SYMBOLCOMMON_NAMEaka. SYNONYMS
win.anubis (Back to overview)

Anubis

aka: Anubis Stealer

According to Microsoft Security Intelligence, Anubis is an information stealer sold on underground forums since June 2020. The name overlaps with the Android banking malware but is unrelated. It contains code forked from Loki PWS.

References
2022-08-08Medium CSIS TechblogBenoît Ancel
An inside view of domain anonymization as-a-service — the BraZZZerSFF infrastructure
Riltok magecart Anubis Azorult BetaBot Buer CoalaBot CryptBot DiamondFox DreamBot GCleaner ISFB Loki Password Stealer (PWS) MedusaLocker MeguminTrojan Nemty PsiX RedLine Stealer SmokeLoader STOP TinyNuke Vidar Zloader
2021-05-02Cybleinccybleinc
Mobile Malware App Anubis Strikes Again, Continues to Lure Users Disguised as a Fake Antivirus
Anubis
2020-08-27Twitter (@MsftSecIntel)Microsoft Security Intelligence
Tweet on Anubis Stealer
Anubis
2020-05-31The RecordCatalin Cimpanu
Russian hacker Pavel Sitnikov arrested for sharing malware source code
Anubis

There is no Yara-Signature yet.