axbanker | app[.]apk

General

Target

app.apk
Size

10.2MB
MD5

bcf0f6585de08ab37afabbab997bf5aa
SHA1

a53189a2c89987dde8079317735131fe06c92995
SHA256

8d9eb1b246657eed81f192565103bfdfba395bb52d838f95038552e589c99459
SHA512

e0299c4a51da71162b558f19d919feb373701c457bd953e67f98b22166da45351a0fb3ab34002270c4c53543914f37ab59604bad9fddb5609b7400dab709aadd
SSDEEP

196608:dj2gf7U9twnkyBGCigPmAetJoiQTgJJE8SFBNv7oZy:7ggkyGCigBucgU8Gf

Score

10^/10

axbanker

Malware Config

Extracted

Family

axbanker

C2

https://axiscardapp.in/api/user/step2

https://newax-d7dc6-default-rtdb.firebaseio.com

Signatures

Axbanker family
axbanker

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an instant app to create foreground services.	android.permission.INSTANT_APP_FOREGROUND_SERVICE
Allows an application to send SMS messages.	android.permission.SEND_SMS

Files

app.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.lulu.lulubox

com.lulu.lulubox.SplashActivity

Activities

com.lulu.lulubox.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INSTANT_APP_FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE
android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.SEND_SMS

Receivers

com.lulu.lulubox.MyReceiver

com.example.autostart.ACTION_IMPLICIT_BROADCAST
com.example.autostart.ACTION_EXPLICIT_BROADCAST
android.provider.Telephony.SMS_RECEIVED

Services
hook.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.lulu.lulubox

com.lulu.lulubox.SplashActivity

Activities

com.lulu.lulubox.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INSTANT_APP_FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE
android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.SEND_SMS

Receivers

com.lulu.lulubox.MyReceiver

com.example.autostart.ACTION_IMPLICIT_BROADCAST
com.example.autostart.ACTION_EXPLICIT_BROADCAST
android.provider.Telephony.SMS_RECEIVED

Services

Android Permissions

app.apk

Permissions

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.READ_SMS

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.INSTANT_APP_FOREGROUND_SERVICE

android.permission.FOREGROUND_SERVICE

android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.SEND_SMS

Sharing

General

Malware Config

Extracted

Signatures

Files

com.lulu.lulubox

com.lulu.lulubox.SplashActivity

Activities

com.lulu.lulubox.SplashActivity

Permissions

Receivers

com.lulu.lulubox.MyReceiver

Services

com.lulu.lulubox

com.lulu.lulubox.SplashActivity

Activities

com.lulu.lulubox.SplashActivity

Permissions

Receivers

com.lulu.lulubox.MyReceiver

Services

Android Permissions

app.apk