axbanker | 8d9eb1b246657eed81f192565103bfdfba395bb52d838f95038552e589c99459 | Triage

Sharing

General

Target

app.apk
Size

10.2MB
Sample

231222-gcsyqshgcm
MD5

bcf0f6585de08ab37afabbab997bf5aa
SHA1

a53189a2c89987dde8079317735131fe06c92995
SHA256

8d9eb1b246657eed81f192565103bfdfba395bb52d838f95038552e589c99459
SHA512

e0299c4a51da71162b558f19d919feb373701c457bd953e67f98b22166da45351a0fb3ab34002270c4c53543914f37ab59604bad9fddb5609b7400dab709aadd
SSDEEP

196608:dj2gf7U9twnkyBGCigPmAetJoiQTgJJE8SFBNv7oZy:7ggkyGCigBucgU8Gf

Score

10^/10

axbanker android banker infostealer

Malware Config

Extracted

Family

axbanker

C2

https://axiscardapp.in/api/user/step2

https://newax-d7dc6-default-rtdb.firebaseio.com

Targets

- Target
  
  app.apk
- Size
  
  10.2MB
- MD5
  
  bcf0f6585de08ab37afabbab997bf5aa
- SHA1
  
  a53189a2c89987dde8079317735131fe06c92995
- SHA256
  
  8d9eb1b246657eed81f192565103bfdfba395bb52d838f95038552e589c99459
- SHA512
  
  e0299c4a51da71162b558f19d919feb373701c457bd953e67f98b22166da45351a0fb3ab34002270c4c53543914f37ab59604bad9fddb5609b7400dab709aadd
- SSDEEP
  
  196608:dj2gf7U9twnkyBGCigPmAetJoiQTgJJE8SFBNv7oZy:7ggkyGCigBucgU8Gf
Score

10^/10

axbanker banker infostealer
- AxBanker
  AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
  banker infostealer axbanker
- Requests dangerous framework permissions
behavioral1
- Target
  
  hook.apk
- Size
  
  6.7MB
- MD5
  
  a4eb75e9d17c4bf2564056d70ddc6a88
- SHA1
  
  b1de62baa6d5d35ffcc70284a50034569a7f3f5b
- SHA256
  
  2fe8593baa8fb8f53a48783d1c2fc77c2187e936789fe63b01a5bd53961da473
- SHA512
  
  5c192eec3b12bbfbfe81d440e62bdd2e76ce1327bda078592d4ea38626c6230803153a1e8c8b36b72057c81371c7ab9f23f1c79a0472ed26bf7dc1bae8cc631d
- SSDEEP
  
  98304:QitRUKeMtfuSU9twnkHSBGvaipu1Ob7ArmAet70aotmT0rT53Esrsn:3j2gf7U9twnkyBGCigPmAetJoiQT2
Score

1^/10
behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

axbankerbankerinfostealer

behavioral2