Play interactive tour

Edit tour

Analysis Report CoronaWarnApp.apk

Overview

General Information

Sample Name:	CoronaWarnApp.apk
Analysis ID:	336565
MD5:	de2060e42c95d4dddbf19d85d6da1cd7
SHA1:	8ebf29e56545925e5d2aa8af413de35cd973eb26
SHA256:	0d5ec7d8ea87fc80887fa6238dd49572182be98c8b02d9c5dda350a026f16eb7
Most interesting Screenshot:

Detection

Anubis

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Detected Anubis BankBot ransomware / banking trojan

Multi AV Scanner detection for submitted file

Deletes other packages

Found large list of e-Banking application (likely related to e-Banking fraud)

Found potential keylogger

Protects itself from removal

Removes its application launcher (likely to stay hidden)

Requests to ignore battery optimizations

Tries to detect Android x86

Tries to detect the analysis device (e.g. the Android emulator)

Tries to disable the administrator user

Uses accessibility services (likely to control other applications)

Accesses android OS build fields

Checks an internet connection is available

Checks if the device administrator is active

Contains package name strings related to banking (usually for identifying banking APKs)

Creates SMS data (e.g. PDU)

Detected TCP or UDP traffic on non-standard ports

Dials phone numbers

Executes logcat command

Executes native commands

Found parser code for incoming SMS (may be used to act on incoming SMS, BOT)

Found suspicious command strings (may be related to BOT commands)

Found very long method strings

Has permission to draw over other applications or user interfaces

Has permission to execute code after phone reboot

Has permission to perform phone calls in the background

Has permission to query the list of currently running applications

Has permission to read contacts

Has permission to read the SMS storage

Has permission to read the phones state (phone number, device IDs, active call ect.)

Has permission to receive SMS in the background

Has permission to record audio in the background

Has permission to send SMS in the background

Has permission to write to the SMS storage

Installs a new wake lock (to get activate on phone screen on)

Lists and deletes files in the same context

May access the Android keyguard (lock screen)

May check for popular installed apps

May query for the most recent running application (usually for UI overlaying)

Monitors incoming SMS

Opens an internet connection

Queries SMS data

Queries a list of installed applications

Queries list of running processes/tasks

Queries phone contact information

Queries the network operator ISO country code

Queries the network operator name

Queries the phones location (GPS)

Queries the unique operating system id (ANDROID_ID)

Queries the unqiue device ID (IMEI, MEID or ESN)

Reads logcat

Records audio/media

Redirects camera/video feed

Requests permissions only permitted to signed APKs

Requests potentially dangerous permissions

Sends SMS using SmsManager

Starts/registers a service/receiver on phone boot (autostart)

Tries to add a new device administrator

Uses reflection

Uses the DexClassLoader (often used for code injection)

Classification

Yara Overview

No yara matches

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Antivirus / Scanner detection for submitted sample

Show sources

Source: CoronaWarnApp.apk

Avira: detected

Multi AV Scanner detection for submitted file

Show sources

Source: CoronaWarnApp.apk

Virustotal: Detection: 35%

Perma Link

Source: anubis.bot.myapplication.ServiceGeolocationGPS;->formatLocation:6	API Call: android.location.Location.getLatitude
Source: anubis.bot.myapplication.ServiceGeolocationGPS;->formatLocation:8	API Call: android.location.Location.getLongitude
Source: anubis.bot.myapplication.ServiceGeolocationNetwork;->formatLocation:7	API Call: android.location.Location.getLatitude
Source: anubis.bot.myapplication.ServiceGeolocationNetwork;->formatLocation:9	API Call: android.location.Location.getLongitude

Source: anubis.bot.myapplication.API.Admin.ClassAdmin;->ISS:12	API Call: android.app.admin.DevicePolicyManager.isAdminActive
Source: anubis.bot.myapplication.ServiceCommands;->readCommand:64	API Call: android.app.admin.DevicePolicyManager.isAdminActive
Source: anubis.bot.myapplication.StartWhileGlobal;->onHandleIntent:163	API Call: android.app.admin.DevicePolicyManager.isAdminActive
Source: anubis.bot.myapplication.StartWhileRequest;->onHandleIntent:59	API Call: android.app.admin.DevicePolicyManager.isAdminActive

Source: anubis.bot.myapplication.API.Admin.ActivityAdmin;->onCreate:11	API Call: android.content.Intent.<init> android.app.action.ADD_DEVICE_ADMIN
Source: Lanubis/bot/myapplication/API/Admin/ActivityAdmin;->onCreate(Landroid/os/Bundle;)V	Method string: "android.app.action.ADD_DEVICE_ADMIN"

Source: anubis.bot.myapplication.ServiceCryptFiles;->onHandleIntent:63	API Call: android.os.Environment.getExternalStorageDirectory
Source: anubis.bot.myapplication.ServiceFindFiles;->onHandleIntent:44	API Call: android.os.Environment.getExternalStorageDirectory
Source: anubis.bot.myapplication.ServiceRAT;->onHandleIntent:69	API Call: android.os.Environment.getExternalStorageDirectory
Source: anubis.bot.myapplication.UtilsClass;->getIDwindowsBot:931	API Call: android.os.Environment.getExternalStorageState
Source: anubis.bot.myapplication.UtilsClass;->getIDwindowsBot:937	API Call: android.os.Environment.getExternalStorageState
Source: anubis.bot.myapplication.UtilsClass;->getIDwindowsBot:941	API Call: android.os.Environment.getExternalStorageDirectory

Source: anubis.bot.myapplication.UtilsClass;->getNetworkInfo:52	API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: anubis.bot.myapplication.UtilsClass;->isConnectedMobile:1250	API Call: android.net.NetworkInfo.isConnected
Source: anubis.bot.myapplication.UtilsClass;->isConnectedWifi:1253	API Call: android.net.NetworkInfo.isConnected

Source: global traffic	TCP traffic: 192.168.2.30:55938 -> 8.8.4.4:853
Source: global traffic	TCP traffic: 192.168.2.30:44518 -> 8.8.8.8:853

Source: anubis.bot.myapplication.API.RequestHttp$SendLoginData;->doInBackground:29	API Call: java.net.URL.openConnection (not executed)
Source: anubis.bot.myapplication.API.RequestHttp$SendLoginData;->doInBackground:67	API Call: java.net.URL.openConnection (not executed)
Source: anubis.bot.myapplication.ServiceModuleNotification$generatePictureStyle;->doInBackground:13	API Call: java.net.URL.openConnection (not executed)
Source: anubis.bot.myapplication.UtilsClass$ParseURL;->doInBackground:6	API Call: java.net.URL.openConnection (not executed)
Source: anubis.bot.myapplication.UtilsClass$TwitterParseTask;->doInBackground:10	API Call: java.net.URL.openConnection (not executed)
Source: anubis.bot.myapplication.UtilsClass;->inputFile:1112	API Call: java.net.URL.openConnection (not executed)
Source: anubis.bot.myapplication.UtilsClass;->inputFile2:1144	API Call: java.net.URL.openConnection (not executed)

Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.14
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.14
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.14
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.14
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.67
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.67
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.10
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.14
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.168.14

Source: unknown

DNS traffic detected: queries for: time.android.com

Source: classes.dex	String found in binary or memory: http://10.0.3.2/injclientup
Source: classes.dex	String found in binary or memory: http://101.99.95.109/inj
Source: classes.dex	String found in binary or memory: http://en.utrace.de
Source: classes.dex, android	String found in binary or memory: http://ktosdelaetskrintotpidor.com
Source: activity_inj.xml	String found in binary or memory: http://schemas.android.com/apk/res-auto
Source: classes.dex	String found in binary or memory: http://schemas.android.com/apk/res/android
Source: classes.dex	String found in binary or memory: http://sositehuypidarasi.com
Source: classes.dex	String found in binary or memory: https://app-de-rki.xyz
Source: classes.dex, android	String found in binary or memory: https://jsonplaceholder.typicode.com/posts
Source: classes.dex	String found in binary or memory: https://jsonplaceholder.typicode.com/postsRhttps://support.google.com/calendar/answer/6261951?hl=en&
Source: classes.dex, android	String found in binary or memory: https://support.google.com/calendar/answer/6261951?hl=en&co=GENIE.Platform=Android

Source: anubis.bot.myapplication.API.RequestHttp$SendLoginData;->doInBackground:45	API Call: javax.net.ssl.HttpsURLConnection.connect
Source: anubis.bot.myapplication.API.RequestHttp$SendLoginData;->doInBackground:83	API Call: java.net.HttpURLConnection.connect
Source: anubis.bot.myapplication.ServiceModuleNotification$generatePictureStyle;->doInBackground:15	API Call: java.net.HttpURLConnection.connect
Source: anubis.bot.myapplication.UtilsClass$ParseURL;->doInBackground:11	API Call: java.net.HttpURLConnection.connect
Source: anubis.bot.myapplication.UtilsClass$TwitterParseTask;->doInBackground:15	API Call: java.net.HttpURLConnection.connect

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44164
Source: unknown	Network traffic detected: HTTP traffic on port 44164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41662 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41662

Key, Mouse, Clipboard, Microphone and Screen Capturing:

Found potential keylogger

Show sources

Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V	Instruction: "iget-boolean v11, v1, lanubis/bot/myapplication/serviceaccessibility;->onkeylogger:z"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V	Instruction: "iput-object v4, v1, lanubis/bot/myapplication/serviceaccessibility;->textkeylogger:ljava/lang/string;"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V	Instruction: "iput-object v4, v1, lanubis/bot/myapplication/serviceaccessibility;->textkeylogger:ljava/lang/string;"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V	Instruction: "iput-object v4, v1, lanubis/bot/myapplication/serviceaccessibility;->textkeylogger:ljava/lang/string;"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V	Instruction: "iget-boolean v0, v1, lanubis/bot/myapplication/serviceaccessibility;->onkeylogger:z"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V	Instruction: "iget-object v0, v1, lanubis/bot/myapplication/serviceaccessibility;->textkeylogger:ljava/lang/string;"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V	Instruction: "iget-object v4, v1, lanubis/bot/myapplication/serviceaccessibility;->textkeylogger:ljava/lang/string;"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V	Instruction: "iput-boolean v4, v1, lanubis/bot/myapplication/serviceaccessibility;->onkeylogger:z"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->onAccessibilityEvent(Landroid/view/accessibility/AccessibilityEvent;)V	Instruction: "iput-boolean v12, v1, lanubis/bot/myapplication/serviceaccessibility;->onkeylogger:z"
Source: Lanubis/bot/myapplication/ServiceAccessibility;->writeFile(Ljava/lang/String;Ljava/lang/String;)V	Instruction: "iput-object v0, p0, lanubis/bot/myapplication/serviceaccessibility;->textkeylogger:ljava/lang/string;"

Source: submitted apk

Request permission: android.permission.RECORD_AUDIO

Source: anubis.bot.myapplication.API.Sound.ServiceRecordSound;->recordAudio:69	API Call: android.media.MediaRecorder.start
Source: anubis.bot.myapplication.API.Sound.ServiceStreamSound;->recordAudio:76	API Call: android.media.MediaRecorder.start

Source: anubis.bot.myapplication.API.Sound.ServiceRecordSound;->recordAudio:58	API Call: android.media.MediaRecorder.<init>
Source: anubis.bot.myapplication.API.Sound.ServiceStreamSound;->recordAudio:64	API Call: android.media.MediaRecorder.<init>

E-Banking Fraud:

Detected Anubis BankBot ransomware / banking trojan

Show sources

Source: Lanubis/bot/myapplication/UtilsClass;->InitializationData(Landroid/content/Context;)V	Method string: htmllocker
Source: Lanubis/bot/myapplication/ServiceCommands;->readCommand()V	Method string: htmllocker
Source: Lanubis/bot/myapplication/ServiceCommands;->readCommand()V	Method string: ERROR -> htmllocker
Source: Lanubis/bot/myapplication/API/Spam/ServiceSpamSMS;->onHandleIntent(Landroid/content/Intent;)V	Method string: \|Ended balance, SMS spam stopped!\|
Source: Lanubis/bot/myapplication/ServiceCryptFiles;->getDir(Ljava/io/File;)V	Method string: .AnubisCrypt
Source: Lanubis/bot/myapplication/ServiceCryptFiles;->openDir(Ljava/io/File;)V	Method string: .AnubisCrypt
Source: Lanubis/bot/myapplication/Activity/ActivityScreenLocker;->onCreate(Landroid/os/Bundle;)V	Method string: htmllocker

Found large list of e-Banking application (likely related to e-Banking fraud)

Show sources

Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: at.spardat.bcrmobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: at.spardat.netbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.bankaustria.android.olb
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.bmo.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.cibc.android.mobi
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.rbc.mobile.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.scotiabank.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.td
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: cz.airbank.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: eu.inmite.prj.kb.mobilbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.bankinter.launcher
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.kutxabank.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.rsi
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.tecnocom.cajalaboral
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: es.bancopopular.nbmpopular
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: es.evobanco.bancamovil
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: es.lacaixa.mobile.android.newwapicon
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.dbs.hk.dbsmbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.FubonMobileClient
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.hangseng.rbmobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.MobileTreeApp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.mtel.androidbea
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.scb.breezebanking.hk
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: hk.com.hsbc.hsbchkmobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.aff.otpdirekt
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.ideomobile.hapoalim
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.infrasofttech.indianBank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.mobikwik_new
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.oxigen.oxigenwallet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: jp.co.aeonbank.android.passbook
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: jp.co.netbk
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: jp.co.rakuten_bank.rakutenbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: jp.co.sevenbank.AppPassbook
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: jp.co.smbc.direct
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: jp.mufg.bk.applisp.app
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.barclays.ke.mobile.android.ui
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: nz.co.anz.android.mobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: nz.co.asb.asbmobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: nz.co.bnz.droidbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: nz.co.kiwibank.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.getingroup.mobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: eu.eleader.mobilebanking.pekao.firm
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: eu.eleader.mobilebanking.pekao
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: eu.eleader.mobilebanking.raiffeisen
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.bzwbk.bzwbk24
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.ipko.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.mbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: alior.bankingapp.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.comarch.mobile.banking.bgzbnpparibas.biznes
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.comarch.security.mobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.empik.empikapp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.empik.empikfoto
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.finanteq.finance.ca
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.orangefinansek
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: eu.eleader.mobilebanking.invest
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.aliorbank.aib
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.allegro
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.bosbank.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.bph
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.bps.bankowoscmobilna
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.bzwbk.ibiznes24
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.bzwbk.mobile.tab.bzwbk24
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.ceneo
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.com.rossmann.centauros
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.fmbank.smart
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.ideabank.mobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.ing.mojeing
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.millennium.corpApp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.orange.mojeorange
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.pkobp.iko
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: pl.pkobp.ipkobiznes
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.kuveytturk.mobil
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.magiclick.odeabank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.mobillium.papara
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.pozitron.albarakaturk
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.teb
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ccom.tmob.denizbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.tmob.tabletdeniz
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.vakifbank.mobilel
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: tr.com.sekerbilisim.mbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: wit.android.bcpBankingApp.millenniumPL
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.idamobile.android.hcb
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.openbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.sberbank_sbbol
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.simpls.brs2.mobbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.tinkoff.sme
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.alfabank.oavdo.amc
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.advantage.RaiffeisenBank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: hr.asseco.android.jimba.mUCI.ro
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: may.maybank.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ro.btrl.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.amazon.mShop.android.shopping
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.amazon.windowshop
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.ebay.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.sberbankmobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.sberbank.spasibo
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.sberbank.mobileoffice
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.sberbank.sberbankir
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.alfabank.mobile.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: by.st.alfa
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.alfabank.sense
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.alfadirect.app
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.mw
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.idamob.tinkoff.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.tcsbank.c2c
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.tinkoff.mgp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.tinkoff.goabroad
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.vtb24.mobilebanking.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: ru.bm.mbm
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.vtb.mobilebank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.bssys.VTBClient
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.bssys.vtb.mobileclient
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.akbank.android.apps.akbank_direkt
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.akbank.android.apps.akbank_direkt_tablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.akbank.softotp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.akbank.android.apps.akbank_direkt_tablet_20
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.fragment.akbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.ykb.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.ykb.android.mobilonay
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.ykb.avm
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.ykb.androidtablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.veripark.ykbaz
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.softtech.iscek
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.yurtdisi.iscep
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.softtech.isbankasi
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.monitise.isbankmoscow
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.finansbank.mobile.cepsube
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: finansbank.enpara
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.magiclick.FinansPOS
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.matriksdata.finansyatirim
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: finansbank.enpara.sirketim
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.vipera.ts.starter.QNB
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.redrockdigimark
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.garanti.cepsubesi
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.garanti.cepbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.garantibank.cepsubesiro
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: biz.mobinex.android.apps.cep_sifrematik
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.garantiyatirim.fx
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.tmobtech.halkbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.SifrebazCep
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: eu.newfrontier.iBanking.mobile.Halk.Retail
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: tr.com.tradesoft.tradingsystem.gtpmobile.halk
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.DijitalSahne.EnYakinHalkbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.ziraat.ziraatmobil
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.ziraat.ziraattablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.matriksmobile.android.ziraatTrader
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.matriksdata.ziraatyatirim.pad
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: de.comdirect.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: de.commerzbanking.mobil
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: de.consorsbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.db.mm.deutschebank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: de.dkb.portalapp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.de.dkb.portalapp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.ing.diba.mbbr2
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: de.postbank.finanzassistent
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: mobile.santander.de
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: de.fiducia.smartphone.android.banking.vr
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: fr.creditagricole.androidapp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: fr.axa.monaxa
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: fr.banquepopulaire.cyberplus
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: net.bnpparibas.mescomptes
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.boursorama.android.clients
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.caisseepargne.android.mobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: fr.lcl.android.customerarea
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.paypal.android.p2pmobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.wf.wellsfargomobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.wf.wellsfargomobile.tablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.wellsFargo.ceomobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.usbank.mobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.usaa.mobile.android.usaa
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.suntrust.mobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.moneybookers.skrillpayments.neteller
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.moneybookers.skrillpayments
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.clairmail.fth
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.konylabs.capitalone
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.yinzcam.facilities.verizon
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.chase.sig.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.infonow.bofa
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.bankofamerica.cashpromobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: uk.co.bankofscotland.businessbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.grppl.android.shell.BOS
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.rbs.mobile.android.natwestoffshore
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.rbs.mobile.android.natwest
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.rbs.mobile.android.natwestbandc
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.rbs.mobile.investisir
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.phyder.engage
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.rbs.mobile.android.rbs
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.rbs.mobile.android.rbsbandc
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: uk.co.santander.santanderUK
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: uk.co.santander.businessUK.bb
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.sovereign.santander
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.ifs.banking.fiid4202
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.fi6122.godough
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.rbs.mobile.android.ubr
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.htsu.hsbcpersonalbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.grppl.android.shell.halifax
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.grppl.android.shell.CMBlloydsTSB73
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.barclays.android.barclaysmobilebanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.unionbank.ecommerce.mobile.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.unionbank.ecommerce.mobile.commercial.legacy
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.snapwork.IDBI
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.idbibank.abhay_card
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: src.com.idbi
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.idbi.mpassbook
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.ing.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.snapwork.hdfc
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.sbi.SBIFreedomPlus
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: hdfcbank.hdfcquickbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.csam.icici.bank.imobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: in.co.bankofbaroda.mpassbook
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.axis.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: cz.csob.smartbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: cz.sberbankcz
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: sk.sporoapps.accounts
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: sk.sporoapps.skener
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.cleverlance.csas.servis24
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: org.westpac.bank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: nz.co.westpac
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: au.com.suncorp.SuncorpBank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: org.stgeorge.bank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: org.banksa.bank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: au.com.newcastlepermanent
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: au.com.nab.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: au.com.mebank.banking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: au.com.ingdirect.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: MyING.be
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.imb.banking2
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.fusion.ATMLocator
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: au.com.cua.mb
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.commbank.netbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.cba.android.netbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.citibank.mobile.au
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.citibank.mobile.uk
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.citi.citimobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: org.bom.bank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.bendigobank.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: me.doubledutch.hvdnz.cbnationalconference2016
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: au.com.bankwest.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.bankofqueensland.boq
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.anz.android.gomoney
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.anz.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.anz.SingaporeDigitalBanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.anzspot.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.crowdcompass.appSQ0QACAcYJ
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.arubanetworks.atmanz
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.quickmobile.anzirevents15
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: at.volksbank.volksbankmobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: it.volksbank.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: it.secservizi.mobile.atime.bpaa
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: de.fiducia.smartphone.android.securego.vr
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.isis_papyrus.raiffeisen_pay_eyewdg
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: at.easybank.mbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: at.easybank.tablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: at.easybank.securityapp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: at.bawag.mbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.bawagpsk.securityapp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: at.psa.app.bawag
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.pozitron.iscep
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.vakifbank.mobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.pozitron.vakifbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.starfinanz.smob.android.sfinanzstatus
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.starfinanz.mobile.android.pushtan
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.entersekt.authapp.sparkasse
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.starfinanz.smob.android.sfinanzstatus.tablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.starfinanz.smob.android.sbanking
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.palatine.android.mobilebanking.prod
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: fr.laposte.lapostemobile
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: fr.laposte.lapostetablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.cm_prod.bad
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.cm_prod.epasal
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.cm_prod_tablet.bad
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.cm_prod.nosactus
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: mobi.societegenerale.mobile.lappli
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.bbva.netcash
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.bbva.bbvacontigo
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.bbva.bbvawallet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: es.bancosantander.apps
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.santander.app
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: es.cm.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: es.cm.android.tablet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.bankia.wallet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.btcturk
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.tmob.denizbank
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.binance.dev
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.binance.odapplications
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.blockfolio.blockfolio
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.crypter.cryptocyrrency
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: io.getdelta.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.edsoftapps.mycoinsvalue
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.coin.profit
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.mal.saul.coinmarketcap
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.tnx.apps.coinportfolio
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.coinbase.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.portfolio.coinbase_tracker
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: de.schildbach.wallet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: piuk.blockchain.android
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: info.blockchain.merchant
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.jackpf.blockchainsearch
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.unocoin.unocoinwallet
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.unocoin.unocoinmerchantPoS
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.thunkable.android.santoshmehta364.UNOCOIN_LIVE
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: wos.com.zebpay
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.localbitcoinsmbapp
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.thunkable.android.manirana54.LocalBitCoins
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.thunkable.android.manirana54.LocalBitCoins_unblock
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.localbitcoins.exchange
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.coins.bit.local
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.coins.ful.bit
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.jamalabbasii1998.localbitcoin
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: zebpay.Application
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.bitcoin.ss.zebpayindia
Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;	Method string: com.kryptokit.jaxx

