axbanker | 1a347d46ba42c55307fe47be270ecaf7[.]apk

General

Target

1a347d46ba42c55307fe47be270ecaf7.apk
Size

3.3MB
MD5

1a347d46ba42c55307fe47be270ecaf7
SHA1

c621704862a3a3a789a0fe4fe824e29250684cfb
SHA256

4c968691fc556620c61e1122aeddca4d88670df5b1146f24bce61db5f4c512c9
SHA512

93c6682db0334de147bf4c75aa130b3d8c970628e98e8614fab9add8d866474578a6502a7da37a2b5ef0899f547aff0a114ef5c47dc1c6646b3d0f8984230f0e
SSDEEP

98304:FZO20uJ7LvEqw5KD24DFTT/OAtWc80NjGCuAtu:/O2JBLMw24t2AgcpKCjE

Score

10^/10

axbanker

Malware Config

Extracted

Family

axbanker

C2

https://superp.in/api/user/step1

Signatures

Axbanker family
axbanker

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS

Files

1a347d46ba42c55307fe47be270ecaf7.apk
.apk android

com.ideopay.user

com.ideopay.user.SplashActivity

Activities

com.ideopay.user.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INSTANT_APP_FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE
android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
com.ideopay.user.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Receivers

com.ideopay.user.MyReceiver

com.example.autostart.ACTION_IMPLICIT_BROADCAST
com.example.autostart.ACTION_EXPLICIT_BROADCAST
android.provider.Telephony.SMS_RECEIVED

Services

Android Permissions

1a347d46ba42c55307fe47be270ecaf7.apk

Permissions

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.READ_SMS

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.INSTANT_APP_FOREGROUND_SERVICE

android.permission.FOREGROUND_SERVICE

android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

com.ideopay.user.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Sharing

General

Malware Config

Extracted

Signatures

Files

com.ideopay.user

com.ideopay.user.SplashActivity

Activities

com.ideopay.user.SplashActivity

Permissions

Receivers

com.ideopay.user.MyReceiver

Services

Android Permissions

1a347d46ba42c55307fe47be270ecaf7.apk