Overview

overview

10

Static

static

10

Cinepia Plus_1.1.apk

android-11-x64

7

AC.json

android-11-x64

AD.json

android-11-x64

AE.json

android-11-x64

AF.json

android-11-x64

AG.json

android-11-x64

AI.json

android-11-x64

AL.json

android-11-x64

AM.json

android-11-x64

AO.json

android-11-x64

AQ.json

android-11-x64

AR.json

android-11-x64

AT.json

android-11-x64

AU.json

android-11-x64

AW.json

android-11-x64

AX.json

android-11-x64

AZ.json

android-11-x64

BA.json

android-11-x64

BB.json

android-11-x64

BD.json

android-11-x64

BE.json

android-11-x64

BF.json

android-11-x64

BG.json

android-11-x64

BH.json

android-11-x64

BI.json

android-11-x64

BJ.json

android-11-x64

BL.json

android-11-x64

BM.json

android-11-x64

BN.json

android-11-x64

BO.json

android-11-x64

BQ.json

android-11-x64

BR.json

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Cinepia Plus_1.1.apk

  • Size

    39.1MB

  • Sample

    231027-hkm8wscf9z

  • MD5

    08ea1dd393a9f4b1c4d18ea98e0a8420

  • SHA1

    73d9429d4ecf941279ea686de90697c9df7a5405

  • SHA256

    9fcefb4f8f0dd192d003c25f6558f19de9ab002941f0dfb266db3347fec1e694

  • SHA512

    373ea8dd3e8194f41d918af8842d6b11fd80aebb9bddffc2c3b798bd031e651b4c168af42304d6d249c84e3f155e69a3e9e81f29e672b92e6bd44ab4a270b933

  • SSDEEP

    786432:4Yzvjizw1welzEgxWmZT1y1hK10rIKxBcFwck5mrbcIV6CemWL:4YzvuMEqW1x9cack5+bgaS

Score
10/10
axbankerandroid

Malware Config

Extracted

Family

axbanker

C2

https://cinepiaplus-default-rtdb.firebaseio.com

Targets

    • Target

      Cinepia Plus_1.1.apk

    • Size

      39.1MB

    • MD5

      08ea1dd393a9f4b1c4d18ea98e0a8420

    • SHA1

      73d9429d4ecf941279ea686de90697c9df7a5405

    • SHA256

      9fcefb4f8f0dd192d003c25f6558f19de9ab002941f0dfb266db3347fec1e694

    • SHA512

      373ea8dd3e8194f41d918af8842d6b11fd80aebb9bddffc2c3b798bd031e651b4c168af42304d6d249c84e3f155e69a3e9e81f29e672b92e6bd44ab4a270b933

    • SSDEEP

      786432:4Yzvjizw1welzEgxWmZT1y1hK10rIKxBcFwck5mrbcIV6CemWL:4YzvuMEqW1x9cack5+bgaS

    Score
    7/10

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    behavioral1

    • Target

      AC.json

    • Size

      354B

    • MD5

      8b522fdb425f90b028e40663bb67a09c

    • SHA1

      d95d197ae591ee11dc38f83707317d4a9884bd10

    • SHA256

      f7c2437ae720aaedff2de3c55eb90dcb69bc268a3735a1ae6e87261230ced141

    • SHA512

      b404f3b65f25a5e28eda394295e342df8dc9c4beb4207e6e7aa260dd28478b3b27058fdf55e88971b45ca6f05c653ce4559c5ec0be1255af47ff2e3312bfe0f8

    Score
    1/10
    behavioral2

    • Target

      AD.json

    • Size

      354B

    • MD5

      040b0187daef873b569f3283d57f917e

    • SHA1

      d41938c6bc21ef0787bedde7948dddb3338e3162

    • SHA256

      69e7a3cbd1aa92c13e158b6af9e26031bd961153bf4132cb3349d6c7af9b708e

    • SHA512

      5b519efda31d71ba79d1c2fca228614054dc1e21ffbb947ebcf74a98b4b8138f05d5aadb05fc848e8be09d843edc33f2b1f8a7e264b78acb887dcc0c774e67a5

    Score
    1/10
    behavioral3

    • Target

      AE.json

    • Size

      234B

    • MD5

      1f78807deed6f85b093262af1b81ced4

    • SHA1

      6733d04740c18a7d77cecd1e8fe74e23a2bd77e9

    • SHA256

      f3fb968ddfa5e1752987bdaba337e3e9495755c2efd1ea108026e2e8a0ee7e87

    • SHA512

      00a2ff68d8c992006dc61aed2a1aab81f0148ce2539b91409ed3e7780445e65246bcea5fb2c601744f7d3428d3412d0a22ea1aacaa71f1705a6e5b8c87ee9642

    Score
    1/10
    behavioral4

    • Target

      AF.json

    • Size

      354B

    • MD5

      8b522fdb425f90b028e40663bb67a09c

    • SHA1

      d95d197ae591ee11dc38f83707317d4a9884bd10

    • SHA256

      f7c2437ae720aaedff2de3c55eb90dcb69bc268a3735a1ae6e87261230ced141

    • SHA512

      b404f3b65f25a5e28eda394295e342df8dc9c4beb4207e6e7aa260dd28478b3b27058fdf55e88971b45ca6f05c653ce4559c5ec0be1255af47ff2e3312bfe0f8

    Score
    1/10
    behavioral5

    • Target

      AG.json

    • Size

      222B

    • MD5

      396cd200376ea7b5bc4ff564198e8d0b

    • SHA1

      e4daaf3f0bc1e0cb57db438182a5b4d28234c6b6

    • SHA256

      d66d21022526506f01e1e673c6f58b1f4d1804a2a77b2ca809f129f17b3c481c

    • SHA512

      2ef9ac455d0aa8e8f0cde78a8e739e132537217c56833f4e3204cd439b1be953e85ffcfce11a1552c3c37d784c18b164bddc39df7b4f7d8ac6f5d37a774ddff2

    Score
    1/10
    behavioral6

    • Target

      AI.json

    • Size

      354B

    • MD5

      8b522fdb425f90b028e40663bb67a09c

    • SHA1

      d95d197ae591ee11dc38f83707317d4a9884bd10

    • SHA256

      f7c2437ae720aaedff2de3c55eb90dcb69bc268a3735a1ae6e87261230ced141

    • SHA512

      b404f3b65f25a5e28eda394295e342df8dc9c4beb4207e6e7aa260dd28478b3b27058fdf55e88971b45ca6f05c653ce4559c5ec0be1255af47ff2e3312bfe0f8

    Score
    1/10
    behavioral7

    • Target

      AL.json

    • Size

      354B

    • MD5

      040b0187daef873b569f3283d57f917e

    • SHA1

      d41938c6bc21ef0787bedde7948dddb3338e3162

    • SHA256

      69e7a3cbd1aa92c13e158b6af9e26031bd961153bf4132cb3349d6c7af9b708e

    • SHA512

      5b519efda31d71ba79d1c2fca228614054dc1e21ffbb947ebcf74a98b4b8138f05d5aadb05fc848e8be09d843edc33f2b1f8a7e264b78acb887dcc0c774e67a5

    Score
    1/10
    behavioral8

    • Target

      AM.json

    • Size

      471B

    • MD5

      f932b8b88d80e53d9786ea47b1eab17b

    • SHA1

      f2542a2d877e271dfc45ebd8d0931e39cd3a411e

    • SHA256

      45b15defd84e637c3c597d66e7668297c1ec1f036b340bf6d09abf9262f86dad

    • SHA512

      a66be2d85cd12de096ce5d964cfcdf22251c005a5a8f73055da7afa758d419aff73ce260d2bec69798e41891bb2894cd25c452fbb948d8aac16e4877f5848c4b

    Score
    1/10
    behavioral9

    • Target

      AO.json

    • Size

      221B

    • MD5

      b49eedaac23eda66084aa91435537b70

    • SHA1

      c5b03df851cdb312b5a0e598bdc1dcd3251970cd

    • SHA256

      a98d16cb856d23cbef0a6614722ec0095aa9cc5b304c5f5d63d10d9dde49bd9b

    • SHA512

      1c7edb260a4be45864d4f9a33913979eb3443720b5ac843ec2bc10299fd51f3e530ef5c86ea78415573cf98880162f18e1b16fbfe548acf2317095fbbd276da7

    Score
    1/10
    behavioral10

    • Target

      AQ.json

    • Size

      221B

    • MD5

      b49eedaac23eda66084aa91435537b70

    • SHA1

      c5b03df851cdb312b5a0e598bdc1dcd3251970cd

    • SHA256

      a98d16cb856d23cbef0a6614722ec0095aa9cc5b304c5f5d63d10d9dde49bd9b

    • SHA512

      1c7edb260a4be45864d4f9a33913979eb3443720b5ac843ec2bc10299fd51f3e530ef5c86ea78415573cf98880162f18e1b16fbfe548acf2317095fbbd276da7

    Score
    1/10
    behavioral11

    • Target

      AR.json

    • Size

      471B

    • MD5

      f932b8b88d80e53d9786ea47b1eab17b

    • SHA1

      f2542a2d877e271dfc45ebd8d0931e39cd3a411e

    • SHA256

      45b15defd84e637c3c597d66e7668297c1ec1f036b340bf6d09abf9262f86dad

    • SHA512

      a66be2d85cd12de096ce5d964cfcdf22251c005a5a8f73055da7afa758d419aff73ce260d2bec69798e41891bb2894cd25c452fbb948d8aac16e4877f5848c4b

    Score
    1/10
    behavioral12

    • Target

      AT.json

    • Size

      353B

    • MD5

      fc9b99750f0e5a32077f9608ba9c7b0c

    • SHA1

      6e8202e326cae378ac5763ef5b6ca663481593b0

    • SHA256

      8fda05e81fce2773108d0ff3689dd59bd19d5a0430abfe2dc2d2c5a06332dbf3

    • SHA512

      79c7ceb47ae1aefd54e5580f61fab652a304c3ef4b99cd8d129550360e25d419760209b9def16478d83feb453691678a8f2a56396ad78e78e644ea82be422f99

    Score
    1/10
    behavioral13

    • Target

      AU.json

    • Size

      476B

    • MD5

      c5c4e819715b3a1a44bfe30c5d957f73

    • SHA1

      f78c634f977e6e989158efa922a8ee3b4a6a58b1

    • SHA256

      281f22d1448f10367caec543e08ca08ef893b5a85089e2b658dc51ee4fd226d1

    • SHA512

      7b1cbbae45ebb0a30f754d46d541bb73a7186e318690f676b561708aeff0ec86da26f53922d12fab1338a5bbafcaab3c4dab241021961e45f6d848a5bc95d48b

    Score
    1/10
    behavioral14

    • Target

      AW.json

    • Size

      221B

    • MD5

      b49eedaac23eda66084aa91435537b70

    • SHA1

      c5b03df851cdb312b5a0e598bdc1dcd3251970cd

    • SHA256

      a98d16cb856d23cbef0a6614722ec0095aa9cc5b304c5f5d63d10d9dde49bd9b

    • SHA512

      1c7edb260a4be45864d4f9a33913979eb3443720b5ac843ec2bc10299fd51f3e530ef5c86ea78415573cf98880162f18e1b16fbfe548acf2317095fbbd276da7

    Score
    1/10
    behavioral15

    • Target

      AX.json

    • Size

      353B

    • MD5

      fc9b99750f0e5a32077f9608ba9c7b0c

    • SHA1

      6e8202e326cae378ac5763ef5b6ca663481593b0

    • SHA256

      8fda05e81fce2773108d0ff3689dd59bd19d5a0430abfe2dc2d2c5a06332dbf3

    • SHA512

      79c7ceb47ae1aefd54e5580f61fab652a304c3ef4b99cd8d129550360e25d419760209b9def16478d83feb453691678a8f2a56396ad78e78e644ea82be422f99

    Score
    1/10
    behavioral16

    • Target

      AZ.json

    • Size

      354B

    • MD5

      040b0187daef873b569f3283d57f917e

    • SHA1

      d41938c6bc21ef0787bedde7948dddb3338e3162

    • SHA256

      69e7a3cbd1aa92c13e158b6af9e26031bd961153bf4132cb3349d6c7af9b708e

    • SHA512

      5b519efda31d71ba79d1c2fca228614054dc1e21ffbb947ebcf74a98b4b8138f05d5aadb05fc848e8be09d843edc33f2b1f8a7e264b78acb887dcc0c774e67a5

    Score
    1/10
    behavioral17

    • Target

      BA.json

    • Size

      354B

    • MD5

      040b0187daef873b569f3283d57f917e

    • SHA1

      d41938c6bc21ef0787bedde7948dddb3338e3162

    • SHA256

      69e7a3cbd1aa92c13e158b6af9e26031bd961153bf4132cb3349d6c7af9b708e

    • SHA512

      5b519efda31d71ba79d1c2fca228614054dc1e21ffbb947ebcf74a98b4b8138f05d5aadb05fc848e8be09d843edc33f2b1f8a7e264b78acb887dcc0c774e67a5

    Score
    1/10
    behavioral18

    • Target

      BB.json

    • Size

      470B

    • MD5

      8d210c04b9bc8e47e68feb186880f4cc

    • SHA1

      b5e1b9a3fe97fc9ba90d43be4d853e0f03b0adde

    • SHA256

      4435f1851c5ff069846dfd387e7e54d08787997c3b3bb10a2bb6a6d471477bed

    • SHA512

      27efdb6d804498403048806f4b094aa2aae3c6fc8e1d8d0020f641f9259882edfde3861de5ef7793658436a4cd808a84d54b09b1d0a55b0388656da2e83339b8

    Score
    1/10
    behavioral19

    • Target

      BD.json

    • Size

      354B

    • MD5

      8b522fdb425f90b028e40663bb67a09c

    • SHA1

      d95d197ae591ee11dc38f83707317d4a9884bd10

    • SHA256

      f7c2437ae720aaedff2de3c55eb90dcb69bc268a3735a1ae6e87261230ced141

    • SHA512

      b404f3b65f25a5e28eda394295e342df8dc9c4beb4207e6e7aa260dd28478b3b27058fdf55e88971b45ca6f05c653ce4559c5ec0be1255af47ff2e3312bfe0f8

    Score
    1/10
    behavioral20

    • Target

      BE.json

    • Size

      353B

    • MD5

      fc9b99750f0e5a32077f9608ba9c7b0c

    • SHA1

      6e8202e326cae378ac5763ef5b6ca663481593b0

    • SHA256

      8fda05e81fce2773108d0ff3689dd59bd19d5a0430abfe2dc2d2c5a06332dbf3

    • SHA512

      79c7ceb47ae1aefd54e5580f61fab652a304c3ef4b99cd8d129550360e25d419760209b9def16478d83feb453691678a8f2a56396ad78e78e644ea82be422f99

    Score
    1/10
    behavioral21

    • Target

      BF.json

    • Size

      328B

    • MD5

      091d759e670a90a4b680a0e26edfb92e

    • SHA1

      ed2db19a59baa1d3a0f4b0d0c64f71381bd64984

    • SHA256

      d66717dd5ddce0d2dda3fc7b4d380afd9ea60a98fa02f9b3daef16bdc79eeee5

    • SHA512

      47123984c25407e34b9c4d7887d560a0de81d9d65c865707f0c371a101b2c9ad156dc36a584b2f02ce86750ed7faf02a485b57c8c7a06b90fefc5b9afeb79643

    Score
    1/10
    behavioral22

    • Target

      BG.json

    • Size

      354B

    • MD5

      040b0187daef873b569f3283d57f917e

    • SHA1

      d41938c6bc21ef0787bedde7948dddb3338e3162

    • SHA256

      69e7a3cbd1aa92c13e158b6af9e26031bd961153bf4132cb3349d6c7af9b708e

    • SHA512

      5b519efda31d71ba79d1c2fca228614054dc1e21ffbb947ebcf74a98b4b8138f05d5aadb05fc848e8be09d843edc33f2b1f8a7e264b78acb887dcc0c774e67a5

    Score
    1/10
    behavioral23

    • Target

      BH.json

    • Size

      354B

    • MD5

      8b522fdb425f90b028e40663bb67a09c

    • SHA1

      d95d197ae591ee11dc38f83707317d4a9884bd10

    • SHA256

      f7c2437ae720aaedff2de3c55eb90dcb69bc268a3735a1ae6e87261230ced141

    • SHA512

      b404f3b65f25a5e28eda394295e342df8dc9c4beb4207e6e7aa260dd28478b3b27058fdf55e88971b45ca6f05c653ce4559c5ec0be1255af47ff2e3312bfe0f8

    Score
    1/10
    behavioral24

    • Target

      BI.json

    • Size

      221B

    • MD5

      b49eedaac23eda66084aa91435537b70

    • SHA1

      c5b03df851cdb312b5a0e598bdc1dcd3251970cd

    • SHA256

      a98d16cb856d23cbef0a6614722ec0095aa9cc5b304c5f5d63d10d9dde49bd9b

    • SHA512

      1c7edb260a4be45864d4f9a33913979eb3443720b5ac843ec2bc10299fd51f3e530ef5c86ea78415573cf98880162f18e1b16fbfe548acf2317095fbbd276da7

    Score
    1/10
    behavioral25

    • Target

      BJ.json

    • Size

      221B

    • MD5

      b49eedaac23eda66084aa91435537b70

    • SHA1

      c5b03df851cdb312b5a0e598bdc1dcd3251970cd

    • SHA256

      a98d16cb856d23cbef0a6614722ec0095aa9cc5b304c5f5d63d10d9dde49bd9b

    • SHA512

      1c7edb260a4be45864d4f9a33913979eb3443720b5ac843ec2bc10299fd51f3e530ef5c86ea78415573cf98880162f18e1b16fbfe548acf2317095fbbd276da7

    Score
    1/10
    behavioral26

    • Target

      BL.json

    • Size

      460B

    • MD5

      638184a7847726343b5279f0450f153b

    • SHA1

      22c67735ec3e71cded2cf1e968db3e51aee74dd4

    • SHA256

      5256628f6ebf857dd9bbabe7680346f34e7ceb6824d1740e1da4351bcdee6aca

    • SHA512

      deadc317a9900fe287c178ec7de2a94f5acd114e2201166400c3e582772d2c52a4ce6114ad38afa9206480214ba2f188e09e428184b89e1cd8b58667703d550a

    Score
    1/10
    behavioral27

    • Target

      BM.json

    • Size

      354B

    • MD5

      8b522fdb425f90b028e40663bb67a09c

    • SHA1

      d95d197ae591ee11dc38f83707317d4a9884bd10

    • SHA256

      f7c2437ae720aaedff2de3c55eb90dcb69bc268a3735a1ae6e87261230ced141

    • SHA512

      b404f3b65f25a5e28eda394295e342df8dc9c4beb4207e6e7aa260dd28478b3b27058fdf55e88971b45ca6f05c653ce4559c5ec0be1255af47ff2e3312bfe0f8

    Score
    1/10
    behavioral28

    • Target

      BN.json

    • Size

      354B

    • MD5

      8b522fdb425f90b028e40663bb67a09c

    • SHA1

      d95d197ae591ee11dc38f83707317d4a9884bd10

    • SHA256

      f7c2437ae720aaedff2de3c55eb90dcb69bc268a3735a1ae6e87261230ced141

    • SHA512

      b404f3b65f25a5e28eda394295e342df8dc9c4beb4207e6e7aa260dd28478b3b27058fdf55e88971b45ca6f05c653ce4559c5ec0be1255af47ff2e3312bfe0f8

    Score
    1/10
    behavioral29

    • Target

      BO.json

    • Size

      221B

    • MD5

      b49eedaac23eda66084aa91435537b70

    • SHA1

      c5b03df851cdb312b5a0e598bdc1dcd3251970cd

    • SHA256

      a98d16cb856d23cbef0a6614722ec0095aa9cc5b304c5f5d63d10d9dde49bd9b

    • SHA512

      1c7edb260a4be45864d4f9a33913979eb3443720b5ac843ec2bc10299fd51f3e530ef5c86ea78415573cf98880162f18e1b16fbfe548acf2317095fbbd276da7

    Score
    1/10
    behavioral30

    • Target

      BQ.json

    • Size

      221B

    • MD5

      b49eedaac23eda66084aa91435537b70

    • SHA1

      c5b03df851cdb312b5a0e598bdc1dcd3251970cd

    • SHA256

      a98d16cb856d23cbef0a6614722ec0095aa9cc5b304c5f5d63d10d9dde49bd9b

    • SHA512

      1c7edb260a4be45864d4f9a33913979eb3443720b5ac843ec2bc10299fd51f3e530ef5c86ea78415573cf98880162f18e1b16fbfe548acf2317095fbbd276da7

    Score
    1/10
    behavioral31

    • Target

      BR.json

    • Size

      586B

    • MD5

      6c906be88bdbb2316513b88e7a97a077

    • SHA1

      66be9efbba1411305d9af58fa8dac58ecf982c30

    • SHA256

      8577bdc994a1181baa451fcc1664be402c470c32e5710a85ecc2cf84d000f99f

    • SHA512

      e2dba97ffc81e2241bf38ffdcda3eb592db4494543a5b10d2146e203500a39d29c0b77df1332f25fe023715a8971c7fd87b4576035d5ea2727410265e80d13a1

    Score
    1/10
    behavioral32

MITRE ATT&CK Matrix

Tasks