Overview

overview

10

Static

static

6

d2cc71f889...11.apk

android-9-x86

10

d2cc71f889...11.apk

android-10-x64

1

d2cc71f889...11.apk

android-11-x64

10

Analysis

  • max time kernel
    179s
  • max time network
    192s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    20-08-2024 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d2cc71f8892b070b6505379b5a7e4fda802a701c8c36369fadbab995f4d5a811.apk

  • Size

    4.3MB

  • MD5

    792f4385bdfde90e59c7673b141439c2

  • SHA1

    685b47a9b0224c52f7a6f94b1576a3a55a59b93f

  • SHA256

    d2cc71f8892b070b6505379b5a7e4fda802a701c8c36369fadbab995f4d5a811

  • SHA512

    43673e059244ee872484556340d6e19608dd312965de6d98d5fb8c3d82b7ce2aa29090cd77529240c369386b80a13ea9c405a6bb0dcc3db8e0c75373144028f6

  • SSDEEP

    98304:gKE8ZJcovFzt3q2LnG2QRRaxSX0pV4DB+Q56XfSxrG7v:gcZ2aFzN5L2axMoF6hU

Score
10/10
anubisbankercollectioncredential_accessdiscoveryevasionexecutioninfostealerpersistencestealthtrojan

Malware Config

Extracted

Family

anubis

C2

https://google.com

Signatures

Processes

  • com.tencent.mm
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Makes use of the framework's Accessibility service
    • Queries account information for other applications stored on the device
    • Reads the contacts stored on the device.
    • Reads the content of the calendar entry data.
    • Reads the content of the call log.
    • Requests cell location
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Schedules tasks to execute at a specified time
    PID:4447

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

1
T1603

Persistence

Foreground Persistence

1
T1541

Scheduled Task/Job

1
T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

1
T1407

Execution Guardrails

1
T1627

Geofencing

1
T1627.001

Foreground Persistence

1
T1541

Hide Artifacts

1
T1628

Suppress Application Icon

1
T1628.001

Input Injection

1
T1516

Credential Access

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Discovery

Location Tracking

1
T1430

Software Discovery

1
T1418

Security Software Discovery

1
T1418.001

System Network Configuration Discovery

3
T1422

System Network Connections Discovery

2
T1421

Lateral Movement

Collection

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Location Tracking

1
T1430

Protected User Data

3
T1636

Calendar Entries

1
T1636.001

Call Log

1
T1636.002

Contact List

1
T1636.003

Screen Capture

1
T1513

Stored Application Data

1
T1409

Command and Control

Exfiltration

Impact

Input Injection

1
T1516

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.tencent.mm/app_mph_dex/classes.dex
    Filesize

    7.8MB

    MD5

    cf76aa9b507b66afe99c433f641b0fca

    SHA1

    87cc62d9eecd9fa93a9cc0cfa3517340ba83a6f9

    SHA256

    296ca795f754a9b936b7369767c6eb12e84533e62dc8c0d0d766f48c36bfff3f

    SHA512

    03ea7220a1e10d4e29fc65fe0100fa5db228a74b84280c0d3903e1b938a927161a46be11a5820e2cb742145f1fa941a2ba1113e24c586341c7a25c4a2dfa3dc5

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname
    Filesize

    32KB

    MD5

    1854505a3f6d683ed7eb81612934370c

    SHA1

    4f710add9a652d2fb92b7ce45589e27bf03f0b2a

    SHA256

    8100330a266f3027b929ea1bde99440ce4a544c9d9a0abb2ef0d1a73aa4cd9a4

    SHA512

    104a6e9c840b1fddd22ae579624a549c911abfbb48dc4454d3d231619c41a9abbf22f0dc5362a80c8c8245cc18566661f3645ac48c61259132886d4bf4678962

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    512B

    MD5

    74434270a8c8c12969c9a806c7ee55b3

    SHA1

    5e0c114a86395114f920cac3be854e0599d10c1c

    SHA256

    daa589d1895dd81e00255f4f27f138b97bdc9c8a63c91f8c3235bbfd60993472

    SHA512

    407cb410fe35160e0ba580afa0b56e00d275b411008cf08f6278d434f3f89fc558f50d60b8a70c135ef6ea37f30bef1d6b2a8f9d1a2f24c93ba55624059d32e8

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    f3e847c1b4c810760f6f62cc2ea1dd93

    SHA1

    0f14ec8a636f6913d770371046f7338c90940eb5

    SHA256

    547b15a4d972c29531ff0efec0a864295ad7bf54d387644eb5009b36a606d0b8

    SHA512

    9e75397f042929e7f06a368186ed2db93638c570e65de9181c45368b3d81cb4e83bb3f2842ef49e67ac084a0d6c46e5d29d6f66819dd181c8865ccc520ac5faf

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    ef2d047affff5729b1fe40254a75b01c

    SHA1

    72a516f838b977b81aeabdb3555864ad7bddec93

    SHA256

    76bb295e4e0131a9f3b986103bd59df1f4dc0cf64eb26f11930215eead38ff9d

    SHA512

    a2609c32be1578253c0d5bd5ce8203c8f66f707ec709217f2fe1d2136a35380281f295a4111df69c784d1c719650b7cdcf6ebe398efbad3856524d092594d536

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    2086abaeeb36874c405514ce49802036

    SHA1

    f8b35440644fd082c35216a85235394bcf99e9c2

    SHA256

    d66d73be810c35ddf84d1c36002fb1e868d19a5d0cf6deaaa6ca7e7be3b34d74

    SHA512

    b77eb96188b4b90620a2fa2683d93c112bd09a42392408bd51f0d24e955fd65bb6cb0f72445b0370d6733964f3211e14d93313d581b243819fdc4f62e986dbf8

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    eb79bf726a5df9ff09f0ebce738c9b09

    SHA1

    9b5a25e839bc0b2d1efdb9024c6dfaa66c11aa53

    SHA256

    9790f509d3969f1ba74f5b2816d782379916c69e7f0548b32191de029b012945

    SHA512

    093e5c7cddbf4897776e44a74e8c8af57c602560b6f13b0677f84984ed09cf692cb4ba6e2997942181eb0b35e45d803f343a12eeeb41c33df26ae9fccabe94cd

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db
    Filesize

    16KB

    MD5

    e2b5abbea2de8e7e99217e58767c1285

    SHA1

    922ed0c9e77a2ba732ad5e78b84fe70ce979039b

    SHA256

    6875663798507377caa8272c54f234c73ab11b3c8e35013411c069667de54843

    SHA512

    21741988d34aeda996e2cfb97d25a37da8b1eb1d9d6051d7152d945283b554b0da6a1cb962dfcf3a292b0b939e7d5ee1d5286853d947d555ce1ff503f14fa96e

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    2158a58002def76701d77580d395a665

    SHA1

    7f2264edd2bbf0dd048a05e43966850e85862c63

    SHA256

    b3fb8bedb656b733217784ed1c315a40480a962eebb77e1ac4b05a6d1cae8923

    SHA512

    d39abd5983b8fcb87185b20bbad16f4b54b4e00ce2448da94d39b1372a9a30451dd2958f6035364a61ce6dded6c6b768e0d780737ac5820ecd7262f7719360d4

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    407f4c4d824945e27c12834cb7ead5d4

    SHA1

    f5514301133bfd65dcfc877bf41d7775b181233c

    SHA256

    cb3db92582239ae8ce9e25a90e0afa0068aaeb16aea3a5096bce40919cdc30de

    SHA512

    62dccfd870132ecca00364fc93d035baf7b68de105a95b0d48c36fcc0dbd8409d0d8ae9efc60793ef6023a906e9952ac3c2ca08065e89a823bdeedcd343af2d4

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    512B

    MD5

    c71cbeb64dd1270ad81a510090dbc7e3

    SHA1

    b132346d00aed41847181a54cb2d650c1a50bc84

    SHA256

    6bb14d2f950d53235799bb2ec357a781384e82d510ed3571141a39e3589c5370

    SHA512

    67e55c8b7b9a61055a8575510b9cc3af8e0bf82bfee221f1315d2524ef58b0e034f51dfaf5be8fbed165dfd757b01a6e054e322c148669ca2e0773e6ef7e7d5a

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    37dddeb2778a3565291ef2d6812e9bdf

    SHA1

    af7b72c06523866b97a04e4982f14cec0e1c2378

    SHA256

    ef4b9cec32713e410c2379467b2d1f8922c628bdf69224eee33e1752df1b1bb4

    SHA512

    2dc4582421e7d358ddd5bda2ea4f1bfccd25889505b2302f34379ef9cee3d27aacf52977f9a2940afdc20f1dba05f253b14478dd9a315f7cd61dabf3ab5baec3

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    5b92582f90b94cdb28df0f2d79d5634c

    SHA1

    e90bdfa99432ccaf3f5f60b081488b95b42488e8

    SHA256

    e1f22cf172cbe2d0871de8a35fd15025860433322a5b3911ff8fae34e8119f88

    SHA512

    e1af192c5a38ae9d147df0664488b406daf12019df5e0e117a5a6cbf6fe40b1cd021f9ff548bf0092f996ba503b29274060de02d70d82483eb108e9b0b828737

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    59785c5f36e70b49a8f3763cea9e6512

    SHA1

    03aa38600373e471a994f5d4244268fe6327d2c4

    SHA256

    d9ec635579906bbf14417ccdf2f380920b27b39d80eb692d562c5e5735d2231c

    SHA512

    d2b537942383835d8c81d3d7bdf71a13cec541a09abac7cc7e8cabb23769ae36e4da3826f94d000b0b870b0e413280dc9618f1901eda24888f22ca8fa3f33ce7

    Download Submit

  • /data/user/0/com.tencent.mm/files/CallLogs.txt
    Filesize

    3B

    MD5

    58e0494c51d30eb3494f7c9198986bb9

    SHA1

    cd0d4cc32346750408f7d4f5e78ec9a6e5b79a0d

    SHA256

    37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

    SHA512

    b7a9336ed3a424b5d4d59d9b20d0bbc33217207b584db6b758fddb9a70b99e7c8c9f8387ef318a6b2039e62f09a3a2592bf5c76d6947a6ea1d107b924d7461f4

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    108B

    MD5

    697674bcef39e0e3e7d4e1b4cae0558b

    SHA1

    4afc10292df3ede972c3488e0e7906cbb60a983d

    SHA256

    0328aa290438caf486aabfd2b98ef64bbe29e560fd410c62517c3d622ff19b36

    SHA512

    6ed58ed1b9509abd33e2879c1f9fd95bd04d74da79bbbf20892ac12ee67d0ddc4ed06a970faaf1868d09fdb63c1fea0e144f8ee5e497e4f9fb27c1a16a56e144

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    108B

    MD5

    a477c14a7db2e6de36dce6ae25a66c7d

    SHA1

    5d12b4f36dcefb54c2f473b827cee7e5ca46a972

    SHA256

    bca7eaf5a3e9816b4885f56649119519a4a823b9f3bb59a570fa0b1371dcc6e2

    SHA512

    62067e822818499f5a8c9c754a2f263debfb54e56432affc10753e085784e2550edd242ed567840ef84722526b217780ac23413a019313a85cf3e12c42e2a79f

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    114B

    MD5

    ff16d0f2d2b861be2aaa4a08fc429a90

    SHA1

    a97078d6ab23493666489060819662da93787522

    SHA256

    55a18547e8b99e178ed4d8eae2abfdbc6b5d95e4539e09eeed2fa480064c5e80

    SHA512

    c302483d12430d22b78c609284de1d9f001bbb39d2ba9dd81f7286bcbf896ea0531a6974ad7899a529e0620e07e755eb9820b7cd137ed21b5714ebc06fa65284

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    108B

    MD5

    8eb0f0549cdc1169aa7c23b621e46ddd

    SHA1

    3891d3160b4a1db4c30bbd81d32709e0dd2eea61

    SHA256

    43012aa3bb9ae10217d9e7365c25597ad2e922dffc4a2bee750ec87ded58c935

    SHA512

    273656cb7c9ba86443da7745dd70b817a10b615401c956605fad3da0563ed9f15cc65481ea4a559fb77bb1dc097b4603f0a080b2ba87976eeb98de8a86498a57

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    114B

    MD5

    2410d35502972b2417a76fa7f6d85673

    SHA1

    2d98fe14b48b72283237694474c3b344b1a5aea2

    SHA256

    98c37959de9d86c2fb73f30ec2820d450cb2f506dfe1abc6ad9c744c9e29c721

    SHA512

    6d9d524af6c637b5a4dd4ba6cbe7615a3134434683dd6aba829ea0d31e57a49419f6a170819dd8c49be50e4f6df981e445ac648860c2a50d3439b3357c3a13e0

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    114B

    MD5

    93f20207e5743589ab461a3fde341e2f

    SHA1

    e740817d5cadbf80814adffb7c4af17f194074d5

    SHA256

    4fedc12ea473a730726aae795bd5a081e0f850e9a931ad666ad2e72cd5827de8

    SHA512

    768bda490c19848ba2a8c56ec73eb644fbcb0822349c4e5f0f5bbdb0a5dba5495bd85ef4afebbb676c0abb287a0d38ee0cd41b379f6d9b5e0b99af5f2cb9d975

    Download Submit

  • /data/user/0/com.tencent.mm/files/Tree.txt
    Filesize

    566B

    MD5

    72b8faca01120acf00010b75ce98c604

    SHA1

    0f3d33fd86dd3041a23bc6d33ce4548040915d82

    SHA256

    5da4a826d4310a805a2663467c663ad5cbedd15dd99570338b8b5355f048fae1

    SHA512

    6082c24459fede40ee3af3b8004ae9989fe50661d1b042d4788ea1bda4ea5a31e19f5933204fc9c518a2fbddc7746edf6608211ad045021c0af65c2ac0bb31c3

    Download Submit

  • /data/user/0/com.tencent.mm/files/accounts.txt
    Filesize

    2B

    MD5

    d751713988987e9331980363e24189ce

    SHA1

    97d170e1550eee4afc0af065b78cda302a97674c

    SHA256

    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

    SHA512

    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

    Download Submit

  • /data/user/0/com.tencent.mm/files/netinfo.txt
    Filesize

    854B

    MD5

    4cca0189c9c3a5134080ba6ff3f8e731

    SHA1

    f401dba4aa94af2835017a4e6b4dcffd2dad32a7

    SHA256

    dc0b8af0bf75888ab6fdc9ee8c29010895e84e6aedf245bdab4c755c01fe5b65

    SHA512

    cd4a2c56b017d094b067f4c72ddf9b79f5c23bf5294523208b4f05110ba15d2d47035a641df2089b51ca39915521947a6abde97933e3b63bd56aa3c08ae921f7

    Download Submit

  • /data/user/0/com.tencent.mm/files/netinfo.txt
    Filesize

    854B

    MD5

    d62740f029761bff46421ecdd942cc8b

    SHA1

    afd20c5328b64f5ae3af89936be5211fd43b7a1a

    SHA256

    fd76b3cdcb63d1c0e2b9ba5bd321d2773be5d97886d2db11cbf5de6b8f7ae7a2

    SHA512

    801530612afb928afe1beb48e29b5979c17c8cbda099bbc2c7ba6cfeae5b57e6f34b818953ddc635599429a34e395e7de21f80cad7d4447a4a48d50f34e6aca4

    Download Submit

  • /data/user/0/com.tencent.mm/files/pkinfo.txt
    Filesize

    10KB

    MD5

    df036b93426f886d1696210079b94938

    SHA1

    b593b3806d3d85257511959992013f6a4f543011

    SHA256

    6d9bb455edd9154e310a777aad0dde552ff995134e2321933a0365f9112c3912

    SHA512

    0d7eb6c0e5378a362a4bbebbc09f291080975c8ece8473d28c9cc9ec5b4a138f2fe19b09bc5d44cf17ec66a4f59dadb1de59ac8286cdc10a461e46491da01e29

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-08-20.txt
    Filesize

    12B

    MD5

    e48057c3603c907cacbe1568a7dbfc41

    SHA1

    6e100086b53e20e499a9be069aa1b452faf82ba3

    SHA256

    4b36685dbf772b2de007f4c98f824966f4f3a132075692d3d3d8f11e84e5468e

    SHA512

    787e1140832e8c308039f0287ee801c00040544d5241425b0c0c8e8dc19ecf3feefa50706723f7a21be209c13b24ab3dbe0691ec42118fdfe18611b13155fb9a

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-08-20.txt
    Filesize

    56B

    MD5

    5875f4fe2a4b68e19f5f6e071fd6fc6b

    SHA1

    fe1a887f8ef6066bc30970ee9c48e0846865b9b1

    SHA256

    4d36c3e00ee88cecd60d502af8fe1caf72cd0ca0cac7b4c61e88c78439c66377

    SHA512

    eaec72ffcfe83f33b0522bcba628c25495711812c940c8dc97b8a1b2f406478acfd1d0dd67ec6ad46511350a48816e1a7362e535e75d946c836c0e97f87bc19f

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-08-20.txt
    Filesize

    12B

    MD5

    a9256f55737b655c8cff95418411997c

    SHA1

    d81a4e85ecef3a4f08d50da9c75c49a3c64ffe24

    SHA256

    bad705c44807d12463fb587087c4e9eb24769d82981229ac8b74abc9b1a44412

    SHA512

    10d10a6498973ed65d47c74ba6d8831dad94213a5071353dc445de46e021689284fbbf4accf5ba1f97a0675a7652ec069ac70f38d63ba36b8595a8caf8d37574

    Download Submit