Overview

overview

10

Static

static

10

8cb941658e...5e.apk

android-9-x86

10

8cb941658e...5e.apk

android-10-x64

10

8cb941658e...5e.apk

android-11-x64

10

Analysis

  • max time kernel
    3248817s
  • max time network
    54s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    17-01-2023 22:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8cb941658ed8340b67a38a47162ab8850b89a14eee2899f0761fadd4f648fd5e.apk

  • Size

    213KB

  • MD5

    ba7b1ba0830e11da60dec1c90632515d

  • SHA1

    b0a38160d78f9d0799c646d9f21ab65afb917202

  • SHA256

    8cb941658ed8340b67a38a47162ab8850b89a14eee2899f0761fadd4f648fd5e

  • SHA512

    b53be16ce325c094dd6c1188605b8abc1fbb7c085a4cacd9f9649d9fd4143e70ae9c49a718747f46860e0c3899704a8bd379c104107ad565fa6df980ba00d420

  • SSDEEP

    3072:daC6U6a1PPE/387RpOnzy3fmhbGluwXK6boURb0gqJo0DK0z5StS:sB9a1PgMOnzhxGlZjb0n9DK00I

Score
10/10
anubisbankerevasioninfostealertrojan

Malware Config

Signatures

  • Anubis banker

    Android banker that uses overlays.

    bankertrojaninfostealeranubis
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Acquires the wake lock. 1 IoCs
  • Requests enabling of the accessibility settings. 1 IoCs
  • Reads information about phone network operator.
  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
    evasion

Processes

  • wocwvy.czyxoxmbauu.slsa
    1⤵
    • Makes use of the framework's Accessibility service.
    • Acquires the wake lock.
    • Requests enabling of the accessibility settings.
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    PID:4018

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads