According to cyware, Zanubis malware pretends to be a malicious PDF application. The threat actor uses it as a key to decrypt responses received from the C2 server.
|2022-12-07 ⋅ K7 Security ⋅ |
An upsurge of new Android Banking Trojan “Zanubis”
There is no Yara-Signature yet.