axbanker | hook[.]apk

General

Target

hook.apk
Size

6.7MB
MD5

a4eb75e9d17c4bf2564056d70ddc6a88
SHA1

b1de62baa6d5d35ffcc70284a50034569a7f3f5b
SHA256

2fe8593baa8fb8f53a48783d1c2fc77c2187e936789fe63b01a5bd53961da473
SHA512

5c192eec3b12bbfbfe81d440e62bdd2e76ce1327bda078592d4ea38626c6230803153a1e8c8b36b72057c81371c7ab9f23f1c79a0472ed26bf7dc1bae8cc631d
SSDEEP

98304:QitRUKeMtfuSU9twnkHSBGvaipu1Ob7ArmAet70aotmT0rT53Esrsn:3j2gf7U9twnkyBGCigPmAetJoiQT2

Score

10^/10

axbanker

Malware Config

Extracted

Family

axbanker

C2

https://axiscardapp.in/api/user/step2

https://newax-d7dc6-default-rtdb.firebaseio.com

Signatures

Axbanker family
axbanker

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an instant app to create foreground services.	android.permission.INSTANT_APP_FOREGROUND_SERVICE
Allows an application to send SMS messages.	android.permission.SEND_SMS

Files

hook.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.lulu.lulubox

com.lulu.lulubox.SplashActivity

Activities

com.lulu.lulubox.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INSTANT_APP_FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE
android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.SEND_SMS

Receivers

com.lulu.lulubox.MyReceiver

com.example.autostart.ACTION_IMPLICIT_BROADCAST
com.example.autostart.ACTION_EXPLICIT_BROADCAST
android.provider.Telephony.SMS_RECEIVED

Services

Android Permissions

hook.apk

Permissions

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.READ_SMS

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.INSTANT_APP_FOREGROUND_SERVICE

android.permission.FOREGROUND_SERVICE

android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.SEND_SMS

Sharing

General

Malware Config

Extracted

Signatures

Files

com.lulu.lulubox

com.lulu.lulubox.SplashActivity

Activities

com.lulu.lulubox.SplashActivity

Permissions

Receivers

com.lulu.lulubox.MyReceiver

Services

Android Permissions

hook.apk