wocwvy.czyxoxmbauu.slsa.ncec.myvbo
android.intent.action.MAIN
wocwvy.czyxoxmbauu.slsa.opzsdswiddt
android.intent.action.SEND
android.intent.action.SENDTO
General
-
Target
9ae165e1898e2ec65bc00e93bb661841
-
Size
275KB
-
MD5
9ae165e1898e2ec65bc00e93bb661841
-
SHA1
de1dc24dfee99d7a47a85a4d8eec3bae5d54ccdf
-
SHA256
6dce1166816902c341774611eab3c7b3ace9df9c9e9f12fb5dc8516123e4c8a3
-
SHA512
889248e794e9baef82a774cf1040fa8dc4d64f79124fd15764506147303f916cda842840e3fd94c22d27d83ed37485d31e85ca092c9e1ff00a73456e7c4d3eb0
-
SSDEEP
6144:f00INxN+NYN+NONmN3s2WEL3bYV6GqHaDMz:fVNPWhu4Mz
Score
10/10
Malware Config
Extracted
Family
anubis
C2
http://anubis.darinkalovee.had.su
Signatures
-
Anubis family
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 12 IoCs
Files
-
9ae165e1898e2ec65bc00e93bb661841
wocwvy.czyxoxmbauu.slsa
wocwvy.czyxoxmbauu.slsa.ncec.myvbo
Android Permissions
9ae165e1898e2ec65bc00e93bb661841
Permissions
android.permission.ACCESS_FINE_LOCATION
android.permission.GET_TASKS
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.PACKAGE_USAGE_STATS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_NETWORK_STATE
android.permission.CALL_PHONE
android.permission.INTERNET
android.permission.SEND_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.RECORD_AUDIO
android.permission.READ_CONTACTS
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS