Overview

overview

10

Static

static

10

045c244a5a...95.apk

android-9-x86

10

045c244a5a...95.apk

android-10-x64

10

045c244a5a...95.apk

android-11-x64

10

Analysis

  • max time kernel
    4089480s
  • max time network
    47s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220823-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
  • submitted
    31-08-2022 11:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    045c244a5adf9ef2c911c3dd4d8c5b95.apk

  • Size

    577KB

  • MD5

    045c244a5adf9ef2c911c3dd4d8c5b95

  • SHA1

    58aa5eaefda4e2eb5fa98de8410031ebd5767991

  • SHA256

    a092c8113d2ac18bbdf5b0cb4944a9662bbcb7d7c6da950cc5820ce8f42307fd

  • SHA512

    2aa3969e7e7a0e73b73c8534b7ce2cdcb6a9849b0ade5fc1711f1600e0dabc2e38718f146cca8c2d40d5090e35278a2bcc49b68d1a639058e9501cbc3b747903

  • SSDEEP

    6144:SY6pj72sI7xmHJSAdUis4aVrTifL2AcuUfL2Acu+fL2AcuRfL2Acu0fL2Acu9:SYmYCJSLrjT+J+JsJHJiJv

Score
10/10
anubisbankerevasioninfostealertrojan

Malware Config

Signatures

  • Anubis banker

    Android banker that uses overlays.

    bankertrojaninfostealeranubis
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Acquires the wake lock. 1 IoCs
  • Requests enabling of the accessibility settings. 1 IoCs
  • Reads information about phone network operator.
  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
    evasion

Processes

  • wocwvy.czyxoxmbauu.slsa
    1⤵
    • Makes use of the framework's Accessibility service.
    • Acquires the wake lock.
    • Requests enabling of the accessibility settings.
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    PID:4682

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads