Overview

overview

10

Static

static

10

61f9b09905...85.apk

android-9-x86

10

61f9b09905...85.apk

android-10-x64

10

61f9b09905...85.apk

android-11-x64

10

Analysis

  • max time kernel
    3529442s
  • max time network
    58s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220823-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
  • submitted
    30-11-2022 12:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    61f9b09905c02759518c50a662d7391297c24fecff9420ffd9a070497e9e1985.apk

  • Size

    204KB

  • MD5

    2e611c42b6a47f535bf832b054ada8d7

  • SHA1

    a68af79d9ad0ab0127ece438bccc20222e31b617

  • SHA256

    61f9b09905c02759518c50a662d7391297c24fecff9420ffd9a070497e9e1985

  • SHA512

    9ddcb3cb75d1314ce6d46bcfea297c609d4e38c99d50ebe83448cf75ecee5770d1e3ef12c0522a9665caec4fd6aa54f2de4e34a691e303790463f6a9bbf37777

  • SSDEEP

    6144:f003SDX3SDXCSDXgSDXySDXFXBPgGSbzGQ/3BjpIMcOgn:fsDSDzDlDjD1XdreGQ/JpIROgn

Score
10/10
anubisbankerevasioninfostealertrojan

Malware Config

Signatures

  • Anubis banker

    Android banker that uses overlays.

    bankertrojaninfostealeranubis
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Acquires the wake lock. 1 IoCs
  • Requests enabling of the accessibility settings. 1 IoCs
  • Reads information about phone network operator.
  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
    evasion

Processes

  • wocwvy.czyxoxmbauu.slsa
    1⤵
    • Makes use of the framework's Accessibility service.
    • Acquires the wake lock.
    • Requests enabling of the accessibility settings.
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    PID:4397

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads