Overview

overview

10

Static

static

10

11a13eaa93...b3.apk

android-9-x86

7

11a13eaa93...b3.apk

android-10-x64

7

11a13eaa93...b3.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11a13eaa935d225ae0192481e71c1d5c8594cf4a21e65ff2ca48202eb0eadbb3.bin

  • Size

    4.3MB

  • Sample

    240501-1xy52ahb2t

  • MD5

    32bd4b5e8069a08e99436b3aeff93f00

  • SHA1

    64d54aa959938e19754c3a72e70e52f0f856e19e

  • SHA256

    11a13eaa935d225ae0192481e71c1d5c8594cf4a21e65ff2ca48202eb0eadbb3

  • SHA512

    cfa5987b76eed6dcd7106b9d99983623092e72e60d045c99880733efc8693dfec5e9d13212025dfc7d15f44fbfb6c31066f411eb5bedc0823d005a8c653d868f

  • SSDEEP

    98304:Q3jol75GJv/GfncYwEGW8DzA7aslBdKqht1CdR5A29GYd9:QMl9GJHEUE0zk3BdKEtIP5A2hr

Score
10/10
axbankerandroidcollectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Extracted

Family

axbanker

C2

https://icotot-81e9f-default-rtdb.firebaseio.com

Targets

    • Target

      11a13eaa935d225ae0192481e71c1d5c8594cf4a21e65ff2ca48202eb0eadbb3.bin

    • Size

      4.3MB

    • MD5

      32bd4b5e8069a08e99436b3aeff93f00

    • SHA1

      64d54aa959938e19754c3a72e70e52f0f856e19e

    • SHA256

      11a13eaa935d225ae0192481e71c1d5c8594cf4a21e65ff2ca48202eb0eadbb3

    • SHA512

      cfa5987b76eed6dcd7106b9d99983623092e72e60d045c99880733efc8693dfec5e9d13212025dfc7d15f44fbfb6c31066f411eb5bedc0823d005a8c653d868f

    • SSDEEP

      98304:Q3jol75GJv/GfncYwEGW8DzA7aslBdKqht1CdR5A29GYd9:QMl9GJHEUE0zk3BdKEtIP5A2hr

    Score
    7/10
    discoveryevasionpersistencecollectioncredential_accessimpact

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks the presence of a debugger

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks