anubis | 3f88a73cc371fabeb7373b908f1bf1a673ae318bfcbdb73ff5f625fb9d64a1a7 | Triage

Submit
Reports

Overview

overview

Static

static

6

3f88a73cc3...a7.apk

android-9-x86

3f88a73cc3...a7.apk

android-10-x64

3f88a73cc3...a7.apk

android-11-x64

Sharing

General

Target

3f88a73cc371fabeb7373b908f1bf1a673ae318bfcbdb73ff5f625fb9d64a1a7.bin
Size

442KB
Sample

240222-1x98asff3y
MD5

4103c004914e83e81daab5d02d5c6cdd
SHA1

6ee782e3a524d2cb16fef485da2ff96939dd1705
SHA256

3f88a73cc371fabeb7373b908f1bf1a673ae318bfcbdb73ff5f625fb9d64a1a7
SHA512

aaa0003600860ac9cf8e097e24ac85a455b21d588cd5119154f973e4f79ba1c3a5ac334d988c329b67ac32ea08ad2e7bb8850772671bc80d423e27b3fa9795f4
SSDEEP

6144:RTomipFaxl2ZkyY47C+uDHJFhZxok7KANesOQwT7gTnEJD0VilSIKexXSFuauAvm:RUmipFayvu+uDpnN1N6Q+DliFuauAvDq

Score

10^/10

anubis android banker collection evasion infostealer stealth trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

3f88a73cc371fabeb7373b908f1bf1a673ae318bfcbdb73ff5f625fb9d64a1a7.apk

Resource

android-x86-arm-20240221-en

anubis banker collection evasion infostealer stealth trojan

android-9-x86

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

3f88a73cc371fabeb7373b908f1bf1a673ae318bfcbdb73ff5f625fb9d64a1a7.apk

Resource

android-x64-20240221-en

anubis banker collection evasion infostealer stealth trojan

android-10-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

3f88a73cc371fabeb7373b908f1bf1a673ae318bfcbdb73ff5f625fb9d64a1a7.apk

Resource

android-x64-arm64-20240221-en

anubis banker collection evasion infostealer stealth trojan

android-11-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

anubis

C2

https://qzwrxetcryvtubynumnuybtvrcewsdcfv.com

Targets

- Target
  
  3f88a73cc371fabeb7373b908f1bf1a673ae318bfcbdb73ff5f625fb9d64a1a7.bin
- Size
  
  442KB
- MD5
  
  4103c004914e83e81daab5d02d5c6cdd
- SHA1
  
  6ee782e3a524d2cb16fef485da2ff96939dd1705
- SHA256
  
  3f88a73cc371fabeb7373b908f1bf1a673ae318bfcbdb73ff5f625fb9d64a1a7
- SHA512
  
  aaa0003600860ac9cf8e097e24ac85a455b21d588cd5119154f973e4f79ba1c3a5ac334d988c329b67ac32ea08ad2e7bb8850772671bc80d423e27b3fa9795f4
- SSDEEP
  
  6144:RTomipFaxl2ZkyY47C+uDHJFhZxok7KANesOQwT7gTnEJD0VilSIKexXSFuauAvm:RUmipFayvu+uDpnN1N6Q+DliFuauAvDq
Score

10^/10

anubis banker collection evasion infostealer stealth trojan
- Anubis banker
  Android banker that uses overlays.
  banker trojan infostealer anubis
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
  collection evasion
- Removes its main activity from the application launcher
  stealth trojan
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Requests enabling of the accessibility settings.
- Acquires the wake lock
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

anubisbankercollectionevasioninfostealerstealthtrojan

behavioral2

anubisbankercollectionevasioninfostealerstealthtrojan

behavioral3

anubisbankercollectionevasioninfostealerstealthtrojan

© 2018-2024

Terms | Privacy