Source: Lanubis/bot/myapplication/StoreStringClass;->GetAPP(Landroid/content/Context;)Ljava/lang/String;

Method String: at.spardat.netbanking, com.bankaustria.android.olb, com.scotiabank.mobile, cz.airbank.android, eu.inmite.prj.kb.mobilbank, com.bankinter.launcher, com.kutxabank.android, com.dbs.hk.dbsmbanking, com.scb.breezebanking.hk, hk.com.hsbc.hsbchkmobilebanking, jp.co.aeonbank.android.passbook, jp.co.rakuten_bank.rakutenbank, jp.co.sevenbank.AppPassbook, nz.co.anz.android.mobilebanking, nz.co.bnz.droidbanking, nz.co.kiwibank.mobile, com.getingroup.mobilebanking, eu.eleader.mobilebanking.pekao.firm, eu.eleader.mobilebanking.pekao, eu.eleader.mobilebanking.raiffeisen, com.comarch.mobile.banking.bgzbnpparibas.biznes, com.comarch.security.mobilebanking, eu.eleader.mobilebanking.invest, pl.aliorbank.aib, pl.bosbank.mobile, pl.bps.bankowoscmobilna, pl.fmbank.smart, pl.ideabank.mobilebanking, com.magiclick.odeabank, com.vakifbank.mobilel, tr.com.sekerbilisim.mbank, ru.rosbank.android, ru.simpls.brs2.mobbank, ru.alfabank.oavdo.amc, ru.ftc.faktura.expressbank, ru.ftc.faktura.jur.expressbank, ru.gazprombank.android.mobilebank.app, com.prime.app.gazprombank, com.bssys.mbcphone.gpbank, ru.psbank.msb.dev.psb_appstore, ru.sovcombank.online.chatbanklight, ru.ftc.faktura.expertbank, ru.ftc.faktura.jur.expertbank, may.maybank.android, ru.sberbank.spasibo, ru.sberbank.mobileoffice, ru.sberbank.sberbankir, ru.alfabank.mobile.android, ru.alfabank.sense, ru.tcsbank.c2c, ru.vtb24.mobilebanking.android, com.vtb.mobilebank, com.akbank.android.apps.akbank_direkt, com.akbank.android.apps.akbank_direkt_tablet, com.akbank.softotp, com.akbank.android.apps.akbank_direkt_tablet_20, com.fragment.akbank, com.softtech.isbankasi, com.monitise.isbankmoscow, com.finansbank.mobile.cepsube, com.garanti.cepbank, com.garantibank.cepsubesiro, com.tmobtech.halkbank, com.DijitalSahne.EnYakinHalkbank, de.ingdiba.bankingapp, de.commerzbanking.mobil, com.db.mm.deutschebank, de.postbank.finanzassistent, de.fiducia.smartphone.android.banking.vr, com.caisseepargne.android.mobilebanking, com.usbank.mobilebanking, com.suntrust.mobilebanking, com.bankofamerica.cashpromobile, uk.co.bankofscotland.businessbank, com.ifs.banking.fiid4202, com.htsu.hsbcpersonalbanking, com.barclays.android.barclaysmobilebanking, com.unionbank.ecommerce.mobile.android, com.unionbank.ecommerce.mobile.commercial.legacy, com.idbibank.abhay_card, com.csam.icici.bank.imobile, in.co.bankofbaroda.mpassbook, cz.csob.smartbanking, org.westpac.bank, org.stgeorge.bank, org.banksa.bank, au.com.mebank.banking, com.imb.banking2, com.commbank.netbank, com.cba.android.netbank, com.citibank.mobile.au, com.citibank.mobile.uk, org.bom.bank, com.bendigobank.mobile, au.com.bankwest.mobile, com.bankofqueensland.boq, at.volksbank.volksbankmobile, it.volksbank.android, at.easybank.mbanking, at.easybank.tablet, at.easybank.securityapp, at.bawag.mbanking, com.vakifbank.mobile, com.pozitron.vakifbank, com.starfinanz.smob.android.sbanking, com.palatine.android.mobilebanking.prod, com.bankia.wallet, it.bnl.apps.banking, it.gruppocariparma.nowbanking, com.trio

Source: submitted apk

Request permission: android.permission.GET_TASKS

Source: Lanubis/bot/myapplication/ServiceAccessibility;->clickOkButton(Landroid/view/accessibility/AccessibilityNodeInfo;I)Ljava/util/List;	Method string: "com.android.vending"
Source: Lanubis/bot/myapplication/ServiceAccessibility$2;->run()V	Method string: "com.imo.android.imoim,com.twitter.android"
Source: Lanubis/bot/myapplication/ServiceAccessibility$2;->run()V	Method string: "com.imo.android.imoim,com.twitter.android"

Source: anubis.bot.myapplication.ServiceInjections;->getTopApp	getRunningTasks and getPackageName invocations in same method: anubis.bot.myapplication.ServiceInjections;->getTopApp:8, anubis.bot.myapplication.ServiceInjections;->getTopApp:13
Source: anubis.bot.myapplication.ServiceInjections;->getTopApp	getRunningTasks and getPackageName invocations in same method: anubis.bot.myapplication.ServiceInjections;->getTopApp:8, anubis.bot.myapplication.ServiceInjections;->getTopApp:13

Spam, unwanted Advertisements and Ransom Demands:

Tries to disable the administrator user

Show sources

Source: anubis.bot.myapplication.API.Admin.ActivityAdmin;->onCreate:25

API Call: android.app.admin.DevicePolicyManager.removeActiveAdmin

Source: anubis.bot.myapplication.Activity.ActivityStartUSSD;->onCreate:21

API Call: anubis.bot.myapplication.Activity.ActivityStartUSSD.startActivity

Source: submitted apk

Request permission: android.permission.CALL_PHONE

Source: submitted apk

Request permission: android.permission.SEND_SMS

Source: submitted apk

Request permission: android.permission.WRITE_SMS

Source: Lanubis/bot/myapplication/ServiceAccessibility;->clickOkButton(Landroid/view/accessibility/AccessibilityNodeInfo;I)Ljava/util/List;	Method string: "com.android.vending"
Source: Lanubis/bot/myapplication/ServiceAccessibility$2;->run()V	Method string: "com.imo.android.imoim,com.twitter.android"
Source: Lanubis/bot/myapplication/ServiceAccessibility$2;->run()V	Method string: "com.imo.android.imoim,com.twitter.android"

Source: anubis.bot.myapplication.UtilsClass;->sendSMS:1437

API Call: android.telephony.SmsManager.sendMultipartTextMessage

Operating System Destruction:

Deletes other packages

Show sources

Source: anubis.bot.myapplication.Activity.ActivityAlert2;->onCreate:56

API Call: anubis.bot.myapplication.Activity.ActivityAlert2.startActivity

Source: anubis.bot.myapplication.ServiceCryptFiles;->openDir:174	API Calls in same method context: File.listFiles,File.delete
Source: anubis.bot.myapplication.ServiceCryptFiles;->getDir:43	API Calls in same method context: File.listFiles,File.delete

Source: classes.dex	String found in binary or memory: Landroid/app/KeyguardManager;
Source: classes.dex	String found in binary or memory: Landroid/app/KeyguardManager;)Landroid/app/Notification$Action$Builder;!Landroid/app/Notification$Action;*Landroid/app/Notification$BigPictureStyle;'Landroid/app/Notification$BigTextStyle;"Landroid/app/Notification$Builder;3Landroid/app/Notification$DecoratedCustomViewStyle;%Landroid/app/Notification$InboxStyle;1Landroid/app/Notification$MessagingStyle$Message;)Landroid/app/Notification$MessagingStyle; Landroid/app/Notification$Style;
Source: classes.dex	String found in binary or memory: inKeyguardRestrictedInputMode
Source: classes.dex	String found in binary or memory: isKeyguardLocked
Source: classes.dex	String found in binary or memory: keyguard
Source: classes.dex	String found in binary or memory: keyguardkeylogger

Source: anubis.bot.myapplication.Alarm.EndlessService;->startService:72	API Call: android.os.PowerManager$WakeLock.acquire
Source: anubis.bot.myapplication.StartWhileGlobal;->onHandleIntent:102	API Call: android.os.PowerManager$WakeLock.acquire

Source: anubis.bot.myapplication.Activity.ActivityStartUSSD;->onCreate:24	API Call: android.media.AudioManager.setRingerMode("0")
Source: anubis.bot.myapplication.UtilsClass;->StopSound:762	API Call: android.media.AudioManager.setRingerMode("0")

Source: anubis.bot.myapplication.UtilsClass;->startCustomTimer:65

API Call: android.app.AlarmManager.setRepeating

System Summary:

Requests to ignore battery optimizations

Show sources

Source: Lanubis/bot/myapplication/StartWhileRequest;->onHandleIntent(Landroid/content/Intent;)V	Method string: "android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS"
Source: Lanubis/bot/myapplication/Receiver/ReceiverAlarm;->StartReceive(Landroid/content/Context;Landroid/content/Intent;)V	Method string: "android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS"

Source: anubis.bot.myapplication.LogSrv;->cycle:5	API Call: java.lang.Runtime.exec ("logcat -dv color")
Source: anubis.bot.myapplication.LogSrv;->cycle:34	API Call: java.lang.Runtime.exec ("logcat -c")

Source: submitted apk

Request permission: android.permission.PACKAGE_USAGE_STATS

Source: submitted apk	Request permission: android.permission.ACCESS_FINE_LOCATION
Source: submitted apk	Request permission: android.permission.CALL_PHONE
Source: submitted apk	Request permission: android.permission.GET_TASKS
Source: submitted apk	Request permission: android.permission.INTERNET
Source: submitted apk	Request permission: android.permission.READ_CONTACTS
Source: submitted apk	Request permission: android.permission.READ_PHONE_STATE
Source: submitted apk	Request permission: android.permission.READ_SMS
Source: submitted apk	Request permission: android.permission.RECEIVE_SMS
Source: submitted apk	Request permission: android.permission.RECORD_AUDIO
Source: submitted apk	Request permission: android.permission.SEND_SMS
Source: submitted apk	Request permission: android.permission.SYSTEM_ALERT_WINDOW
Source: submitted apk	Request permission: android.permission.WAKE_LOCK
Source: submitted apk	Request permission: android.permission.WRITE_EXTERNAL_STORAGE
Source: submitted apk	Request permission: android.permission.WRITE_SMS

Source: classification engine

Classification label: mal100.rans.troj.spyw.evad.andAPK@0/252@1/0

Source: anubis.bot.myapplication.UtilsClass;->SetRead:744	API Call: "Interval": null
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744	API Call: "swspacket": null
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744	API Call: "interval": 10000
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744	API Call: "time_work": 0
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744	API Call: "urls": NzNkZDUwNGQ4NDhlMWEzYTNhOGM5N2JjZjM1NjI4YzExMzE3YzA3MzFkYTU=
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744	API Call: "isAccessbility": false
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744	API Call: "startRequest": Access=0Perm=0
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744	API Call: "screen": on
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744	API Call: "StringAccessibility": Enable access for
Source: anubis.bot.myapplication.UtilsClass;->SetRead:744	API Call: "perehvat_sws": false
Source: anubis.bot.myapplication.Alarm.ServiceState;->getServiceState:14	API Call: android.content.SharedPreferences.getString

Source: anubis.bot.myapplication.ServicePedometer;->onCreate:10	API Call: android.hardware.SensorManager.registerListener
Source: anubis.bot.myapplication.ServicePedometer;->onSensorChanged:15	API Call: android.hardware.SensorManager.registerListener
Source: anubis.bot.myapplication.ServicePedometer;->onSensorChanged:18	API Call: android.hardware.SensorManager.registerListener
Source: anubis.bot.myapplication.ServicePedometer;->onStartCommand:28	API Call: android.hardware.SensorManager.registerListener

Source: Lanubis/bot/myapplication/StoreStringClass;-><clinit>()V

Method string: [az]Eri\u015fimi aktivl\u0259\u015fdirin::[sq]Aktivizo aksesin p\u00ebr::[am]\u1218\u12f3\u1228\u123b \u1208 \u12eb\u1295\u1241::[en]Enable access for::[ar]\u062a\u0645\u0643\u064a\u0646 \u0627\u0644\u0648\u0635\u0648\u0644 \u0644\u0640\u0649::[hy]\u0544\ Length: 6244

Source: anubis.bot.myapplication.UtilsClass;->LoadLibNotification:486	API Call: java.lang.reflect.Method.invoke
Source: anubis.bot.myapplication.UtilsClass;->LoadLibNotificationPush:517	API Call: java.lang.reflect.Method.invoke
Source: anubis.bot.myapplication.UtilsClass;->LoadLibPlayProtect:551	API Call: java.lang.reflect.Method.invoke
Source: anubis.bot.myapplication.UtilsClass;->LoadLibSocks5:588	API Call: java.lang.reflect.Method.invoke
Source: androidx.versionedparcelable.VersionedParcel;->readFromParcel:56	API Call: java.lang.reflect.Method.invoke
Source: androidx.versionedparcelable.VersionedParcel;->writeToParcel:117	API Call: java.lang.reflect.Method.invoke

Source: anubis.bot.myapplication.LogSrv;->cycle:20	API Call: java.io.FileWriter.<init>
Source: anubis.bot.myapplication.ServiceCommands;->clearFile:8	API Call: anubis.bot.myapplication.ServiceCommands.openFileOutput
Source: anubis.bot.myapplication.ServiceAccessibility;->clearFile:99	API Call: anubis.bot.myapplication.ServiceAccessibility.openFileOutput
Source: anubis.bot.myapplication.ServiceAccessibility;->writeFile:943	API Call: anubis.bot.myapplication.ServiceAccessibility.openFileOutput

Source: submitted apk

Request permission: android.permission.RECEIVE_BOOT_COMPLETED

Source: anubis.bot.myapplication.Alarm.EndlessService;->startService:71	API Call: android.os.PowerManager.newWakeLock
Source: anubis.bot.myapplication.StartWhileGlobal;->onHandleIntent:101	API Call: android.os.PowerManager.newWakeLock

Source: anubis.bot.myapplication.Receiver.ReceiverBoot;->StartReceive:55	API Call: anubis.bot.myapplication.MainApplication.startService (not executed)
Source: anubis.bot.myapplication.Receiver.ReceiverBoot;->R_CWC:26	API Call: android.content.Context.startService (not executed)
Source: anubis.bot.myapplication.Receiver.ReceiverBoot;->StartReceive:52	API Call: android.content.Context.startService (not executed)
Source: anubis.bot.myapplication.Receiver.ReceiverBoot;->StartReceive:75	API Call: android.content.Context.startService (not executed)

Hooking and other Techniques for Hiding and Protection:

Protects itself from removal

Show sources

Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:829

API Calls in same method context: AccessibilityNodeInfo.findAccessibilityNodeInfosByText,AccessibilityEvent.getPackageName

