Overview

overview

10

Static

static

10

d4212439e7...c4.apk

android-9-x86

10

d4212439e7...c4.apk

android-10-x64

10

d4212439e7...c4.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d4212439e709b6d3f363fecea26e71a6496011a776986698fe34e05bd3766ac4.zip

  • Size

    1.8MB

  • Sample

    221005-l4hz3aeaa5

  • MD5

    8a4949f3337a806c6d2a3beba9bca511

  • SHA1

    4573e7cfa528c64de796210e1b69fca8b8cf87ea

  • SHA256

    d4212439e709b6d3f363fecea26e71a6496011a776986698fe34e05bd3766ac4

  • SHA512

    0ef304ee269af8ce2ef385dad9898eb59b5ee72421137205629e6f93e0cf7c2a46d86e586cb8d08d2ca0afe8eb11ed2219a9f514a6e438087d183ab005dd156f

  • SSDEEP

    49152:nAqcnH9bZjBkmOgN++OfDOAW2uibbPfgwgGKz+nvd:n8dbHkbt7OAW2bTgfCn1

Score
10/10
anubisandroidbankerinfostealertrojan

Malware Config

Extracted

Family

anubis

C2

http://cdnjs.su

Targets

    • Target

      d4212439e709b6d3f363fecea26e71a6496011a776986698fe34e05bd3766ac4.zip

    • Size

      1.8MB

    • MD5

      8a4949f3337a806c6d2a3beba9bca511

    • SHA1

      4573e7cfa528c64de796210e1b69fca8b8cf87ea

    • SHA256

      d4212439e709b6d3f363fecea26e71a6496011a776986698fe34e05bd3766ac4

    • SHA512

      0ef304ee269af8ce2ef385dad9898eb59b5ee72421137205629e6f93e0cf7c2a46d86e586cb8d08d2ca0afe8eb11ed2219a9f514a6e438087d183ab005dd156f

    • SSDEEP

      49152:nAqcnH9bZjBkmOgN++OfDOAW2uibbPfgwgGKz+nvd:n8dbHkbt7OAW2bTgfCn1

    Score
    10/10
    anubisbankerinfostealertrojan

    • Anubis banker

      Android banker that uses overlays.

      bankertrojaninfostealeranubis

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

      banker

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Acquires the wake lock.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks