axbanker | c2b6bb2e7b6732ba753f3d17ec71adf1f06c9d4cea65e4debc312bf0163d68b6 | Triage

Sharing

General

Target

b6d18262f5e296cf9c5a8595d0d7c619.apk
Size

5.3MB
Sample

240626-stzndszgqg
MD5

b6d18262f5e296cf9c5a8595d0d7c619
SHA1

e09d7657ac3bc28334c1e13e7d85e79fc8cc3b5f
SHA256

c2b6bb2e7b6732ba753f3d17ec71adf1f06c9d4cea65e4debc312bf0163d68b6
SHA512

02b33fea324694b38149abb4881e56b8221dc40d2356a75aa37d1f5515a0196fe681d275d7635e08ee5d6d8fa458e8a286dceaceb878112ed3db4b7fda4728a8
SSDEEP

98304:vX6vH0fpdsCl039pnVVuzpVMAPHS8rf/O+T1LUXk2fWgyn9RR2QzHPVoTwr5xpif:CvH0fpstpnVMVMAPHZhpLwk2fvK24Npi

Score

10^/10

axbanker android collection credential_access discovery impact persistence

Malware Config

Extracted

Family

axbanker

C2

https://sheet-14c1d-default-rtdb.firebaseio.com

Targets

- Target
  
  b6d18262f5e296cf9c5a8595d0d7c619.apk
- Size
  
  5.3MB
- MD5
  
  b6d18262f5e296cf9c5a8595d0d7c619
- SHA1
  
  e09d7657ac3bc28334c1e13e7d85e79fc8cc3b5f
- SHA256
  
  c2b6bb2e7b6732ba753f3d17ec71adf1f06c9d4cea65e4debc312bf0163d68b6
- SHA512
  
  02b33fea324694b38149abb4881e56b8221dc40d2356a75aa37d1f5515a0196fe681d275d7635e08ee5d6d8fa458e8a286dceaceb878112ed3db4b7fda4728a8
- SSDEEP
  
  98304:vX6vH0fpdsCl039pnVVuzpVMAPHS8rf/O+T1LUXk2fWgyn9RR2QzHPVoTwr5xpif:CvH0fpstpnVMVMAPHZhpLwk2fvK24Npi
Score

7^/10

discovery persistence collection credential_access impact
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the mobile country code (MCC)
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoverypersistence

behavioral2

collectioncredential_accessdiscoveryimpactpersistence

behavioral3