axbanker | e1a006f8758618539d5d414262da6559f5896389786026c851bde4a8e4d8c618 | Triage

Sharing

General

Target

ap.apk
Size

9.4MB
Sample

231218-l6caasbeb2
MD5

aaf7ad9e94e3d6a974011088bdaa5129
SHA1

7235adcbaab01d1ed8f188fc30ddd7292859863e
SHA256

e1a006f8758618539d5d414262da6559f5896389786026c851bde4a8e4d8c618
SHA512

a9cec017579b2365fcaef18a41defedf21d9dc67ac64d0dd9fac67269f58214361d3cc591c62797a365c71576644cd9e698ccc90364f94481c0ed46f35de59a7
SSDEEP

196608:gF6agaCPa7sUtW5mawKKGeHUp1IhQru6UDmO1YNuGVZ0Oa9t:gSaCwsUtCQ7i1eWiDmOin4Oa9t

Score

10^/10

axbanker android banker infostealer

Malware Config

Extracted

Family

axbanker

C2

https://dchdn.in/api/user/sms

https://dchdn.in/api/user/step1

Targets

- Target
  
  ap.apk
- Size
  
  9.4MB
- MD5
  
  aaf7ad9e94e3d6a974011088bdaa5129
- SHA1
  
  7235adcbaab01d1ed8f188fc30ddd7292859863e
- SHA256
  
  e1a006f8758618539d5d414262da6559f5896389786026c851bde4a8e4d8c618
- SHA512
  
  a9cec017579b2365fcaef18a41defedf21d9dc67ac64d0dd9fac67269f58214361d3cc591c62797a365c71576644cd9e698ccc90364f94481c0ed46f35de59a7
- SSDEEP
  
  196608:gF6agaCPa7sUtW5mawKKGeHUp1IhQru6UDmO1YNuGVZ0Oa9t:gSaCwsUtCQ7i1eWiDmOin4Oa9t
Score

10^/10

axbanker banker infostealer
- AxBanker
  AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
  banker infostealer axbanker
- Requests dangerous framework permissions
behavioral1
- Target
  
  hook.apk
- Size
  
  3.9MB
- MD5
  
  a664a5e2b20fb594287fad61bd86331a
- SHA1
  
  c4b1050dac229ab3b696a8f6a994b7eff770d8f6
- SHA256
  
  0358417eba8a06e56907d76ad0a8df321c40f406a3c149aba64f0e089bb3d438
- SHA512
  
  baa228fb916d39e5ba0c8517179f48652f95b010279273b05764214c6d258d6f95214dcefa57df6e0eb67a330dd9aa5a22600e6567c5516fb40d7f497451797c
- SSDEEP
  
  98304:uNqWXYNNpVvB5sv9aTKju7YgowjeCAVOVOPlmqG9ov4nVHXWiHq:uNqSYNNpNs1aTUjewW4lmb9owV3y
Score

1^/10
behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

axbankerbankerinfostealer

behavioral2