbankerevasioninfostealertrojan

Malware Config

Signatures

  • Anubis banker

    Android banker that uses overlays.

    bankertrojaninfostealeranubis
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
    banker
  • Acquires the wake lock. 1 IoCs
  • Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
    evasion

Processes

  • app.online.myapplication
    1⤵
    • Makes use of the framework's Accessibility service.
    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
    • Acquires the wake lock.
    • Listens for changes in the sensor environment (might be used to detect emulation).
    PID:4911

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads