axbanker | 215c2663ff556f27eaf55d61f754d72938635d1901b7c8e2be64b66181e801bf | Triage

Analysis

max time kernel
1449774s
max time network
132s
platform
android_x86
resource
android-x86-arm-20231020-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231020-enlocale:en-usos:android-9-x86system
submitted
22/10/2023, 07:43

Sharing

Report Analysis Logs

General

Target

k.apk
Size

8.0MB
MD5

7eea6c20b5df04e4dc63a18bd963c0f7
SHA1

7be6bef5f87f915cc5286adc1221678d4c090e26
SHA256

215c2663ff556f27eaf55d61f754d72938635d1901b7c8e2be64b66181e801bf
SHA512

4aad11aae512368cdb4d8d46d9c56991b7e24687140de91c8cdbf59dc9c3f9e0e160e853830840733a357ebad6e8385417a68b077bbab470afac73a944b7b915
SSDEEP

196608:+KKroXNaIN5OT5G8Iz7NxJlJqCcAZs55Ks9t:FK0XwIN5G5Qz/JJs55Ks9t

Score

10^/10

axbanker banker infostealer

Malware Config

Extracted

Family

axbanker

C2

https://addnow.co.in/api/user/step1

Signatures

AxBanker
AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
banker infostealer axbanker

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS

com.mxtech.videoplayer
1⤵
PID:4246

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mxtech.videoplayer/files/hook.apk

Filesize
3.3MB

MD5
f2ae4a29dbfc250dd10151db321025c0

SHA1
8b9163ab9c65399c6cdbab2e9837988026b8b0c3

SHA256
c708b795b932ed551b14a727b6b75e05b07935b79e49d9489671fb926d096975

SHA512
1ae120d361b55d5154a16e1d48a9059fca36b7e72099da3c4727f1927f8c4d77072f02b4ed8d0156466e5c6ec0765cdccf862b8f06eb8e2c729b767ef08b9fa5

Download Submit