Overview

overview

10

Static

static

10

app.apk

android-10-x64

10

hook.apk

android-10-x64

1

Analysis

  • max time kernel
    2416914s
  • max time network
    267s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    22/12/2023, 05:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    app.apk

  • Size

    10.2MB

  • MD5

    bcf0f6585de08ab37afabbab997bf5aa

  • SHA1

    a53189a2c89987dde8079317735131fe06c92995

  • SHA256

    8d9eb1b246657eed81f192565103bfdfba395bb52d838f95038552e589c99459

  • SHA512

    e0299c4a51da71162b558f19d919feb373701c457bd953e67f98b22166da45351a0fb3ab34002270c4c53543914f37ab59604bad9fddb5609b7400dab709aadd

  • SSDEEP

    196608:dj2gf7U9twnkyBGCigPmAetJoiQTgJJE8SFBNv7oZy:7ggkyGCigBucgU8Gf

Score
10/10
axbankerbankerinfostealer

Malware Config

Extracted

Family

axbanker

C2

https://axiscardapp.in/api/user/step2

https://newax-d7dc6-default-rtdb.firebaseio.com

Signatures

  • AxBanker

    AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.

    bankerinfostealeraxbanker
  • Requests dangerous framework permissions 5 IoCs

Processes

  • com.lulu.lulubox
    1⤵
      PID:4918

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.lulu.lulubox/files/hook.apk
      Filesize

      4.2MB

      MD5

      1ab23f23499e3fc946541cd04f5b5382

      SHA1

      a7052376c646f8a4380083e25c29722eb10897d4

      SHA256

      79d34afd2d4458237f1338aee696456d5550a96ba72ab679ef25f1b8f9561ea0

      SHA512

      d8207dc2e61f805a2265a403b57a639a7d5771ea07d8c504bec8422951ec2fbedf2a87561acd7f6c5ec66e3e97ccee4165817ad14fc1d5703a1f6b6fc7d56553

      Download Submit