axbanker | app1[.]apk

Sharing

Copy URL

Twitter E-mail

General

Target

app1.apk
Size

10.0MB
MD5

aa9123b81701d3df7af7a626fc6ce8af
SHA1

25c7b39411cc4294a07d740344f0c6df3b7a6ddf
SHA256

78986663305100a5a4c3ec972d337303cb7162deea3a19b367c6dcbc9d88d5ad
SHA512

cd42c6332a60d767610fc0ddf5faec327dfff8b271faba38b489f93fa9dc6422485b5408397a6c828dc7ea361fbc9f91a15fa0f9debe7110c0962bad695592b8
SSDEEP

196608:YlvpyVOLMeA/jvUr5ElRoBqpc51Aw9hEgTP:mpyaMeYzcOMegTP

Score

10^/10

axbanker

Malware Config

Extracted

Family

axbanker

https://icicistore.in/api/user/step2

https://newax-d7dc6-default-rtdb.firebaseio.com

Signatures

Axbanker family
axbanker

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS

Files

app1.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.lulu.lulubox

com.lulu.lulubox.SplashActivity

Activities

com.lulu.lulubox.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INSTANT_APP_FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE
android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.SEND_SMS

Receivers

com.lulu.lulubox.MyReceiver

com.example.autostart.ACTION_IMPLICIT_BROADCAST
com.example.autostart.ACTION_EXPLICIT_BROADCAST
android.provider.Telephony.SMS_RECEIVED

Services
baseline.prof
baseline.profm
hook.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.lulu.lulubox

com.lulu.lulubox.SplashActivity

Activities

com.lulu.lulubox.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INSTANT_APP_FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE
android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.SEND_SMS

Receivers

com.lulu.lulubox.MyReceiver

com.example.autostart.ACTION_IMPLICIT_BROADCAST
com.example.autostart.ACTION_EXPLICIT_BROADCAST
android.provider.Telephony.SMS_RECEIVED

Services
baseline.prof
baseline.profm

Android Permissions

app1.apk

Permissions

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.READ_SMS

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.INSTANT_APP_FOREGROUND_SERVICE

android.permission.FOREGROUND_SERVICE

android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.SEND_SMS

Sharing

General

Malware Config

Extracted

Signatures

Files

com.lulu.lulubox

com.lulu.lulubox.SplashActivity

Activities

com.lulu.lulubox.SplashActivity

Permissions

Receivers

com.lulu.lulubox.MyReceiver

Services

com.lulu.lulubox

com.lulu.lulubox.SplashActivity

Activities

com.lulu.lulubox.SplashActivity

Permissions

Receivers

com.lulu.lulubox.MyReceiver

Services

Android Permissions

app1.apk