anubis | 61f9b09905c02759518c50a662d7391297c24fecff9420ffd9a070497e9e1985 | Triage

Submit
Reports

Overview

overview

Static

static

61f9b09905...85.apk

android-9-x86

61f9b09905...85.apk

android-10-x64

61f9b09905...85.apk

android-11-x64

Sharing

General

Target

61f9b09905c02759518c50a662d7391297c24fecff9420ffd9a070497e9e1985
Size

204KB
Sample

221130-p4qaxsef71
MD5

2e611c42b6a47f535bf832b054ada8d7
SHA1

a68af79d9ad0ab0127ece438bccc20222e31b617
SHA256

61f9b09905c02759518c50a662d7391297c24fecff9420ffd9a070497e9e1985
SHA512

9ddcb3cb75d1314ce6d46bcfea297c609d4e38c99d50ebe83448cf75ecee5770d1e3ef12c0522a9665caec4fd6aa54f2de4e34a691e303790463f6a9bbf37777
SSDEEP

6144:f003SDX3SDXCSDXgSDXySDXFXBPgGSbzGQ/3BjpIMcOgn:fsDSDzDlDjD1XdreGQ/JpIROgn

Score

10^/10

anubis android banker evasion infostealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

61f9b09905c02759518c50a662d7391297c24fecff9420ffd9a070497e9e1985.apk

Resource

android-x86-arm-20220823-en

anubis banker evasion infostealer trojan

android-9-x86

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

61f9b09905c02759518c50a662d7391297c24fecff9420ffd9a070497e9e1985.apk

Resource

android-x64-20220823-en

anubis banker infostealer trojan

android-10-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

61f9b09905c02759518c50a662d7391297c24fecff9420ffd9a070497e9e1985.apk

Resource

android-x64-arm64-20220823-en

anubis banker evasion infostealer trojan

android-11-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

anubis

C2

http://doc-office.xyz/_4nbp

Targets

- Target
  
  61f9b09905c02759518c50a662d7391297c24fecff9420ffd9a070497e9e1985
- Size
  
  204KB
- MD5
  
  2e611c42b6a47f535bf832b054ada8d7
- SHA1
  
  a68af79d9ad0ab0127ece438bccc20222e31b617
- SHA256
  
  61f9b09905c02759518c50a662d7391297c24fecff9420ffd9a070497e9e1985
- SHA512
  
  9ddcb3cb75d1314ce6d46bcfea297c609d4e38c99d50ebe83448cf75ecee5770d1e3ef12c0522a9665caec4fd6aa54f2de4e34a691e303790463f6a9bbf37777
- SSDEEP
  
  6144:f003SDX3SDXCSDXgSDXySDXFXBPgGSbzGQ/3BjpIMcOgn:fsDSDzDlDjD1XdreGQ/JpIROgn
Score

10^/10

anubis banker evasion infostealer trojan
- Anubis banker
  Android banker that uses overlays.
  banker trojan infostealer anubis
- Makes use of the framework's Accessibility service.
- Acquires the wake lock.
- Requests enabling of the accessibility settings.
- Reads information about phone network operator.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

anubisbankerevasioninfostealertrojan

behavioral2

anubisbankerinfostealertrojan

behavioral3

anubisbankerevasioninfostealertrojan

© 2018-2024

Terms | Privacy