anubis | e73c05d3f9b2fb57d749eddbe03901c72886ebde5ac23a2a9f36c7f5966c86f0

Sharing

Copy URL

Twitter E-mail

General

Target

Anubis-7.0-Builder.zip
Size

50.1MB
Sample

231018-y191lacb86
MD5

c954380d78f9bd6efa522ec0b3a9d5dd
SHA1

3a48ef164e69e075c28508b511ea40ca38e4dcb6
SHA256

e73c05d3f9b2fb57d749eddbe03901c72886ebde5ac23a2a9f36c7f5966c86f0
SHA512

8a0d0ed829e99812a8f715f25f2fd7ca3c013a30563f9bd8fb389c4908d40bfa155cba0c3551998fe8c1eebfb4a6a5be74b1746d58d3278bac64488878a69d7a
SSDEEP

1572864:4zggOrU5DM2tBALPmxOjF5yuk9mEdqLVXpeOdUIgEa:4kgIU9M2tKLexOa9Hd85eOG/

Score

10^/10

anubis

Malware Config

Extracted

Family

anubis

http://192.168.0.104

Targets

- Target
  
  Anubis-7.0-Builder/BouncyCastle.Crypto.dll
- Size
  
  2.3MB
- MD5
  
  adde6711b8d4f52d6199a2736bf33cc9
- SHA1
  
  2270db04c9e329b9b2654cb081fbe8db766968e3
- SHA256
  
  4a291236c5017bfdfb30fad4c3db4d0614c362c4b53409c610b12d483d7b26e6
- SHA512
  
  52dbc04e56bea9ce78033df1cd6e036a1fdfe20336d7ec6cff4f3f25b6139612795caa8a7cd46145508c7c97ff8048b1da1b46f7610138af83e13e464d019c34
- SSDEEP
  
  49152:xZHQnpArNOBL8DIUTRUuyaJlGMt1hkOVsoukUb3:3rNOBwk6RU8l
Score

1^/10
behavioral1
- Target
  
  Anubis-7.0-Builder/Google.Protobuf.dll
- Size
  
  291KB
- MD5
  
  b24ebdecd6839e66c79da958e371765f
- SHA1
  
  a1a9bccc6e181d401649271b7f36bc05dedb7f32
- SHA256
  
  b6608721afec65fc5f6d130be15f7c38dc376899fbded42896c77911a89e8d13
- SHA512
  
  3b3ef40d25026da0076742e30cc2fe61e28f3be4c5861f78de0ed082f2c60749d05f5023c9f7c3fdcb98e4444f21055825fffca20e1df5cdd3c7b0a3b39238a6
- SSDEEP
  
  6144:exss6URXybyQW3QrjBHJ6JqVG7zbqqPy:ibMyVOTNw7
Score

1^/10
behavioral2
- Target
  
  Anubis-7.0-Builder/K4os.Compression.LZ4.Streams.dll
- Size
  
  17KB
- MD5
  
  a8446c4cfd2eaa49b056376b9460d931
- SHA1
  
  f6f53fd47508fd8bb2b5e8e091d307965e61b844
- SHA256
  
  3b809f22b10869a3f741ee3986adf6bb256a2c8b1fdeae957b09c6430095313c
- SHA512
  
  77f34ac82868713452d4d6b1eb605163f478a6666271c2e73f5a094acbcf1734b0864c831a9bf259b792fe25adc5be04141a28b5e8d9c9c3998f55134460d583
- SSDEEP
  
  384:Mc4lHeDZFGF3IKKqrTKKKKwdKKKKKq5o+s9dJM5Em+rCtAWo:Ql+3GF3IKKqrTKKKKwdKKKKKq5o+smEp
Score

1^/10
behavioral3
- Target
  
  Anubis-7.0-Builder/K4os.Compression.LZ4.dll
- Size
  
  39KB
- MD5
  
  1d21ff46f0849e4c07ea6989a1155055
- SHA1
  
  2fa2e55911694b40358e4403725709e9ee7c53b8
- SHA256
  
  99aabff56e621c0bc1d6d0781cc99c710013448ef2a4947aa702cc07c049c87f
- SHA512
  
  276c3e4dae8a20822a1198a50d8edf2a2acd33d7fa1391873424e9646b0aa9dc92ebb99fd27d53b81b226917b1db129bbaccffab4d8e9d75b952100565d8d22d
- SSDEEP
  
  768:b0qcqydv0Y4xEaHS7hLZkKJwAT6z8T3u8d7erO25NzY0Mmig16SXDy:gqcz8KQkLvJtT6g3Rd7erlF6SG
Score

1^/10
behavioral4
- Target
  
  Anubis-7.0-Builder/K4os.Hash.xxHash.dll
- Size
  
  12KB
- MD5
  
  d8d7f03fcdd83a624cae87934898c4e6
- SHA1
  
  007818d6c7b0b7334c70bc6ed160d05b8a64f609
- SHA256
  
  f5a64baeb074ee45741657d3b3defc560ce3b080e260c838f209279ca88ff82c
- SHA512
  
  084c5db87380860f386c9f65831eefadab622414d6a9a0d243cbd16e7c357cb17340976e0c6291130bfc7bd97a6ea1cd5ab5bfc569896c7a717b71de87e05f50
- SSDEEP
  
  192:4JBljPRg+UhziaScD8WgM7pAZtl4rfnBlThwqxv8gYVYAKcgWu:QljZ2juWgTflwfnXlwq5eVEWu
Score

1^/10
behavioral5
- Target
  
  Anubis-7.0-Builder/MySql.Data.dll
- Size
  
  1.6MB
- MD5
  
  fbef6cd73df425320a5c9c1398c83ebf
- SHA1
  
  5d140506522e9bbf2ecf1571bce6e3241d7e119d
- SHA256
  
  e4a15630567a039fea3952ba5deeb7a892cc7d9846abbad90bc8b2bc27fc0c58
- SHA512
  
  881501d3c03d3d435bf3b6c8c28efa48c12cc15c3dd720a4540a4775c196dada2b6e4aa806cfdf38b03ee582598978ba7c0ec6649cfa8339b3b74e6e2b12d7c1
- SSDEEP
  
  49152:NQ1atX6D7vhNCB1zhubakT7TP3x8/Wb9:NECX6/Tb/Hi
Score

1^/10
behavioral6
- Target
  
  Anubis-7.0-Builder/Newtonsoft.Json.dll
- Size
  
  4.0MB
- MD5
  
  d3b903eb14ab6431303d317d032b5996
- SHA1
  
  e7f9df4748e584b172ee7fad01a48ccaf2d9f375
- SHA256
  
  03f866479936317f16f479f846c6fb60bccfb954ee2d3fa07c5378fc28c03eac
- SHA512
  
  fe497fb5ed145e14b654b7a92b57faf3e46a58c9902a9627ea08fc7f2bafc25683c79267d63ab5421fc9741cdc4c0ca78fa0955341867db13386631b6e738458
- SSDEEP
  
  12288:3b0ZbEm26JrvYehtn2N1x+ggGZZRBqfBzjG:L0ZE6Z4Zb0fBzjG
Score

1^/10
behavioral7
- Target
  
  Anubis-7.0-Builder/Renci.SshNet.dll
- Size
  
  413KB
- MD5
  
  2fd9f99d4994d428e8bf93e9eb02ded6
- SHA1
  
  04fa05a8ad248cd5a151368454ae821e05fc9433
- SHA256
  
  f6315ed146438f7702033681043f8fe9690ed39a2abc9a192246424944a3a27a
- SHA512
  
  b5f551b9dc134a82f84b1b800e61854f8d79da44751b164b1836930fc9de1d1a4161e9b05ab69c46bb78fecf87e6708db4599864d6d4ab80a1b7226e2cedfc87
- SSDEEP
  
  6144:fz/9FXMZ9XUe2CrVGTAlHkNfO0XTG6kjNNgpOgC7F42U2sZZUQNPcc8DnsxU+/c0:RNgUaVGTAgfbS5wOFWSi
Score

1^/10
behavioral8
- Target
  
  Anubis-7.0-Builder/System.Buffers.dll
- Size
  
  27KB
- MD5
  
  775985a0b99bd5b2cf3d231a279660ce
- SHA1
  
  6344d49036f0675a7c3c4fe85a6884a52c05d3d1
- SHA256
  
  e0dfe400d224dbbe40f22f6c66b995ffc350f4105f57fb587d9c59e911d912be
- SHA512
  
  3b94d3f56a2b3c97cbbe8209efc692219fdff7d223dbe3faf0b23a47a39a8f1de0ae9105a496b34017ee02d8101d57df0e325c313c692bf1d66013fdca4c406f
- SSDEEP
  
  384:VO/fjRwUI/KxyVvK+6hG6ksWYYWmDRFm0GftpBjSraQHRN70fylDiK/:Vq1MjVlKwDnViwrL08D
Score

1^/10
behavioral9
- Target
  
  Anubis-7.0-Builder/System.Memory.dll
- Size
  
  137KB
- MD5
  
  6fb95a357a3f7e88ade5c1629e2801f8
- SHA1
  
  19bf79600b716523b5317b9a7b68760ae5d55741
- SHA256
  
  8e76318e8b06692abf7dab1169d27d15557f7f0a34d36af6463eff0fe21213c7
- SHA512
  
  293d8c709bc68d2c980a0df423741ce06d05ff757077e63986d34cb6459f9623a024d12ef35a280f50d3d516d98abe193213b9ca71bfde2a9fe8753b1a6de2f0
- SSDEEP
  
  3072:IUGrszKKLBFa9DvrJGeesIf3afNs2AldfI:jBFd3/aFs2
Score

1^/10
behavioral10
- Target
  
  Anubis-7.0-Builder/System.Numerics.Vectors.dll
- Size
  
  113KB
- MD5
  
  aaa2cbf14e06e9d3586d8a4ed455db33
- SHA1
  
  3d216458740ad5cb05bc5f7c3491cde44a1e5df0
- SHA256
  
  1d3ef8698281e7cf7371d1554afef5872b39f96c26da772210a33da041ba1183
- SHA512
  
  0b14a039ca67982794a2bb69974ef04a7fbee3686d7364f8f4db70ea6259d29640cbb83d5b544d92fa1d3676c7619cd580ff45671a2bb4753ed8b383597c6da8
- SSDEEP
  
  1536:nPOw0SUUKw+GbgjMV+fCY1UiiGZ6qetMXIAMZ2zstK/hV+sUwS:nWw0SUUKBM8aOUiiGw7qa9tK/bJS
Score

1^/10
behavioral11
- Target
  
  Anubis-7.0-Builder/System.Runtime.CompilerServices.Unsafe.dll
- Size
  
  22KB
- MD5
  
  3b50c8ed5651dc2e5255e3f9d25c824b
- SHA1
  
  83818760f5766488f4e917a03b22db9cf2afb161
- SHA256
  
  d5b5be62ebbeaeb2f92eeeef2fa48d87b2db33d041c609f3507ec34364305cc5
- SHA512
  
  377bcca8d76ae57a58252401afb2db8dee3784b1cff0355ba9d39ed8698de09caea645fbc6533c86d59ce69b7d88733380ff00a0cc74188badbeb27b2b0e2974
- SSDEEP
  
  384:0FLGOPdWW1YWxvmPrF0GftpBj9Ho7c4HRN7GElLg:0FLbfzG+ibI7BGp
Score

1^/10
behavioral12
- Target
  
  Anubis-7.0-Builder/Ubiety.Dns.Core.dll
- Size
  
  57KB
- MD5
  
  69e606497488d80336a8bf253c1732b8
- SHA1
  
  c784f75c470441ce3f0efdbd1e72c9c4edb80c58
- SHA256
  
  bdb96acd9124f79b24a7b47ac50c7ef86f4a4ce9a476cfb0d3a7443737874b89
- SHA512
  
  92de8ae653c1c7dcc3cbd663fcb8fab035bc9246b3eecaacfa88e72560f5c5b9df276a2dce8d33514c3c7370157ef72c2359753c6ca52f065ff4217d195703c1
- SSDEEP
  
  768:4W/dICFhNF5QQ+QoYYYYYhiYYYYYhI6WjWKPlO/Q2fUfrxXtxv1z9qeMirn:4WqCNF2Q+L6WjWKPYQ5xTlQeb
Score

