Overview

overview

10

Static

static

6

52f0364495...58.apk

android-9-x86

10

52f0364495...58.apk

android-10-x64

1

52f0364495...58.apk

android-11-x64

10

Analysis

  • max time kernel
    179s
  • max time network
    189s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    07-08-2024 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    52f03644950eb5ec39f4fdcf7384dad0b84dc5dc75d4c225a6822a3b647c2a58.apk

  • Size

    4.3MB

  • MD5

    735cba76a1319715acdf7385a0186f64

  • SHA1

    e4cb87c15fe7070e3898b537916ab3b904e03d40

  • SHA256

    52f03644950eb5ec39f4fdcf7384dad0b84dc5dc75d4c225a6822a3b647c2a58

  • SHA512

    d70f33fdb3184ffecb3c1b0f090e20b5b275fded4efd4386454a8cfd94ed6d359f50301658f82bc0bd4eeecd3b15db0ddb4a5c3b91564993c001a0d66df33d69

  • SSDEEP

    98304:h9Eh3VRT6zJ+UUosOmFH+cRwY34wRrG7O:h+BUYFHgIBB

Score
10/10
anubisbankercollectioncredential_accessdiscoveryevasionexecutioninfostealerpersistencestealthtrojan

Malware Config

Extracted

Family

anubis

C2

https://google.com

Signatures

Processes

  • com.tencent.mm
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Makes use of the framework's Accessibility service
    • Queries account information for other applications stored on the device
    • Reads the contacts stored on the device.
    • Reads the content of the calendar entry data.
    • Reads the content of the call log.
    • Requests cell location
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Schedules tasks to execute at a specified time
    PID:4607

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

1
T1603

Persistence

Foreground Persistence

1
T1541

Scheduled Task/Job

1
T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

1
T1407

Execution Guardrails

1
T1627

Geofencing

1
T1627.001

Foreground Persistence

1
T1541

Hide Artifacts

1
T1628

Suppress Application Icon

1
T1628.001

Input Injection

1
T1516

Credential Access

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Discovery

Location Tracking

1
T1430

Software Discovery

1
T1418

Security Software Discovery

1
T1418.001

System Network Configuration Discovery

3
T1422

System Network Connections Discovery

2
T1421

Lateral Movement

Collection

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Location Tracking

1
T1430

Protected User Data

3
T1636

Calendar Entries

1
T1636.001

Call Log

1
T1636.002

Contact List

1
T1636.003

Screen Capture

1
T1513

Stored Application Data

1
T1409

Command and Control

Exfiltration

Impact

Input Injection

1
T1516

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.tencent.mm/app_mph_dex/classes.dex
    Filesize

    7.8MB

    MD5

    052892819885e86c1833e086f8aa97a6

    SHA1

    579d1f18ba1a0f6720e8afeb4edf9f489a46cd50

    SHA256

    707cf6199c00291766834e1535ec7e6676c62094dfde1905bb395bf5c6dcd3a6

    SHA512

    38bbd94641c974c38fed1ec82cedc9523ee8bc3fe8f90ababa2420a3902687bd01b91df579e82e9f47421302f888655018c7c9c0ae9f67f5e5442844d0482875

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname
    Filesize

    32KB

    MD5

    1854505a3f6d683ed7eb81612934370c

    SHA1

    4f710add9a652d2fb92b7ce45589e27bf03f0b2a

    SHA256

    8100330a266f3027b929ea1bde99440ce4a544c9d9a0abb2ef0d1a73aa4cd9a4

    SHA512

    104a6e9c840b1fddd22ae579624a549c911abfbb48dc4454d3d231619c41a9abbf22f0dc5362a80c8c8245cc18566661f3645ac48c61259132886d4bf4678962

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    512B

    MD5

    eaf2951fe0b084d6376d2ba049049ef3

    SHA1

    353038ae4e5d69e038280826ce68b9a2e30068d9

    SHA256

    e3fe4d669c725e4df6d262455c9ef0757a9712c07cb89da28f5ec468ed86cbe5

    SHA512

    05981af0ae2e7649e8c440785b7b87191d9c96b5d8d630f48aced90af669aa60b4961f62e9d989abc5ca5f32689689b220dbd4239c8ef7af0a658afff474d4c0

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    9e4a91713e02e93270427fdbd162cbd7

    SHA1

    ad8b209c43bc59aa6ca4a3ef09806f57cd46fa30

    SHA256

    6a09782846ce9f98be0149601633737b0548028645cdabf1e2a0e1d26991fac1

    SHA512

    611d089977cafc63ae38dcd439d96a57edadca37928e78b940565b5ae18c5fadbc8d0575ba8a78cff3be538081853086236767069b482cc2f470e750e8f33b44

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    be107c7194f8d06f4ca7c60030c80fd9

    SHA1

    1f9f19f5e0c30b2e6bb66061126a942718d43377

    SHA256

    39a29670830f1aef05e6a049821d9411ca40f552111bb87cc9fa0b4e2d392bff

    SHA512

    88a74ca7fc8be4dde9a4639004279825e9f9d8f19eeff5f1c7a788fefdb213e9591b4c145fd68d9e849edc70f914614f2de6c74750f1a520cb3286d8402fbbf2

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    b4e2141572c93a40138e9e5c37cc0493

    SHA1

    6cf75c7ada41d8dfd45c6d67181e8da1a9fb6f82

    SHA256

    3fc9017bea9c5953f3a6119b74a1996fb3e057e1e1c89fb572d493c65e0acee6

    SHA512

    487e2d6d7587f467f9ed3f66ee8a7ca31161ed8fc7c6f03e9f8d6f40072b6b540cc471a1e669db0232e792376c0c2021270f4d27de503ee4c5e00526df8f95be

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    d04a4a812ac3d8db0262a8fa61fc5e40

    SHA1

    026e73e8da258f9d53d4e4e01b231c79bbad6bc3

    SHA256

    3ac316341dbdad8101aae95c920854063ea0ed97c456deb92786267021866ac6

    SHA512

    d20015fc800edbf213a733a566da5ef374c5a9f5879bedc406c22d62e5d8828cfdde3da7cff383980c083f1d2981a28e1ed00ac0736af4f4ca8f85e59d92460d

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db
    Filesize

    16KB

    MD5

    319c97f4232c60919fc7b51aa3e5ae31

    SHA1

    27b2c541d394d39b27fbb845772ebad2353293f0

    SHA256

    1fd586034457645f8aedbd926242846a8f9b92fb8bb78fb1b63e0129c607509e

    SHA512

    63e9bc94dcee4fcbf81cbc35e7ca80f01dd652bbff0432789f6797a38b758709f00f707e1e77e0c6f4ddbe3dd92bff854b1f146ecfac5524d661c75bce317e3d

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    258ca330a580f0c0aec5e83810f46175

    SHA1

    adad3490537d72b36ab5a0c78e4500a0ca9565eb

    SHA256

    1b002946204868003db138cfaddadce57dbd4fcc72d12ab672d49444f04d9d00

    SHA512

    2ce19b79a7479c9a772ee0f1331735f81757dadcaaa87e4f2b3bf13a14093b31624253db58ae947749b279f9a75dad5665ed99fecdb0ce0e546d82e98cfb66b6

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    5e86973f9021aba7a0f9c6191274ba39

    SHA1

    11a05deec8b45f056f0027d521c1e24457fc7509

    SHA256

    e4ba64a09848c4cc1234707616a483fa1e634afaaceec4579186d9c357faa822

    SHA512

    517581e78539291476bdb0e032cb78ec6e5b2ca1f8a17fb7ba1096fb8b427f223bcf6eba076aa2e3a608dcd68de91b2a60156803a052896d4dcd2dfe0e24324e

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    512B

    MD5

    bd376a1a07abeadc5aaf7f5751cae7be

    SHA1

    1e9a136d8f19b9c5c1ecd9d1c1c94465f73c2e17

    SHA256

    6c7767b5f37cd87809bd51eca00c80e50f2b15f7c0e42267202b600691e02d06

    SHA512

    e823e6e54c9bf833e609d154bd0d52b8b252b05cd5834d3c20b09909d1e2fda143ab7774be2adac539a9d191e6c3b3c460766417251145419748bcf92f2eb1f3

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    62e6faf53a8a7d9ee31550fe68d086e2

    SHA1

    3aafe0997ed442f5b128c4ec183105ab3cff3d52

    SHA256

    7aadf1b2546e8046480dcb972ef25e2c12833529534ef0273405ffbe6ae119bb

    SHA512

    d38c71a5185e0052b2045d360c71e378b6d920e6e7f68550f296f67590b5a17483cbc262d7a22cf9049021d02930edd909bcaf534869c935a818974aad5b636b

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    1b85c18083b850151cc0ef4bbe401ad6

    SHA1

    e5bb24a4791a0e37c2c8fb85a8d77a3e8907881c

    SHA256

    a6cdf837b377651a905a4e8217459c5b8f763eaa5b3d4547af1aa5dc6384b7e4

    SHA512

    5486c1d824546dcb7e07e924bc3e4fafb8e5be38421ec4ffc823be8fc57005b7ab42442bf8a67ec2367333918501f24fd7dd8a6048824803936fa3246d885068

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    da6a4a2a238a976349b307655050a1b0

    SHA1

    155ea17d4a7b62cf8c88910854d594b73313172c

    SHA256

    4ef15a406e22a1bcfcba1857e72199dfaaf116a14b58da13a60fcdf899bd28cd

    SHA512

    e1532c40bd3388201d4c9dd76be59b2e4eb8f557281360cc407a1efcf6c73f49f1b4b251c94f07ab926e8cc8f8578da5e371863338950dbd45cf059920320760

    Download Submit

  • /data/user/0/com.tencent.mm/files/CallLogs.txt
    Filesize

    3B

    MD5

    58e0494c51d30eb3494f7c9198986bb9

    SHA1

    cd0d4cc32346750408f7d4f5e78ec9a6e5b79a0d

    SHA256

    37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

    SHA512

    b7a9336ed3a424b5d4d59d9b20d0bbc33217207b584db6b758fddb9a70b99e7c8c9f8387ef318a6b2039e62f09a3a2592bf5c76d6947a6ea1d107b924d7461f4

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    108B

    MD5

    fbb75b126c2baab55bbad45a7538e813

    SHA1

    ba42bb8c7fe929ea2c8f72132c0aa9e8c83c4766

    SHA256

    55fc41422115f0cfa453beceb7e605788bebaf479937752b40d0f545db4d24e6

    SHA512

    98121b33185c75e1dad8526cb220d5b777adf9e91e53800cec87ee78a9042874891eb355150a76bca847c577b2387c02c5f17ee080de0ca61c318589b511f9e2

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    108B

    MD5

    6945a7ec4a4f33ae77ad9d9a78b78228

    SHA1

    d41a729b8190cc5096b36cfed79ee88bf7e96c42

    SHA256

    ad36ca3c9b2eafaca1969e502c7c83fd05759eff2e3d51234ad5fa6720aa95a7

    SHA512

    4f5cf51e53f2120e70ce312790bd8f6d1528a2c83cb74ea01a338f5c94f8b83be3ee2a2f9948a81a794ea7ebb72bef391f6d5a501412ed775224c6f9252f9638

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    114B

    MD5

    330a0edf86c0c69e3e21740211581217

    SHA1

    13ef270b1c84f82482443ea24926e6c85e2570f3

    SHA256

    79a09290d493e506f4009941e0d69e3400abcff68ad8fda9a571b7d33cef0777

    SHA512

    7def9aa364c8257cad6f928f050441e5f88a4a37863924de8fe944d7acf7b758561fe37339205e9bda8ce012fac197f655503ad79698b9e725987fb0d728c664

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    108B

    MD5

    608dc3f076da04b0ef679029e6f75e00

    SHA1

    5fc56b1a32afc8025ec5660e8af1ac73a7f3898f

    SHA256

    e564357299f9deb311fd00b629446dd2610a4f8ad056a632d033e08c242bb418

    SHA512

    8e60b6e5d3febd31991d2d842978dfa16c420390b5b7ae59163b51d32b770018d12b53aef55fbc8d6d37467a01afe649098be4cbb156ed962c8d05a006bf269e

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    114B

    MD5

    faa3591a26ec27fb607cff5dd4d65d80

    SHA1

    5b6208d39056e3d6e13b4428b2a5d2c21a284097

    SHA256

    7bcac2804a65c68cd94ed4e1a93a64f1862e5749150651b4c9119ab84fcf24a3

    SHA512

    7ae38e944f3559399147656b4f66063b2eb979cfa2cc69e029ac5e912e93a7b0ac0f3ecc127f77a0551cc7c294e2ca51740de30821a28eb27355938fb0a1d521

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    114B

    MD5

    86ddb6ba1305d68a29683fb622ed20bf

    SHA1

    633ea52db4336f6efeecafce79b116ff8f6a2792

    SHA256

    041fb944e565f917e4771f1ce0499b29b45bdf3416d366eb5592bc0b551b68af

    SHA512

    c25c090cdb634c6379aac55e4f64380da7adc7a6dc2349365f3bdda2a5c3cd3403ec2ef30be5b1570aa7b851ffd7bd9f0a8101d77dca9023f1c1a5dca1be9916

    Download Submit

  • /data/user/0/com.tencent.mm/files/Tree.txt
    Filesize

    566B

    MD5

    4f676fc5a123627098c376e3402c9a1b

    SHA1

    eb0add03b8b60a5f3530af1cd4ce412158efddc6

    SHA256

    d5fc5d1ba55f896032dafc1dadfec8b4f6344df94f5e53bb25e5aa58334e093b

    SHA512

    80b0927360705fc2a5a053ac6da58c558e0b9d26882bcfa79b99ada6f6f1067562baa8ecb4db81d9f19212331cbc04e36e4e14a3286004ddb8b2cb4dc2c3689d

    Download Submit

  • /data/user/0/com.tencent.mm/files/accounts.txt
    Filesize

    2B

    MD5

    d751713988987e9331980363e24189ce

    SHA1

    97d170e1550eee4afc0af065b78cda302a97674c

    SHA256

    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

    SHA512

    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

    Download Submit

  • /data/user/0/com.tencent.mm/files/netinfo.txt
    Filesize

    854B

    MD5

    24b530d0c4a0eb9076501cd9871294bc

    SHA1

    0d95ff5ae6a289f9bbada0c3f270b60bf6bbad84

    SHA256

    551ab62d7e3014145f7a3ff7e3e49847da8c5097ace540d2e5d5a28c77429e21

    SHA512

    8d804b27e6e669b2a7336e272fb9e8b46b0aff36927e9ec780e69c3bf995ab6a04ff40a32cd68f0f5f18fb897079e1a2f7994343e2e431b1e1b5bf1dd0789e14

    Download Submit

  • /data/user/0/com.tencent.mm/files/netinfo.txt
    Filesize

    854B

    MD5

    0d2bdf46c905afd26c8ebec0652321bd

    SHA1

    a8906bf70683ae409387969cc8bf96761e8b5b3a

    SHA256

    6820a18f8acb787f75c1df86e73b3759263e4b17ac44a6155fa6e544291d9b86

    SHA512

    717b142b577fdeae8f54872964f86027f80644f1cff5d3de3d9818dc36ff33f13f89bd63ffb7a826ebf8273eea981bff36075732fdc00a91111720372af3704c

    Download Submit

  • /data/user/0/com.tencent.mm/files/pkinfo.txt
    Filesize

    10KB

    MD5

    df036b93426f886d1696210079b94938

    SHA1

    b593b3806d3d85257511959992013f6a4f543011

    SHA256

    6d9bb455edd9154e310a777aad0dde552ff995134e2321933a0365f9112c3912

    SHA512

    0d7eb6c0e5378a362a4bbebbc09f291080975c8ece8473d28c9cc9ec5b4a138f2fe19b09bc5d44cf17ec66a4f59dadb1de59ac8286cdc10a461e46491da01e29

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-08-07.txt
    Filesize

    12B

    MD5

    e48057c3603c907cacbe1568a7dbfc41

    SHA1

    6e100086b53e20e499a9be069aa1b452faf82ba3

    SHA256

    4b36685dbf772b2de007f4c98f824966f4f3a132075692d3d3d8f11e84e5468e

    SHA512

    787e1140832e8c308039f0287ee801c00040544d5241425b0c0c8e8dc19ecf3feefa50706723f7a21be209c13b24ab3dbe0691ec42118fdfe18611b13155fb9a

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-08-07.txt
    Filesize

    56B

    MD5

    5875f4fe2a4b68e19f5f6e071fd6fc6b

    SHA1

    fe1a887f8ef6066bc30970ee9c48e0846865b9b1

    SHA256

    4d36c3e00ee88cecd60d502af8fe1caf72cd0ca0cac7b4c61e88c78439c66377

    SHA512

    eaec72ffcfe83f33b0522bcba628c25495711812c940c8dc97b8a1b2f406478acfd1d0dd67ec6ad46511350a48816e1a7362e535e75d946c836c0e97f87bc19f

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-08-07.txt
    Filesize

    12B

    MD5

    a9256f55737b655c8cff95418411997c

    SHA1

    d81a4e85ecef3a4f08d50da9c75c49a3c64ffe24

    SHA256

    bad705c44807d12463fb587087c4e9eb24769d82981229ac8b74abc9b1a44412

    SHA512

    10d10a6498973ed65d47c74ba6d8831dad94213a5071353dc445de46e021689284fbbf4accf5ba1f97a0675a7652ec069ac70f38d63ba36b8595a8caf8d37574

    Download Submit