Skip to content
/ Anubis-pandemidestek Public

Anubis malware variant for turkish market - full analysis - SHA256: 231d970ea3195b3ba3e11e390b6def78a1c8eb5f0a8b7dccc0b4ec4aee9292ec

7 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ChickenHook/Anubis-pandemidestek

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
apk
apk
 
 
reverse-enginnering
reverse-enginnering
 
 
README.md
README.md
 
 
accessibility_event_bp.png
accessibility_event_bp.png
 
 
anubis_23_06_2020.aux
anubis_23_06_2020.aux
 
 
anubis_23_06_2020.dvi
anubis_23_06_2020.dvi
 
 
anubis_23_06_2020.log
anubis_23_06_2020.log
 
 
anubis_23_06_2020.lol
anubis_23_06_2020.lol
 
 
anubis_23_06_2020.pdf
anubis_23_06_2020.pdf
 
 
anubis_23_06_2020.synctex.gz
anubis_23_06_2020.synctex.gz
 
 
anubis_23_06_2020.tex
anubis_23_06_2020.tex
 
 
anubis_accessibility.png
anubis_accessibility.png
 
 
anubis_enable_accessibility.mp4
anubis_enable_accessibility.mp4
 
 
anubis_startup.webm
anubis_startup.webm
 
 
anubis_v3.zip
anubis_v3.zip
 
 
full_attack.webm
full_attack.webm
 
 
hangikapicom.png
hangikapicom.png
 
 
set.xml
set.xml
 
 
settings_closed_when_accessibility_service_info_is_entered.webm
settings_closed_when_accessibility_service_info_is_entered.webm
 
 
settings_closed_when_appinfo_screen_is_entered.webm
settings_closed_when_appinfo_screen_is_entered.webm
 
 
tcp.pcapng
tcp.pcapng
 
 
used_classes.txt
used_classes.txt
 
 

Repository files navigation

Anubis-pandemidestek

This work includes an analyzis of the Anubis malware variant pandemidestek discovered on 12.06.2020.

About Anubis

In December 2016 the the article "Android BOT from scratch" was published in which source code of a new Android banking trojan was shared. The first malware based on this code was spotted in January 2017 and from then on all derived Malware was called BANKBOT. Over time the malware was improved heavily and a second version of the malware was crafted named ANUBIS.

In March 2020 an article was published telling about banking Tojan campaigns against Turkish banks meme to be a "gift" from thei'r mobile carrier due to COVID-19 Virus.

Paper

Paper >> DOWNLOAD HERE << Blog >> Read Blog Post <<

META INFO

SHA256 231d970ea3195b3ba3e11e390b6def78a1c8eb5f0a8b7dccc0b4ec4aee9292ec

name pandemidestek.apk

Source (OFFLINE) https://dosya.org/f.php?h=0G8rhXAJ\&d=1

Virustotal KLICK HERE

DOWNLOAD MALWARE

APK DOWNLOAD HERE

Related work of an older version of the malware can be found here: https://medium.com/@fs0c131y/reverse-engineering-of-the-anubis-malware-part-1-741e12f5a6bd

About

Anubis malware variant for turkish market - full analysis - SHA256: 231d970ea3195b3ba3e11e390b6def78a1c8eb5f0a8b7dccc0b4ec4aee9292ec

Resources

Readme
Activity
Custom properties

Stars

7 stars

Watchers

3 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages