Analysis
-
max time kernel
2812126s -
max time network
163s -
platform
android_x64 -
resource
android-x64-arm64-20220823-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system -
submitted
05-10-2022 10:05
Behavioral task
behavioral1
Sample
d4212439e709b6d3f363fecea26e71a6496011a776986698fe34e05bd3766ac4.apk
Resource
android-x86-arm-20220823-en
Behavioral task
behavioral2
Sample
d4212439e709b6d3f363fecea26e71a6496011a776986698fe34e05bd3766ac4.apk
Resource
android-x64-20220823-en
Behavioral task
behavioral3
Sample
d4212439e709b6d3f363fecea26e71a6496011a776986698fe34e05bd3766ac4.apk
Resource
android-x64-arm64-20220823-en
General
-
Target
d4212439e709b6d3f363fecea26e71a6496011a776986698fe34e05bd3766ac4.apk
-
Size
1.8MB
-
MD5
8a4949f3337a806c6d2a3beba9bca511
-
SHA1
4573e7cfa528c64de796210e1b69fca8b8cf87ea
-
SHA256
d4212439e709b6d3f363fecea26e71a6496011a776986698fe34e05bd3766ac4
-
SHA512
0ef304ee269af8ce2ef385dad9898eb59b5ee72421137205629e6f93e0cf7c2a46d86e586cb8d08d2ca0afe8eb11ed2219a9f514a6e438087d183ab005dd156f
-
SSDEEP
49152:nAqcnH9bZjBkmOgN++OfDOAW2uibbPfgwgGKz+nvd:n8dbHkbt7OAW2bTgfCn1
Malware Config
Signatures
-
Anubis banker
Android banker that uses overlays.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
Processes:
com.tencent.mmdescription ioc process Framework service call android.content.pm.IPackageManager.getInstalledApplications com.tencent.mm -
Requests cell location 1 IoCs
Uses Android APIs to to get current cell location.
Processes:
com.tencent.mmdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.tencent.mm -
Acquires the wake lock. 1 IoCs
Processes:
com.tencent.mmdescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock com.tencent.mm -
Reads information about phone network operator.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
128KB
MD50cec3bfb97074676594d4ec7d3729209
SHA12a4d174f02728cfd352f043497a12ead76970362
SHA2566f5adcf5267e62f9b5f4202f27b755ce9cf6b2fecae79317f10d022b2f829971
SHA512f861128ea9ab1ba2606b99b550061071b7b5ccc23b5ae7a098beeb56a5769b4d969b7259a38507d77e7d5a78e6f9c95d1e3ba9d62378bd1cf79c04ae110516c5
-
Filesize
1KB
MD506a4302811b7a614b29183566ac18e4f
SHA1007d0c5f2fdcbc511870dfcaf0bbdb6dc41daf69
SHA25624af770ed570cf8c5a27a07951b1cd4aa4ed17e39d43bb6b157d6c9f7efc6e2d
SHA51298608d7fff9312d66b9702752ec52efdd32dfcc35cf9ec2a4a702e2d29d25b896bc406cddaeea9212333316e4eadcc0eb15f53b30fdd55325d6e6e18ea7d7700
-
Filesize
416KB
MD54ff81873173fa2a6d8495cbdbda00413
SHA142d68f003c2bb3074471c5ac182f4e5433549dea
SHA2561bbfa15ebd235bcf5f7a78663852a680ebd36c3462069dc20f4b55ea8fa9298d
SHA512eb57a8439ba8a7ae7d2032f794d73bd1b3c76537b4d5c9403352559b715289b4194c2d6ab60fc68d91a16795d786bb258f02d96f8dd4e12dc3f7368616190d38
-
Filesize
1KB
MD5de08f5c2c2d38686ebb8ef62ebe98360
SHA1fe77e8698f2f198ae4abf12917fac2d2d7c2b345
SHA256fb099fed909c788ed21618545ce4032a4b6c394fe14beb6f9375434e155ec308
SHA512978f1297f0b1872b3053f65105a5b468e87415fc49630af3a8282b048fa810d5c2eec3d5699f3b18acfd447df6fbcc31e2912a6b9057549f21ef68f22cc87558
-
Filesize
3B
MD558e0494c51d30eb3494f7c9198986bb9
SHA1cd0d4cc32346750408f7d4f5e78ec9a6e5b79a0d
SHA25637517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
SHA512b7a9336ed3a424b5d4d59d9b20d0bbc33217207b584db6b758fddb9a70b99e7c8c9f8387ef318a6b2039e62f09a3a2592bf5c76d6947a6ea1d107b924d7461f4
-
Filesize
114B
MD56969ba0c46a7b17f47440c9666b4ca7b
SHA1e84e214426341370904c4a2d8380a2ca658f85d3
SHA256397c9c2bf81089fb1c9b29e9a6f6b227507d647d28a08ecda3d48e25fd59333e
SHA5125e2cd4ae498e9ee2b260225dd1529ded718014a761e9121ed01943b61fd275d6716eabc9c49580c137330be3e1f9164978216156c9b388ba1c22a949b97e53ae
-
Filesize
477B
MD5aebcf5debe6c1dbde0bc72de0bc42935
SHA191b5362246793c2639ff105fe971ad63ef3acc53
SHA256b7ce9eef7c171b6332a23a6d97f12dcb27849048bc8138f55532b811b92d00aa
SHA512e678a23a258f0f0a10afc0ee9f312cdbb9baf1de0827332646dc0089fafd556bb8a103968175b1e54b984f1b99d619debff6a124e770f35972d876d5aa6e349d
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
854B
MD5cf8c7cdb52dbd471d904fc7b277a23e1
SHA1cb79c4b8605aec19319ce3c69364e1b31b50b977
SHA256e1b932e1d268209bbc0886c29ed69a2d546fc685d8cbf00b339394a0310c315f
SHA51250b293591d32721ac29219463d464bb2867d35749ab949290cf01c3fe74bba65ddd4c87c3958d893926dd22a03565f99dacb9acb20975e41235cb6766f078c71
-
Filesize
10KB
MD5b593d0594fc2e98f60b0288475ba950b
SHA11c10ef393a2666d7640ca45e663321019a5675fb
SHA25649e287b4855336cc22b24d4f912538f43d226ddca9b322d769fb3ef0306d9411
SHA5127ba2ceeddfbc8efee39b6a5d9f81001cca3e07d6d6311ae16e0eff38fd395567fa3236aa7f7b59def32a5a7ed27d24cd852b3936d32bd05b467dbd1ed8dcd40b
-
Filesize
117B
MD5352a7c77ff41d272f8133cc21efd3326
SHA11581756f68cf9267fc211b5956ac08e5a7a9bbb8
SHA256763b69f43786a749445d4f59b9a0a799161f27b5bd7f2bf3288487cb1b909adf
SHA5126397c97a1cbd53c9d386aa3a78d73ec89b4ebafd1e07c089533d299b7d78fc430ca9d530cb99aab92a115d3f77877db90beef08a6d78370e51d9987ec8c3cd07