com.play.googleprotect.SplashActivity
android.intent.action.MAIN
General
-
Target
axis-rewards-offer.apk
-
Size
5.8MB
-
MD5
7bdc564c79150b00403fb1f265b0ffa7
-
SHA1
9d49d98c82bb636009e6e62b140a381f91059494
-
SHA256
44ff8737b442f65e1665f93a009b42ae21eec4614c94e0de2ea27b85250e908c
-
SHA512
da2d7959faf43670c5b86a079672577144efab240d95a9bb5b0a6654715483a92904ddc16b3a57a53e633055fbb634414f839856b7cb4c7267daa939d3a6bd29
-
SSDEEP
98304:XcVM74chL3EQPCEqOD3PKSWHrkeYzodY9DTEnPOKScrZEJBaoLi3Esr0di:XF7ZPCERjifHBAode+PO3cryJ4ofi
Score
10/10
Malware Config
Extracted
Family
axbanker
C2
https://edgecredits.in/api/user/step2
https://newax-d7dc6-default-rtdb.firebaseio.com
Signatures
-
Axbanker family
-
Requests dangerous framework permissions 4 IoCs
Files
-
axis-rewards-offer.apk
com.play.googleprotect
com.play.googleprotect.SplashActivity
-
baseline.prof
-
baseline.profm
Android Permissions
axis-rewards-offer.apk
Permissions
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INSTANT_APP_FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE
android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.SEND_SMS