Overview

overview

10

Static

static

6

0e79e23927...55.apk

android-9-x86

10

0e79e23927...55.apk

android-10-x64

1

0e79e23927...55.apk

android-11-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    159s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    02-09-2024 22:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0e79e23927bd675d2e878237f2d82032fe15e0e53418239d207aaef489819455.apk

  • Size

    4.3MB

  • MD5

    3c9fd2fe7cfacfb798faeeb28a504657

  • SHA1

    3a270ec00a4cf1492cbb5ccc7b4e5d51c0d6b327

  • SHA256

    0e79e23927bd675d2e878237f2d82032fe15e0e53418239d207aaef489819455

  • SHA512

    8c956afb08e397a010a6626882f252ed451b8fc587b2d59525899677f30c646edabc34f2785763d9f3061be07953a4129c0bad6972c8fd20891bf4ee25e4af44

  • SSDEEP

    98304:KDbUwE0hl6O9UShq4P4PA/FOTBPG8578ndkG:sUkl9USpPdFOTBPMH

Score
10/10
anubisbankercollectioncredential_accessdiscoveryevasionexecutioninfostealerpersistencestealthtrojan

Malware Config

Extracted

Family

anubis

C2

https://google.com

Signatures

Processes

  • com.tencent.mm
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Makes use of the framework's Accessibility service
    • Queries account information for other applications stored on the device
    • Reads the contacts stored on the device.
    • Reads the content of the calendar entry data.
    • Reads the content of the call log.
    • Requests cell location
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Schedules tasks to execute at a specified time
    PID:4487

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

1
T1603

Persistence

Foreground Persistence

1
T1541

Scheduled Task/Job

1
T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

1
T1407

Execution Guardrails

1
T1627

Geofencing

1
T1627.001

Foreground Persistence

1
T1541

Hide Artifacts

1
T1628

Suppress Application Icon

1
T1628.001

Input Injection

1
T1516

Credential Access

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Discovery

Location Tracking

1
T1430

Software Discovery

1
T1418

Security Software Discovery

1
T1418.001

System Network Configuration Discovery

3
T1422

System Network Connections Discovery

2
T1421

Lateral Movement

Collection

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Location Tracking

1
T1430

Protected User Data

3
T1636

Calendar Entries

1
T1636.001

Call Log

1
T1636.002

Contact List

1
T1636.003

Screen Capture

1
T1513

Stored Application Data

1
T1409

Command and Control

Exfiltration

Impact

Input Injection

1
T1516

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.tencent.mm/app_mph_dex/classes.dex
    Filesize

    7.8MB

    MD5

    5bf990ee9c464573e2a580a10caf5a0f

    SHA1

    3e9800e1144c1462381bde44d3b74199ff3c66c8

    SHA256

    641e5c047fed322071577bddb70784103f11b89914a1e9d1af2a7a4575aa29f7

    SHA512

    0dcbdee94fee733a874fca7443b3eba648a33b1643879679a6247880f3ddc9b07649566e32084c39123e575d77aefcf9e59ecc55810be319f8e151719e23400d

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname
    Filesize

    32KB

    MD5

    1854505a3f6d683ed7eb81612934370c

    SHA1

    4f710add9a652d2fb92b7ce45589e27bf03f0b2a

    SHA256

    8100330a266f3027b929ea1bde99440ce4a544c9d9a0abb2ef0d1a73aa4cd9a4

    SHA512

    104a6e9c840b1fddd22ae579624a549c911abfbb48dc4454d3d231619c41a9abbf22f0dc5362a80c8c8245cc18566661f3645ac48c61259132886d4bf4678962

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    512B

    MD5

    b00f12857c7b45bda67b13424369b603

    SHA1

    c063a7f2df842b09161cc8b77cd80b9f95d5fceb

    SHA256

    8a87c028f6c01c8e53c0c743147837b00e116202b7c6d578117b3d3eca1ffdc1

    SHA512

    177480988c6777eecc12f0d37a3944c5349aa1feb121d610f29ee84a8941b587832c0baa9d6b93411136f4d8a829e7687cb26b8d5c487c1ff50b616fc80e8e2d

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    138bbb81ac0311f73889e27746451b93

    SHA1

    74a1e4a217d4efb7f66584f0dbc5f6327cbcbe45

    SHA256

    a191d6e3247f4a511d81d2bfa270cd4c153d4821acf2c41651fc464a5e2cb6b8

    SHA512

    fc33c22b1541bc6f0dee70bc730b16b2e2394e076aa1f5b8b396b9889d6b67ccf8a17211cbb65304e63a32ae5f9a0e8759c6c2216e6bd6ccc21d3d74d51c8ec3

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    0a60e40720e4a4f84f6eeb83ab6bf4c4

    SHA1

    61c1bffa9cb61cdf0780f3b9db74a23abbe88712

    SHA256

    c6f3b5cd0b15dbcf9a221f79e87e9e5c3f8739698a9de368a177b7cb2172a4cd

    SHA512

    1a0ab3b539c7a75ffeef2e8b49dc7e472e2e7adf4ea4c728724a11fa559af849960aae4d3a12063718c171fb1eb415cde6a1e48d10c2246532ec56d82f57a23e

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    51cfc8c9cbe6c6a438a85da2141361ef

    SHA1

    b18cea452cf0be76ab078c4ee68fbdd4ba6da2f9

    SHA256

    b89f2481e7ba63bac0c5b636f335b6eeaab70b641ed2237b54fee8e2a8110bbc

    SHA512

    4e8fc1ede90664863d52d3f9b80e988d4cc3ad05ca30031575484b97b286a5e29db2e72dd3a628419784a21e342eaebd60ca6da26cfe57324ce662534a55b62e

    Download Submit

  • /data/user/0/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    c83fdceb404445aca4863cf20c2ec6b3

    SHA1

    821077ea594aa4ce1eeab191100af87f1cc70763

    SHA256

    b108e1621d4f5f76f17be47266772464a94bbf8f0bc751524d0d88b94998cace

    SHA512

    a4ca20dc6d9a3faf51bacbdd00b6654937726f9248bc59d166639f96f62c8c5032dc38a8d36b0bbb57d6417dbf79e3e7d8a6404a46b9d898546431bc2af51a39

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db
    Filesize

    16KB

    MD5

    9a8884bf0a641bb5e4324bda8a66d251

    SHA1

    b933dabeeeff52972a202dc7ae4bf8ee3187aadb

    SHA256

    a4deeb15df50cfee617d88973e293367429ec3e3d59975a604b0e899d09a8df2

    SHA512

    8328eb77b0229c56d698ee21763312fb25cf70d0bc094943bd9eed14d9683a7f194fa55789595d89efd141461d6a635a12c68981f3622e4dd351bae05a714708

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    eb67d7fcf40fe152454a660caa2d8f34

    SHA1

    8d64042cdbd9ee75b71fee9b4217e10edc9b5263

    SHA256

    4831d097d06f36af1c232b6a7ad4a4fdffadb2260c4d08328fc4f5feeab81207

    SHA512

    a891112748fa313e77ccc08a9a41852ad8dfca50afa658f58f4b75cabe06ff374a0bf1e11d26d9aa26dfb2fdd99f1d45c765741fa3b37debf7d6ef2904c73c72

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    07b12d0e8af38540e2d9bc3b2786c44d

    SHA1

    18a5adebf2e065e415b5188be24e35e3bdf4bf5c

    SHA256

    b67b252daa52e625b873c35a68e610b089e636eb483d99f1f77f81a19ae260ca

    SHA512

    1ed3a504d797bf8b02c97ca9ea5cd857afbbe5eddd4452f8eedc0c3febb72dabf8290670cef2b9b81989f85a653ea5c06f3aeab4f3fe5c96c36e19b71132cb7e

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    512B

    MD5

    277ab0ad9c7603f834c68024113f3efe

    SHA1

    439c29948773b4835df478447003c5268bc2a391

    SHA256

    aedcd30cc68dc3db0a4232402ed6fcd937e25ac60cd181681ce581e08c3e4fe3

    SHA512

    4d8c288ce085b9c30f20c6e89264e4d271499b42d1f148d374b7a26e2634970279e1dab6eca5bc37c6e3abc095a8be75d1cc9f576211b36e1cf98d3023c9572d

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    cfa2d874344b7fd976709172e4c55b6a

    SHA1

    e8a848dc24e506a875aa8a9416888333fa474b58

    SHA256

    32f2a24e125eda51e56f0f2b60f89ccca90ba217b189936ed4189397d04b05e8

    SHA512

    01a8292b61155eeb48ae149c2843881292158c0fb784577fa315d1c685c726e8d0c0a9ae382ecf04bb0ccd65393d106fa57c0bd078cbd28c771316b42e238631

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    8ac99ab02a74acc241b88d22156e5490

