Overview

overview

10

Static

static

7

2f5c539d4e...a8.apk

android-9-x86

10

2f5c539d4e...a8.apk

android-10-x64

10

2f5c539d4e...a8.apk

android-11-x64

10

Analysis

  • max time kernel
    3546774s
  • max time network
    43s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    30-11-2022 17:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2f5c539d4e197adf26c95a66ed10d0eedf3d18c043cb94c30bdc0fb155737aa8.apk

  • Size

    304KB

  • MD5

    29b0c6eee1f3428100c474987b7f6686

  • SHA1

    8d95c434a77e5ea44dd65287a747f7119920dfa6

  • SHA256

    2f5c539d4e197adf26c95a66ed10d0eedf3d18c043cb94c30bdc0fb155737aa8

  • SHA512

    859428d7c8c62c2962c5e2b7d7a9eb91c26db3e3a2f3ab1da2667e2ff8caf2302e68814e5817f946c8d487781b2096de2ce18c126b7960d7ace8de81103e8f37

  • SSDEEP

    6144:Y5dAPsMcGSd2L1MKlTNWgCTdFOIaOvfTEzEsIU9a2YH14JwMPtevx5t:YPAPsM4dWiORWxdIDOvfmEsX9a5H14JW

Score
10/10
anubisbankerevasioninfostealertrojan

Malware Config

Signatures

  • Anubis banker

    Android banker that uses overlays.

    bankertrojaninfostealeranubis
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Acquires the wake lock. 1 IoCs
  • Requests enabling of the accessibility settings. 1 IoCs
  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
    evasion

Processes

  • anubis.bot.myapplication
    1⤵
    • Makes use of the framework's Accessibility service.
    • Acquires the wake lock.
    • Requests enabling of the accessibility settings.
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    PID:4000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads