Overview

overview

10

Static

static

6

5a5dc0af9f...3a.apk

android-9-x86

10

5a5dc0af9f...3a.apk

android-10-x64

1

5a5dc0af9f...3a.apk

android-11-x64

10

Analysis

  • max time kernel
    179s
  • max time network
    187s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    06-08-2024 22:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5a5dc0af9f9312675e6274234a2b9e63b84230b6f0038a18fd236b48ef1fb63a.apk

  • Size

    4.3MB

  • MD5

    3a5fe8094209f0245c108b22bdc355c7

  • SHA1

    5f173c587bf3b9dc31718237e0b20a653bc605a7

  • SHA256

    5a5dc0af9f9312675e6274234a2b9e63b84230b6f0038a18fd236b48ef1fb63a

  • SHA512

    9d8c75f3ae44dd9c2f321114285aa9691aca237a71a43aa5c02ae7e1f0caaf2b9b9f7c592042e1b8e61b40b1fcabf9ec4ac354fc97a8e75b399a8a0bc43af86d

  • SSDEEP

    98304:J1EXdbqc96480w72bD2mrUxDELEz9lR9FLNBRhfrG7J:J8+261f9SUxcEt9FLNBz+

Score
10/10
anubisbankercollectioncredential_accessdiscoveryevasionexecutioninfostealerpersistencestealthtrojan

Malware Config

Extracted

Family

anubis

C2

https://google.com

Signatures

Processes

  • com.tencent.mm
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Makes use of the framework's Accessibility service
    • Queries account information for other applications stored on the device
    • Reads the contacts stored on the device.
    • Reads the content of the calendar entry data.
    • Reads the content of the call log.
    • Requests cell location
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Schedules tasks to execute at a specified time
    PID:4508

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

1
T1603

Persistence

Foreground Persistence

1
T1541

Scheduled Task/Job

1
T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

1
T1407

Execution Guardrails

1
T1627

Geofencing

1
T1627.001

Foreground Persistence

1
T1541

Hide Artifacts

1
T1628

Suppress Application Icon

1
T1628.001

Input Injection

1
T1516

Credential Access

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Discovery

Location Tracking

1
T1430

Software Discovery

1
T1418

Security Software Discovery

1
T1418.001

System Network Configuration Discovery

3
T1422

System Network Connections Discovery

2
T1421

Lateral Movement

Collection

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Location Tracking

1
T1430

Protected User Data

3
T1636

Calendar Entries

1
T1636.001

Call Log

1
T1636.002

Contact List

1
T1636.003

Screen Capture

1
T1513

Stored Application Data

1
T1409

Command and Control

Exfiltration

Impact

Input Injection

1
T1516

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.tencent.mm/app_mph_dex/classes.dex
    Filesize

    7.8MB

    MD5

    f8139cd0fe2c145552a513fb07bc0fca

    SHA1

    c59a997f9f3551ec1e24fa804a12e64f032a66a2

    SHA256

    33faf000c66badfd5f98cc26e49589b7d2908754c0c9bd48ac2bf6b5818831a7

    SHA512

    face134d5f12f101b4cdb5ef9b37750aebc17fd619c48aa220b10cb6987fe187f6e60d1489effafbb37257b16737be3c41bf2417e9bc64b23aa0802395a13e39

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname
    Filesize

    32KB

    MD5

    1854505a3f6d683ed7eb81612934370c

    SHA1

    4f710add9a652d2fb92b7ce45589e27bf03f0b2a

    SHA256

    8100330a266f3027b929ea1bde99440ce4a544c9d9a0abb2ef0d1a73aa4cd9a4

    SHA512

    104a6e9c840b1fddd22ae579624a549c911abfbb48dc4454d3d231619c41a9abbf22f0dc5362a80c8c8245cc18566661f3645ac48c61259132886d4bf4678962

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    512B

    MD5

    8aa2f05d977718fa502242ef61322737

    SHA1

    9af1cdbd327531c810d9533c2c65d111f8666ad7

    SHA256

    d8acd036be70219e7c7a86f02a32b7b77a6e78ddb2c9d899d1fc18ab5b4d24c2

    SHA512

    fc90c007d1e0366a252961b07f249d9b5066517443301cf751438671d38b261f6c03e588fa9ad4a72e51d15dc5b8e60d9796bf41e8d5656a583e0e5873ed5e2c

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    d50f6f62cd67136fd1b1b43c02dfc918

    SHA1

    e35ac7acda083f0dbfd469e3b91fb48e59300de4

    SHA256

    ed7deb64a51b36bbbbb2d06951a4f409541d48f566295651df427721460384a4

    SHA512

    a8d89b4c10372adfd05c1bd5b9cbcbbb3c98fe1cfbad86c5da5c47adb3b4f93912a8a823b630dc476e31e008d5416c8456a73ab76bbfdb6586913ab34d25832c

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    e09180f8b3d0e8e8240013a17116f82a

    SHA1

    dae60246cfc867be02393754c34e2722adf0c108

    SHA256

    90c24fd492a56414f2a077abf102756ab00f025636d04dd5c395c8522e6b3ae3

    SHA512

    85763e38db14929acd541257f7ad281e059c4f6e62b17fd51e57ff58b0c8fc9b11b0702da18aca19eb5fc7c19d5cea532ac945e34523c56903040e05a2a789e6

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    9387ce44feb4f5054843348b467d6ed5

    SHA1

    2e2aba0477d83d5eb5179571c4546da7ec2da481

    SHA256

    bc8ff331f376e6a6d2735471493d39159021eac65c33e66849c592699f36fc12

    SHA512

    f36448d2ae87582a73a4adcbf994c6f45bc76de74524cb0be7aad19c437be66c1ccd69d847980ff429cb887ec0c79aea7160a432a0e24294a5a6bddbc3d4b55e

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    96161b5fa256ab47158252d50ea34f02

    SHA1

    c7913abab4fe787536157d4c12be48a426cf3a01

    SHA256

    0e3e5fb41cfee6270952c9dd49646bec5f552573aaf2ab9617288b23358db904

    SHA512

    5d2d85436c259cf4564c890c218c763135301f5da075d9953824a7162ac67f28eb7481668317373ae69fa04387346a83696f0286e756e6254421aa42ab794535

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db
    Filesize

    16KB

    MD5

    ef18dac1e844188804e516d31b4496b0

    SHA1

    094f1f532a3b591fd4a5295eb891c28c45b143c1

    SHA256

    4e6f926f9e9a31256b6b14b0a7d2c698559e353d383ecd108600bcd4d0de5119

    SHA512

    85f5a7d84546bd2dd18f9f3f32d2d13c5be2e4496d0f365052486e8ac4cdca2c547df31e2a7f313763ae491fcac99bfa5f9b02cc5b57147b79a40cf0381e0f63

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    ffe18465370522b19b38d36ec6303d3b

    SHA1

    0c0c319c3fe65625025c318607326efb1080a3ef

    SHA256

    bd033a6d4808d08bc9bc6aeada35f95e2819162164bfeaf3529ec1a7e7e489b4

    SHA512

    d79ab8b56fdf318b2f9c95e944bb2a7efcf753a83534a8b373620038b42351ad4a7726094b0a66b6ffc212dab9a6a0702e934b9dfdc4c2802d2cd209347dee51

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    7c8cd6c86feaccb8aa81f5ca324d4337

    SHA1

    a3f40b8ada9d1c16e4f51175f4654aed1b59ef45

    SHA256

    a5b60c2cf526b4966d6195de7c4e15b61afbf1a38d8d82367dd224032e044157

    SHA512

    9ae281d87d9a8db3168892dcda000aa2e6d17f0f546ccb06dcc208aa2209ca6975dfa190684c3b1190276bcd201794023b56c3bef5a8f1b0ea3647498f63d120

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    512B

    MD5

    1abb8910e94528858cfb761151934bc2

    SHA1

    40f7de4cc33adaed736291eba4540f7876180850

    SHA256

    d6db0244773db5ed3071aaa065184966b5c6779656a324b9349f335a194315bf

    SHA512

    71b52ac98884424ebed9ee1b36bcfe824c92bf3614f053c238f8b4dc41ec92b5762aaf4d3ec67928b824ba0da59cba9da5c5d5bcb6a2e46324b4960892dc95a5

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    4635b21aed254487610f39923726b6f1

    SHA1

    d558f8271b911da18b886b1d2dff73c980b398be

    SHA256

    71a5f423a565e9de2f9261dd0290d948980cf51062ac628bd18126ba55e42dc4

    SHA512

    7bfdb7996c6d7c032c5a518297aab61099ea75e9142e7de1a835f62c6c939be1153fb0eab4ffc9ecf5a5311d33b4cd733aab95441fa2f369f4dd4df09d7746d9

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    f3bb2d6f2b85e1dc2f588b2cb4b4660a

    SHA1

    c2c35d939875ff6c7a1a41415269a022eae34285

    SHA256

    2f85ba18f39f6cc30291a6ca15365750024da46d364710dbb4ddf7066d93397c

    SHA512

    61d9ed69db65d7bc79014b2848448a1eebc42701055aea8124ae3cc4d826cdc9cf6674bca4f133379aefdcc3c535b47483bc76c6ab61945d00e9e07360ec79fe

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    bf1ad06e7b7ee80931ca9dd8e20dc934

    SHA1

    e4d07725e2e294b14c1dd11a7ef3eacdea2bc206

    SHA256

    a170062cf751a190b60d8b06c970382f937eb66213e298295e0b4c5da389efee

    SHA512

    4ef7fe5d9d6dc3437ec72913ebccca68664507b4362e627e71eec2168f3893f852d79ed0f5745e91a4a34db486e77f5a895679c57a25891d9273b43b8cb1cca2

    Download Submit

  • /data/user/0/com.tencent.mm/files/CallLogs.txt
    Filesize

    3B

    MD5

    58e0494c51d30eb3494f7c9198986bb9

    SHA1

    cd0d4cc32346750408f7d4f5e78ec9a6e5b79a0d

    SHA256

    37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

    SHA512

    b7a9336ed3a424b5d4d59d9b20d0bbc33217207b584db6b758fddb9a70b99e7c8c9f8387ef318a6b2039e62f09a3a2592bf5c76d6947a6ea1d107b924d7461f4

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    108B

    MD5

    0dd2b508096bd5c9a1d8d3bc6b9299bd

    SHA1

    304483a10a95a5c78fb792255d192f6bc5b0e4cd

    SHA256

    0ac4ebfe55505fabb69c61517ee19aa03c4dd106755e89e0d98d5c195a760fec

    SHA512

    69bd317ae8c07779b4cf9660ddcb4b8d7bcaf9def3c908a4730162c490d1aef6b0643bf5ba4e000a4414eb635c64bb838744307ef64674e1c1d53159c42ffc10

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    108B

    MD5

    1936835b08137872f71b6a16ada8f72a

    SHA1

    dea2104c8039ff3cb7f6650bf76d0770eca7e7c4

    SHA256

    bde551ce1b023e52bd8bad7e8dcde923a39740e57d35c28be6b5f2bdacf28e4c

    SHA512

    cb16861f0898235d8604248544fb5004384bf016f14db2a592290069ec6c90956eaff89babb2caca8e35a2fa94d2a1eb4050f2253ba3c6d6dd7cf3a394a2f12f

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    114B

    MD5

    bc7e7117015a9586a7cdeeeb726c7ef0

    SHA1

    6e3ccc1c7a07b7530bd3bfccf2c69e6f856106d3

    SHA256

    1ab2feac460b72ac123318b430a73b69f7a33788419138c5ffa7a197d8a244eb

    SHA512

    3496e9b2e0677d77d73a692c0b0b99788e1c8a80f043ba5b5bdb19d678d872cb060b8568239c73b8c84e501746a9a6e2e83277a51f81bd4230deab458fc79e57

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    108B

    MD5

    11e25ed20b6b726bde428d3355164c32

    SHA1

    3b0e34b6576d036a9ff9ebe380039851447c7a26

    SHA256

    c9fca9d1b78b6c6e801972c5c400870db240701477c313ccd06f8cef4c16bc6e

    SHA512

    958035a0df7a98e18b909216e4d98f194d8c30686bd2216f8227baa087aeb2dbdb9958d853a03a4b1683e75dc83053ed1973b2e4962d74668b03ad1e23537e91

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    114B

    MD5

    25fae719490a9014ac36b65af1217749

    SHA1

    ff6aeaf02a38fdb548e14f63cc990fb790b6260b

    SHA256

    8586ce64aa6f5e822a858fdbfc66a9326856301e8014afbf62d993bf31d6fb42

    SHA512

    c5bdead46237d13b5b88856884d1f9faaf81768737f67e3490ec302b5769eb6f6526d2bf9b57e90877271147b9993b4b6780a898e2fb50f97a7e009b5f504566

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    114B

    MD5

    ff7e682dc5de109dd2eb9ed412f2fe68

    SHA1

    62aebffc542f5900dbce11c2678afa37fcdfb240

    SHA256

    b5f20fc596b8bf30f3d9b9a770ed863feb7f81e46822696fdd0aac859765290d

    SHA512

    9ba1ec3cd49665b22caa5938a0f46c82b24508be66f888ce4de09a226bae7fb58c9ce086c47555ea9328d908342ab1fb0b870ba2f6a8a08fd1b6e4b5a1700f73

    Download Submit

  • /data/user/0/com.tencent.mm/files/Tree.txt
    Filesize

    566B

    MD5

    e0b8ce99c08a6bd9892766a7b285f9b8

    SHA1

    a396b9c4f5858329187b200cbf3b7d2ed494b51b

    SHA256

    78398859251a3b3e28fa6224f716d39c2ae4ba66166c99c56d5632846aabef2a

    SHA512

    897b8acd4aeecf58dbd9d1357a85500c7fcce8ab494dd1d80ab72bd77577e9af0ed63549d6fbca6d511da935b7f646d019ba8a364156d56f8b54cd361c973b97

    Download Submit

  • /data/user/0/com.tencent.mm/files/accounts.txt
    Filesize

    2B

    MD5

    d751713988987e9331980363e24189ce

    SHA1

    97d170e1550eee4afc0af065b78cda302a97674c

    SHA256

    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

    SHA512

    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

    Download Submit

  • /data/user/0/com.tencent.mm/files/netinfo.txt
    Filesize

    854B

    MD5

    8866e6ee42b1b49600874c015c7e0e75

    SHA1

    792dd0c515ff004c2479fc64c96b13660f586e77

    SHA256

    9d97b02b3f090c13c2ff4e46bf3ea0d8a1a9fe97e6fda180b9e7bccb3186d8e8

    SHA512

    b9c9516341d5730a875ae48c7a4b994dafc22451998df8082f80fec8e208e43dea337c85226b08a0af4c9d969ef39d2d9115a275ad397f291824f61d216534dd

    Download Submit

  • /data/user/0/com.tencent.mm/files/netinfo.txt
    Filesize

    854B

    MD5

    afb920b162cb30a3a326ba1814e21847

    SHA1

    9da6ae5bf799b35c0521ad13493793489d113c6a

    SHA256

    336b70268e7e358ae2a5f54cdd952f4305f735cd755860e76603b6160eb0ad0f

    SHA512

    0493143381af0d151296e29958adb5d4d75868c1be3d66185e3087b3ead6d0bd83816a1d05cfae43addc739a132e5b44849df132eb97e35e463788c7367bd126

    Download Submit

  • /data/user/0/com.tencent.mm/files/pkinfo.txt
    Filesize

    10KB

    MD5

    df036b93426f886d1696210079b94938

    SHA1

    b593b3806d3d85257511959992013f6a4f543011

    SHA256

    6d9bb455edd9154e310a777aad0dde552ff995134e2321933a0365f9112c3912

    SHA512

    0d7eb6c0e5378a362a4bbebbc09f291080975c8ece8473d28c9cc9ec5b4a138f2fe19b09bc5d44cf17ec66a4f59dadb1de59ac8286cdc10a461e46491da01e29

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-08-06.txt
    Filesize

    12B

    MD5

    e48057c3603c907cacbe1568a7dbfc41

    SHA1

    6e100086b53e20e499a9be069aa1b452faf82ba3

    SHA256

    4b36685dbf772b2de007f4c98f824966f4f3a132075692d3d3d8f11e84e5468e

    SHA512

    787e1140832e8c308039f0287ee801c00040544d5241425b0c0c8e8dc19ecf3feefa50706723f7a21be209c13b24ab3dbe0691ec42118fdfe18611b13155fb9a

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-08-06.txt
    Filesize

    56B

    MD5

    5875f4fe2a4b68e19f5f6e071fd6fc6b

    SHA1

    fe1a887f8ef6066bc30970ee9c48e0846865b9b1

    SHA256

    4d36c3e00ee88cecd60d502af8fe1caf72cd0ca0cac7b4c61e88c78439c66377

    SHA512

    eaec72ffcfe83f33b0522bcba628c25495711812c940c8dc97b8a1b2f406478acfd1d0dd67ec6ad46511350a48816e1a7362e535e75d946c836c0e97f87bc19f

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-08-06.txt
    Filesize

    12B

    MD5

    a9256f55737b655c8cff95418411997c

    SHA1

    d81a4e85ecef3a4f08d50da9c75c49a3c64ffe24

    SHA256

    bad705c44807d12463fb587087c4e9eb24769d82981229ac8b74abc9b1a44412

    SHA512

    10d10a6498973ed65d47c74ba6d8831dad94213a5071353dc445de46e021689284fbbf4accf5ba1f97a0675a7652ec069ac70f38d63ba36b8595a8caf8d37574

    Download Submit