    SHA1

    a3d3888d0f877c142b4e1c431ae0248b263d3939

    SHA256

    637ec222214a4fcad8af3906d500d8723b149fa2883c97a1c3fab2ad80dcd9f5

    SHA512

    58f817d28842155f86c7d9998f87af7ee22dfbbfc946f5d896013d33c1f4106b376306b94d95bcff8c66376bf68843af5b87172761f3434fcee61c1a1b1cd32c

    Download Submit

  • /data/user/0/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    bea6957a5a5f293a912f87f2dea3d346

    SHA1

    9051f50cea6501bf339fd5bf9203be0f8394f717

    SHA256

    b1a43ec513c709faf347a8c7f143cd23d21415bde79cd700b3dd17752dc319ea

    SHA512

    8888188f9ed2a97160dd01530cc0db119f52c41f37298a774e7b9d4ce8dfa996fc5b4f0cf79d78da4a90eb2eff8512e4d02610205f43f9f1f5dcab935b805df7

    Download Submit

  • /data/user/0/com.tencent.mm/files/CallLogs.txt
    Filesize

    3B

    MD5

    58e0494c51d30eb3494f7c9198986bb9

    SHA1

    cd0d4cc32346750408f7d4f5e78ec9a6e5b79a0d

    SHA256

    37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

    SHA512

    b7a9336ed3a424b5d4d59d9b20d0bbc33217207b584db6b758fddb9a70b99e7c8c9f8387ef318a6b2039e62f09a3a2592bf5c76d6947a6ea1d107b924d7461f4

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    108B

    MD5

    8153530073803240a33de51af39ea216

    SHA1

    66321bd85fd4cb98787a1af4eb9ca12524388e7d

    SHA256

    c4a41e40dbe794e6b377fb3dbe5ea37a2cf54bd04d263df15a8f607fdc21f156

    SHA512

    fb28f05316cfefccf746ddab798c003d96115b186b56e59a33eef0f3e6dfb087a3bc1160648c854c83ca7829fb68912205d28b8ce44a8017022b91b7ea9dbcb2

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    108B

    MD5

    e96465190935dddcb0a0eb7f2692724a

    SHA1

    017ef7c3ed878e5040b933a2061616234ac4d605

    SHA256

    c72c53efe03c75d489ccf409a3b2a528e5f2251b5f7b42d0dbcc9d29f467901b

    SHA512

    5c8fe78b9cf7ad291837124398ce006bf5a282b7895b4b3df60e470daac9f33847fad6f060d1782b83dbfc323fa4ae73680212845cc6771e46c4e78c115429d8

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    114B

    MD5

    99fdef9aed4b56923af50d9dc37229f3

    SHA1

    cba1655b2663ccc2c9bd950085c768355ce5ed90

    SHA256

    591527d74ff3cc8a61d124eb30fc4fe27d2706ed717f0b07263f377555b162b3

    SHA512

    ff8f7fa45e0e8e2d1b30675176d60d659741c9b8b132605d3117cd37f8c41778c11efba60496097940ffbd080d82d9f86569f0f7ab7f2342b2d8d24770e3c416

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    108B

    MD5

    9279bd2745efba90cf0becb11fa67a0e

    SHA1

    bc8dfdf2713049c98c2d9b490a11129bdb320299

    SHA256

    9e12bedfcf4a14b37f908570f7afd34667952a915d4937cb6ce540507e3bfb2a

    SHA512

    0e0ecf9aa5d8436bca41421fb0fd74e601187c05514aa1fd203beea1dc23ef4ea85b95e2cd1b250fb858cd4f92fa3473b718fbe545106dd8064eb17bda01546b

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    114B

    MD5

    8408adc6143b4c7f29d1d68c09abcd57

    SHA1

    ce6cf006fe74d6bc7e71d21003010bbc27457ff2

    SHA256

    452ed5c19138869dcee933d13a516233fdd363b467215589fddb643bae1d8ed7

    SHA512

    b15f38983f5a915eccff961f52c58a3efcc5249d7b3fb9bc6d14c24cec1fb25ef7326d3d9b7204af334aeee8187b3c266383fbb15c23caed4cd85d641b0774eb

    Download Submit

  • /data/user/0/com.tencent.mm/files/GP.txt
    Filesize

    114B

    MD5

    579e6d831b10c3bbfcc2d5ce3d1b613a

    SHA1

    a329f86a4eaa2fab978b33ddae729a424b7cf8d6

    SHA256

    c848e2d9b741fd9196ec188b48fd7abdc9fda793c09eb20f5c88baa231de472e

    SHA512

    48ac90e003d5e20c39d7786344489c8e2ce79a0fb95a2c88790b98985360eb398b0758eb3aef664cb2c5734391a959737d729d68c7431593191d848cf6341df4

    Download Submit

  • /data/user/0/com.tencent.mm/files/Tree.txt
    Filesize

    566B

    MD5

    bf180b55a5363bf426a61de01054b8b0

    SHA1

    a7c3790850082f04bb190257d67cf7a2692528dc

    SHA256

    67b58658c3c774190339ce1134fd5345f6953c9eb890b0de53b112637687677d

    SHA512

    5846325c74cbc644d05d88e7337a354fce41ff7a9d5a731afbb72a7ba9cf93f1f26e6a2ef50c4f0e6fd90988c79c9033514311486880892ad1642446e2ed6cd5

    Download Submit

  • /data/user/0/com.tencent.mm/files/accounts.txt
    Filesize

    2B

    MD5

    d751713988987e9331980363e24189ce

    SHA1

    97d170e1550eee4afc0af065b78cda302a97674c

    SHA256

    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

    SHA512

    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

    Download Submit

  • /data/user/0/com.tencent.mm/files/netinfo.txt
    Filesize

    854B

    MD5

    797794510274c3e9c5655d5ab2fecb46

    SHA1

    f693057be8e9da1a299f558de4919afeeb8ee430

    SHA256

    6de08d4966245bd23ba2f36b83ee28d630898652fa077e73bc5c1160e3f21c7e

    SHA512

    c2c35a8cccecc7f2fafb0ec646b4392ce7cd7c6231055547d9a9644cf76a7959842182ec1bf531d71eb8f92861eba327cf28a669c0ae19dea9617e913d7ab89b

    Download Submit

  • /data/user/0/com.tencent.mm/files/netinfo.txt
    Filesize

    854B

    MD5

    da307a6f0b588be7121165102700fff4

    SHA1

    fb5d034dc97e7577fbe6283669b7c980a011931b

    SHA256

    075f2f60505a9c615e21bb141f0d6ed641969826f42dfda051c73a5ed9fed59a

    SHA512

    4c14e4031f2949f1b47be9195547c1b9ffcb982bbb32e374d667e65ca4dc51c049548a819ff3e65d59c06332168ae0bd7f41696e143dfa3e83e1021663da07fd

    Download Submit

  • /data/user/0/com.tencent.mm/files/pkinfo.txt
    Filesize

    10KB

    MD5

    df036b93426f886d1696210079b94938

    SHA1

    b593b3806d3d85257511959992013f6a4f543011

    SHA256

    6d9bb455edd9154e310a777aad0dde552ff995134e2321933a0365f9112c3912

    SHA512

    0d7eb6c0e5378a362a4bbebbc09f291080975c8ece8473d28c9cc9ec5b4a138f2fe19b09bc5d44cf17ec66a4f59dadb1de59ac8286cdc10a461e46491da01e29

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-09-02.txt
    Filesize

    12B

    MD5

    e48057c3603c907cacbe1568a7dbfc41

    SHA1

    6e100086b53e20e499a9be069aa1b452faf82ba3

    SHA256

    4b36685dbf772b2de007f4c98f824966f4f3a132075692d3d3d8f11e84e5468e

    SHA512

    787e1140832e8c308039f0287ee801c00040544d5241425b0c0c8e8dc19ecf3feefa50706723f7a21be209c13b24ab3dbe0691ec42118fdfe18611b13155fb9a

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-09-02.txt
    Filesize

    56B

    MD5

    5875f4fe2a4b68e19f5f6e071fd6fc6b

    SHA1

    fe1a887f8ef6066bc30970ee9c48e0846865b9b1

    SHA256

    4d36c3e00ee88cecd60d502af8fe1caf72cd0ca0cac7b4c61e88c78439c66377

    SHA512

    eaec72ffcfe83f33b0522bcba628c25495711812c940c8dc97b8a1b2f406478acfd1d0dd67ec6ad46511350a48816e1a7362e535e75d946c836c0e97f87bc19f

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-09-02.txt
    Filesize

    12B

    MD5

    a9256f55737b655c8cff95418411997c

    SHA1

    d81a4e85ecef3a4f08d50da9c75c49a3c64ffe24

    SHA256

    bad705c44807d12463fb587087c4e9eb24769d82981229ac8b74abc9b1a44412

    SHA512

    10d10a6498973ed65d47c74ba6d8831dad94213a5071353dc445de46e021689284fbbf4accf5ba1f97a0675a7652ec069ac70f38d63ba36b8595a8caf8d37574

    Download Submit