SYMBOLCOMMON_NAMEaka. SYNONYMS
win.anubis (Back to overview)

Anubis

aka: Anubis Stealer

According to Microsoft Security Intelligence, Anubis is an information stealer sold on underground forums since June 2020. The name overlaps with the Android banking malware but is unrelated. It contains code forked from Loki PWS.

References
2021-05-02Cybleinccybleinc
@online{cybleinc:20210502:mobile:8f117f2, author = {cybleinc}, title = {{Mobile Malware App Anubis Strikes Again, Continues to Lure Users Disguised as a Fake Antivirus}}, date = {2021-05-02}, organization = {Cybleinc}, url = {https://cybleinc.com/2021/05/02/mobile-malware-app-anubis-strikes-again-continues-to-lure-users-disguised-as-a-fake-antivirus/}, language = {English}, urldate = {2021-05-03} } Mobile Malware App Anubis Strikes Again, Continues to Lure Users Disguised as a Fake Antivirus
Anubis
2020-08-27Twitter (@MsftSecIntel)Microsoft Security Intelligence
@online{intelligence:20200827:anubis:e53422c, author = {Microsoft Security Intelligence}, title = {{Tweet on Anubis Stealer}}, date = {2020-08-27}, organization = {Twitter (@MsftSecIntel)}, url = {https://twitter.com/MsftSecIntel/status/1298752223321546754}, language = {English}, urldate = {2020-09-01} } Tweet on Anubis Stealer
Anubis
2020-05-31The RecordCatalin Cimpanu
@online{cimpanu:20200531:russian:2bdcc02, author = {Catalin Cimpanu}, title = {{Russian hacker Pavel Sitnikov arrested for sharing malware source code}}, date = {2020-05-31}, organization = {The Record}, url = {https://therecord.media/russian-hacker-pavel-sitnikov-arrested-for-sharing-malware-source-code/}, language = {English}, urldate = {2021-06-09} } Russian hacker Pavel Sitnikov arrested for sharing malware source code
Anubis

There is no Yara-Signature yet.