1^/10
behavioral13
- Target
  
  Anubis-7.0-Builder/WH - Anubis 7.0 Builder Cracked.exe
- Size
  
  27.5MB
- MD5
  
  dc653a083846aad5f804caecca06a8ff
- SHA1
  
  33872e46d5b3b059134c67ccb6d0487d988784f2
- SHA256
  
  e634cd8bb70c73d441b6a6de301d4122942c825d13b5534fd5a5fead4665defe
- SHA512
  
  150c57cb6a068a281f8be93fac88b4d2d1e18ca87c243980be0c73b8b6b710ba25f8f4581194ad2e4e4697542106703969a2b6a3c3da06b019c56979a6fef063
- SSDEEP
  
  786432:Bf9UwcAh33U1XKfH9JweDyDr+OwDwkVsaeq:8SU1a9JjDmSfMssi
Score

1^/10
behavioral14
- Target
  
  Anubis-7.0-Builder/data/7z.exe
- Size
  
  574KB
- MD5
  
  42badc1d2f03a8b1e4875740d3d49336
- SHA1
  
  cee178da1fb05f99af7a3547093122893bd1eb46
- SHA256
  
  c136b1467d669a725478a6110ebaaab3cb88a3d389dfa688e06173c066b76fcf
- SHA512
  
  6bc519a7368ee6bd8c8f69f2d634dd18799b4ca31fbc284d2580ba625f3a88b6a52d2bc17bea0e75e63ca11c10356c47ee00c2c500294abcb5141424fc5dc71c
- SSDEEP
  
  12288:myyKdVnyNhXCV4EkP7AIfzNXZ0b5NrnkcAqIV0A1caRI:mKvyNhXCV4E8BXAfrnkcAqU0A
Score

1^/10
behavioral15
- Target
  
  Anubis-7.0-Builder/data/apksigner.jar
- Size
  
  430KB
- MD5
  
  c78ac512210b4739f4172329acd91728
- SHA1
  
  94345b9b7b483e642b5c5cdb4cc154f4f95c5f4f
- SHA256
  
  20f5a8a250403a96e87d89149a63dade1a8707014ee952704922a7769939be13
- SHA512
  
  800227a02fbd51039dfbd3039b76c41a00c756773ed9e24695f01718f5f1cdfdadc2876cf41c0fa82e18a3b37d66ec15b806c58441ad7f61c6bb5d8346342aa2
- SSDEEP
  
  12288:AZoQubj1nV6XjMYtEPGXhbYVk0NjrYCXu8nIMv:AOQuFsXj1y4huqCe8l
Score

1^/10
behavioral16
- Target
  
  Anubis-7.0-Builder/data/apktool.jar
- Size
  
  18.4MB
- MD5
  
  4958ad93cba461f084a47d5626e2d486
- SHA1
  
  b565ec52cff5b8a63c931f6fe7d20f327ad85b94
- SHA256
  
  b392d7cb99b592e9c5acc3c06f1b0f180edde96c66b86b3d6932b7c0c4079fe4
- SHA512
  
  40010672cca6df6d13763d371ede6c2b5d1a018242235fe727ca2aa561c6a92b99f08f97e4195ad76b13124521e24a49e450a653d78ad0bac693fb56e7d27b50
- SSDEEP
  
  393216:NJNnEHyJ7Hi74sGmM0evlgRdnEBwBKGl464GYkx+ZuUV++gKBcRP2r1R2htCzPGN:NJNEMG74eMVAmw0k4wYkxMfg8cROktE4
Score

1^/10
behavioral17
- Target
  
  Anubis-7.0-Builder/temp/Dstub.apk
- Size
  
  167KB
- MD5
  
  0873cde3656ccbe98d6f4b5f37ebeca1
- SHA1
  
  44bb39d7ec563bd9b436dadada4e057812779ede
- SHA256
  
  64ce0337d0e0dfffaee1be83bd374abf0fe78aca4a1fd92acbeb98ae3eccf4d8
- SHA512
  
  4feafcd158a130a7cd129ce003cf5155ece131f6fddbf51fd66d8a2cf51f4d0bae4354674631a46bb60ed8d3f42b94c8b2ce997f4c27efd007b2de21a2b5dfd1
- SSDEEP
  
  3072:zt5rtGu6GxcM5Y5FxCxMXMJghQN3K4XmBsHYa5raEnTWVZ+XxB:RltN6p6oxXMJghO3KXs4aVrTWVZ+Xn
Score

3^/10
behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18