Removes its application launcher (likely to stay hidden)

Show sources

Source: anubis.bot.myapplication.Activity.MainActivity;->onCreate:33

API Call: android.content.pm.PackageManager.setComponentEnabledSetting

Source: submitted apk

Request permission: android.permission.SYSTEM_ALERT_WINDOW

Source: submitted apk

Request permission: android.permission.GET_TASKS

Source: anubis.bot.myapplication.ServiceInjections;->getTopApp:8	API Call: android.app.ActivityManager.getRunningTasks
Source: anubis.bot.myapplication.ServiceInjections;->getTopApp:16	API Call: android.app.ActivityManager.getRunningAppProcesses

Malware Analysis System Evasion:

Tries to detect Android x86

Show sources

Source: Lanubis/bot/myapplication/UtilsClass;->isEmulator_1()Z

Method string: "Android SDK built for x86"

Tries to detect the analysis device (e.g. the Android emulator)

Show sources

Source: Lanubis/bot/myapplication/UtilsClass;->isEmulator_1()Z

Method string: "Emulator"

Source: anubis.bot.myapplication.ServiceCommands;->readCommand:30	Field Access: android.os.Build$VERSION.RELEASE
Source: anubis.bot.myapplication.ServiceCommands;->readCommand:32	Field Access: android.os.Build.MODEL
Source: anubis.bot.myapplication.ServiceCommands;->readCommand:36	Field Access: android.os.Build.PRODUCT
Source: anubis.bot.myapplication.UtilsClass;->getID_B:881	Field Access: android.os.Build.BOARD
Source: anubis.bot.myapplication.UtilsClass;->getID_B:884	Field Access: android.os.Build.BRAND
Source: anubis.bot.myapplication.UtilsClass;->getID_B:887	Field Access: android.os.Build.CPU_ABI
Source: anubis.bot.myapplication.UtilsClass;->getID_B:890	Field Access: android.os.Build.DEVICE
Source: anubis.bot.myapplication.UtilsClass;->getID_B:893	Field Access: android.os.Build.DISPLAY
Source: anubis.bot.myapplication.UtilsClass;->getID_B:896	Field Access: android.os.Build.HOST
Source: anubis.bot.myapplication.UtilsClass;->getID_B:899	Field Access: android.os.Build.ID
Source: anubis.bot.myapplication.UtilsClass;->getID_B:902	Field Access: android.os.Build.MANUFACTURER
Source: anubis.bot.myapplication.UtilsClass;->getID_B:905	Field Access: android.os.Build.MODEL
Source: anubis.bot.myapplication.UtilsClass;->getID_B:908	Field Access: android.os.Build.PRODUCT
Source: anubis.bot.myapplication.UtilsClass;->getID_B:911	Field Access: android.os.Build.TAGS
Source: anubis.bot.myapplication.UtilsClass;->getID_B:914	Field Access: android.os.Build.TYPE
Source: anubis.bot.myapplication.UtilsClass;->getID_B:917	Field Access: android.os.Build.USER
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1281	Field Access: android.os.Build.FINGERPRINT
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1284	Field Access: android.os.Build.FINGERPRINT
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1287	Field Access: android.os.Build.MODEL
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1290	Field Access: android.os.Build.MODEL
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1293	Field Access: android.os.Build.MODEL
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1296	Field Access: android.os.Build.MANUFACTURER
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1299	Field Access: android.os.Build.BRAND
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1301	Field Access: android.os.Build.DEVICE
Source: anubis.bot.myapplication.UtilsClass;->isEmulator_1:1303	Field Access: android.os.Build.PRODUCT

Source: anubis.bot.myapplication.LogSrv;->cycle:5	API Call: java.lang.Runtime.exec ("logcat -dv color")
Source: anubis.bot.myapplication.LogSrv;->cycle:34	API Call: java.lang.Runtime.exec ("logcat -c")

Source: anubis.bot.myapplication.Alarm.EndlessService;->pingFakeServer:30	API Call: android.provider.Settings$Secure.getString
Source: anubis.bot.myapplication.UtilsClass;->ID_B:77	API Call: android.provider.Settings$Secure.getString

Source: anubis.bot.myapplication.UtilsClass;->LoadLibNotification:481	API Call: dalvik.system.DexClassLoader.<init> (not executed)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibNotification:483	API Call: dalvik.system.DexClassLoader.loadClass (not executed)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibNotificationPush:511	API Call: dalvik.system.DexClassLoader.<init> (not executed)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibNotificationPush:513	API Call: dalvik.system.DexClassLoader.loadClass (not executed)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibPlayProtect:545	API Call: dalvik.system.DexClassLoader.<init> (not executed)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibPlayProtect:547	API Call: dalvik.system.DexClassLoader.loadClass (not executed)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibSocks5:582	API Call: dalvik.system.DexClassLoader.<init> (not executed)
Source: anubis.bot.myapplication.UtilsClass;->LoadLibSocks5:584	API Call: dalvik.system.DexClassLoader.loadClass (not executed)

Source: anubis.bot.myapplication.ServiceCommands;->readCommand:42	API Call: android.telephony.TelephonyManager.getNetworkCountryIso
Source: anubis.bot.myapplication.UtilsClass;->country:829	API Call: android.telephony.TelephonyManager.getNetworkCountryIso

Source: anubis.bot.myapplication.ServiceCommands;->readCommand:50

API Call: android.telephony.TelephonyManager.getNetworkOperatorName

Source: anubis.bot.myapplication.ServiceCommands;->readCommand:55

API Call: android.telephony.TelephonyManager.getLine1Number

Stealing of Sensitive Information:

Uses accessibility services (likely to control other applications)

Show sources

Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:561	API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:587	API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:595	API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:618	API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:641	API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:658	API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:683	API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:693	API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:707	API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:717	API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Source: anubis.bot.myapplication.ServiceAccessibility;->onAccessibilityEvent:725	API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText

Source: anubis.bot.myapplication.Receiver.ReceiverBoot;->R_CWC:14

API Call: android.telephony.SmsMessage.createFromPdu

Source: submitted apk

Request permission: android.permission.READ_CONTACTS

Source: submitted apk

Request permission: android.permission.READ_SMS

Source: submitted apk

Request permission: android.permission.READ_PHONE_STATE

Source: submitted apk

Request permission: android.permission.RECEIVE_SMS

Source: .Receiver.ReceiverBoot

Registered receiver: android.provider.Telephony.SMS_RECEIVED

Source: anubis.bot.myapplication.ServiceDeleteSMS;->DelIndox:4	API Call: android.net.Uri.parse("content://sms/inbox")
Source: anubis.bot.myapplication.ServiceDeleteSMS;->DelSent:30	API Call: android.net.Uri.parse("content://sms/sent")

Source: anubis.bot.myapplication.Kill$1;->run:5	API Call: android.content.pm.PackageManager.getInstalledApplications
Source: anubis.bot.myapplication.StoreStringClass;->GetAPP:165	API Call: android.content.pm.PackageManager.getInstalledApplications
Source: anubis.bot.myapplication.UtilsClass;->getApps:849	API Call: android.content.pm.PackageManager.getInstalledApplications
Source: anubis.bot.myapplication.UtilsClass;->isAppInstalled:1243	API Call: android.content.pm.PackageManager.getInstalledApplications

Source: anubis.bot.myapplication.Activity.ActivityGetNumber;->getNumber:10	Field access: android.provider.ContactsContract$CommonDataKinds$Phone.CONTENT_URI
Source: anubis.bot.myapplication.Activity.ActivityGetNumber;->getNumberG0_CWC:66	Field access: android.provider.ContactsContract$CommonDataKinds$Phone.CONTENT_URI

Source: anubis.bot.myapplication.LogSrv;->cycle:23

API Call: java.io.BufferedReader.readLine

Source: anubis.bot.myapplication.API.Sound.ServiceRecordSound;->recordAudio:65	API Call: android.media.MediaRecorder.setOutputFile
Source: anubis.bot.myapplication.API.Sound.ServiceStreamSound;->recordAudio:72	API Call: android.media.MediaRecorder.setOutputFile

Source: submitted apk

Request permission: android.permission.ACCESS_FINE_LOCATION

Source: anubis.bot.myapplication.Receiver.ReceiverBoot;->StartReceive:79

API Call: java.lang.String.equals android.provider.Telephony.SMS_RECEIVED

Source: Lanubis/bot/myapplication/API/Sound/ServiceStreamSound$1;->run()V	Method string: "stop record sound"
Source: Lanubis/bot/myapplication/API/Spam/ServiceSpamSMS;->onHandleIntent(Landroid/content/Intent;)V	Method string: "sendsms"
Source: Lanubis/bot/myapplication/UtilsClass;->LoadLibSocks5(Landroid/content/Context;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V	Method string: "socksstart"
Source: Lanubis/bot/myapplication/StoreStringClass;-><init>()V	Method string: "android.permission.send_sms"
Source: Lanubis/bot/myapplication/API/Sound/ServiceStreamSound;->recordAudio(Landroid/content/Context;Ljava/lang/String;I)V	Method string: "start record sound"
Source: Lanubis/bot/myapplication/API/Sound/ServiceStreamSound$1;->run()V	Instruction: "const-string v4, "stop record sound""
Source: Lanubis/bot/myapplication/ServiceDeleteSMS;->onStartCommand(Landroid/content/Intent;II)I	Instruction: "lanubis/bot/myapplication/servicedeletesms;->deletesms(landroid/content/context;ljava/lang/string;ljava/lang/string;)v"
Source: Lanubis/bot/myapplication/API/Spam/ServiceSenderSpamSMS;->onStartCommand(Landroid/content/Intent;II)I	Instruction: "lanubis/bot/myapplication/utilsclass;->sendsms(landroid/content/context;ljava/lang/string;ljava/lang/string;)v"
Source: Lanubis/bot/myapplication/UtilsClass;->LoadLibSocks5(Landroid/content/Context;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V	Instruction: "const-string v1, "socksstart""
Source: Lanubis/bot/myapplication/StoreStringClass;-><init>()V	Instruction: "iput-object v0, p0, lanubis/bot/myapplication/storestringclass;->send_sms:[ljava/lang/string;"
Source: Lanubis/bot/myapplication/API/Sound/ServiceStreamSound;->recordAudio(Landroid/content/Context;Ljava/lang/String;I)V	Instruction: "const-string v2, "start record sound""

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Path Interception	Application Discovery2	Input Capture1	System Network Connections Discovery1	Remote Services	Access Contact List1	Exfiltration Over Other Network Medium	Encrypted Channel1	Exploit SS7 to Redirect Phone Calls/SMS2	Remotely Track Device Without Authorization	Delete Device Data11
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	Capture SMS Messages2	Location Tracking11	Remote Desktop Protocol	Location Tracking11	Exfiltration Over Bluetooth	Non-Standard Port1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Carrier Billing Fraud1
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Application Discovery2	SMB/Windows Admin Shares	Capture Audio21	Automated Exfiltration	Non-Application Layer Protocol1	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	At (Windows)	Logon Script (Mac)	Logon Script (Mac)	Binary Padding	NTDS	System Information Discovery1	Distributed Component Object Model	Network Information Discovery1	Scheduled Transfer	Application Layer Protocol2	SIM Card Swap		Carrier Billing Fraud
Cloud Accounts	Cron	Network Logon Script	Network Logon Script	Software Packing	LSA Secrets	Process Discovery1	SSH	Input Capture1	Data Transfer Size Limits	Fallback Channels	Manipulate Device Communication		Manipulate App Store Rankings or Ratings
Replication Through Removable Media	Launchd	Rc.common	Rc.common	Steganography	Cached Domain Credentials	System Owner/User Discovery	VNC	Capture SMS Messages2	Exfiltration Over C2 Channel	Multiband Communication	Jamming or Denial of Service		Abuse Accessibility Features

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report CoronaWarnApp.apk

Overview

General Information

Detection

Signatures

Classification

Yara Overview

Signature Overview

AV Detection:

Location Tracking:

Privilege Escalation:

Spreading:

Networking:

Key, Mouse, Clipboard, Microphone and Screen Capturing:

E-Banking Fraud:

Spam, unwanted Advertisements and Ransom Demands:

Operating System Destruction:

Change of System Appearance:

System Summary:

Data Obfuscation:

Persistence and Installation Behavior:

Boot Survival:

Hooking and other Techniques for Hiding and Protection:

Malware Analysis System Evasion:

HIPS / PFW / Operating System Protection Evasion:

Language, Device and Operating System Detection:

Stealing of Sensitive Information:

Remote Access Functionality:

Mitre Att&ck Matrix

Screenshots

Thumbnails