1. Home
  2. Software
  3. Asacub

Asacub

Asacub is a banking trojan that attempts to steal money from victims’ bank accounts. It attempts to do this by initiating a wire transfer via SMS message from compromised devices.[1]

ID: S0540
Associated Software: Trojan-SMS.AndroidOS.Smaps
Type: MALWARE
Platforms: Android
Version: 1.0
Created: 14 December 2020
Last Modified: 16 December 2020
Version Permalink

Associated Software Descriptions

Name Description
Trojan-SMS.AndroidOS.Smaps

[1]
Mobile Layer
download view

Techniques Used

Domain ID Name Use
Mobile T1626 .001 Abuse Elevation Control Mechanism: Device Administrator Permissions

Asacub can request device administrator permissions.[1]
Mobile T1437 .001 Application Layer Protocol: Web Protocols

Asacub has communicated with the C2 using HTTP POST requests.[1]
Mobile T1532 Archive Collected Data

Asacub has encrypted C2 communications using Base64-encoded RC4.[1]
Mobile T1655 .001 Masquerading: Match Legitimate Name or Location

Asacub has masqueraded as a client of popular free ads services.[1]
Mobile T1575 Native API

Asacub has implemented functions in native code.[1]
Mobile T1406 Obfuscated Files or Information

Asacub has stored encrypted strings in the APK file.[1]
Mobile T1636 .003 Protected User Data: Contact List

Asacub can collect the device’s contact list.[1]
.004 Protected User Data: SMS Messages

Asacub can collect SMS messages as they are received.[1]
Mobile T1582 SMS Control

Asacub can send SMS messages from compromised devices.[1]

Mobile T1426 System Information Discovery

Asacub can collect various pieces of device information, including device model and OS version.[1]
Mobile T1422 System Network Configuration Discovery

Asacub can collect various pieces of device network configuration information, such as mobile network operator.[1]
.001 Internet Connection Discovery

Asacub can collect various pieces of device network configuration information, such as mobile network operator.[1]

References

  1. T. Shishkova. (2018, August 28). The rise of mobile banker Asacub. Retrieved December 14, 2020.