Hide Navigation Hide TOC

Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)

Anubis is Android malware that was originally used for cyber espionage, and has been retooled as a banking trojan.(Citation: Cofense Anubis)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	Archive Collected Data - T1532 (e3b936a4-6321-4172-9114-038a866362ec)	Attack Pattern	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	Match Legitimate Name or Location - T1655.001 (114fed8b-7eed-4136-8b9c-411c5c7fff4b)	Attack Pattern	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	System Information Discovery - T1426 (e2ea7f6b-8d4f-49c3-819d-660530d12b77)	Attack Pattern	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	Software Discovery - T1418 (198ce408-1470-45ee-b47f-7056050d4fc2)	Attack Pattern	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	System Checks - T1633.001 (6ffad4be-bfe0-424f-abde-4d9a84a800ad)	Attack Pattern	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	Data Encrypted for Impact - T1471 (d9e88203-2b5d-405f-a406-2933b1e3d7e4)	Attack Pattern	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	Keylogging - T1417.001 (b1c95426-2550-4621-8028-ceebf28b3a47)	Attack Pattern	1
Call Control - T1616 (351ddf79-2d3a-41b4-9bef-82ea5d3ccd69)	Attack Pattern	Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	Dead Drop Resolver - T1481.001 (986f80f7-ff0e-4f48-87bd-0394814bbce5)	Attack Pattern	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	Disable or Modify Tools - T1629.003 (2aa78dfd-cb6f-4c70-9408-137cfd96be49)	Attack Pattern	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86)	Attack Pattern	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	GUI Input Capture - T1417.002 (4c58b7c6-a839-4789-bda9-9de33e4d4512)	Attack Pattern	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	Download New Code at Runtime - T1407 (6c49d50f-494d-4150-b774-a655022d20a6)	Attack Pattern	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	Process Discovery - T1424 (1b51f5bc-b97a-498a-8dbd-bc6b1901bf19)	Attack Pattern	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4)	Attack Pattern	1
Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760)	Attack Pattern	Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	1
Prevent Application Removal - T1629.001 (dc01774a-d1c1-45fb-b506-0a5d1d6593d9)	Attack Pattern	Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	Screen Capture - T1513 (73c26732-6422-4081-8b63-6d0ae93d449e)	Attack Pattern	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	Data from Local System - T1533 (e1c912a9-e305-434b-9172-8a6ce3ec9c4a)	Attack Pattern	1
Anubis - S0422 (a3c59d82-2c7c-44e5-a869-68e0a3e5935e)	Malware	SMS Control - T1582 (b327a9c0-e709-495c-aa6e-00b042136e2b)	Attack Pattern	1
Masquerading - T1655 (f856eaab-e84a-4265-a8a2-7bf37e5dc2fc)	Attack Pattern	Match Legitimate Name or Location - T1655.001 (114fed8b-7eed-4136-8b9c-411c5c7fff4b)	Attack Pattern	2
System Checks - T1633.001 (6ffad4be-bfe0-424f-abde-4d9a84a800ad)	Attack Pattern	Virtualization/Sandbox Evasion - T1633 (27d18e87-8f32-4be1-b456-39b90454360f)	Attack Pattern	2
Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad)	Attack Pattern	Keylogging - T1417.001 (b1c95426-2550-4621-8028-ceebf28b3a47)	Attack Pattern	2
Web Service - T1481 (c6a146ae-9c63-4606-97ff-e261e76e8380)	Attack Pattern	Dead Drop Resolver - T1481.001 (986f80f7-ff0e-4f48-87bd-0394814bbce5)	Attack Pattern	2
Disable or Modify Tools - T1629.003 (2aa78dfd-cb6f-4c70-9408-137cfd96be49)	Attack Pattern	Impair Defenses - T1629 (20b0931a-8952-42ca-975f-775bad295f1a)	Attack Pattern	2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e)	Attack Pattern	Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86)	Attack Pattern	2
GUI Input Capture - T1417.002 (4c58b7c6-a839-4789-bda9-9de33e4d4512)	Attack Pattern	Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad)	Attack Pattern	2
Prevent Application Removal - T1629.001 (dc01774a-d1c1-45fb-b506-0a5d1d6593d9)	Attack Pattern	Impair Defenses - T1629 (20b0931a-8952-42ca-975f-775bad295f1a)	Attack Pattern	2