Overview

overview

10

Static

static

10

ap.apk

android-10-x64

10

hook.apk

android-10-x64

Analysis

  • max time kernel
    2087264s
  • max time network
    152s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    18/12/2023, 10:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ap.apk

  • Size

    9.4MB

  • MD5

    aaf7ad9e94e3d6a974011088bdaa5129

  • SHA1

    7235adcbaab01d1ed8f188fc30ddd7292859863e

  • SHA256

    e1a006f8758618539d5d414262da6559f5896389786026c851bde4a8e4d8c618

  • SHA512

    a9cec017579b2365fcaef18a41defedf21d9dc67ac64d0dd9fac67269f58214361d3cc591c62797a365c71576644cd9e698ccc90364f94481c0ed46f35de59a7

  • SSDEEP

    196608:gF6agaCPa7sUtW5mawKKGeHUp1IhQru6UDmO1YNuGVZ0Oa9t:gSaCwsUtCQ7i1eWiDmOin4Oa9t

Score
10/10
axbankerbankerinfostealer

Malware Config

Extracted

Family

axbanker

C2

https://dchdn.in/api/user/sms

https://dchdn.in/api/user/step1

Signatures

  • AxBanker

    AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.

    bankerinfostealeraxbanker
  • Requests dangerous framework permissions 4 IoCs

Processes

  • com.offer.rewardshs
    1⤵
      PID:5050

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.offer.rewardshs/files/hook.apk
      Filesize

      3.9MB

      MD5

      a664a5e2b20fb594287fad61bd86331a

      SHA1

      c4b1050dac229ab3b696a8f6a994b7eff770d8f6

      SHA256

      0358417eba8a06e56907d76ad0a8df321c40f406a3c149aba64f0e089bb3d438

      SHA512

      baa228fb916d39e5ba0c8517179f48652f95b010279273b05764214c6d258d6f95214dcefa57df6e0eb67a330dd9aa5a22600e6567c5516fb40d7f497451797c

      Download Submit