axbanker | 1eb8a431cce2d2a600f652067fe8d2e4a5df57f340e99cbd4aab38ef138571e2

Resubmissions

28/06/2024, 12:34

240628-pr7z7szcka 10

27/06/2024, 15:01

240627-sdwxkawgla 10

Analysis

max time kernel
102s
max time network
111s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
27/06/2024, 15:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9a35498a63f6fcc8586618770c54a037.apk
Size

4.7MB
MD5

9a35498a63f6fcc8586618770c54a037
SHA1

048bf703e9bde232090ab25915eb38fb2e45a3b9
SHA256

1eb8a431cce2d2a600f652067fe8d2e4a5df57f340e99cbd4aab38ef138571e2
SHA512

6e7426f4970cd9ea7ea5bb986436282e0e05807d71ac29807d6e5599b6ff7e31337b12b185f185305dd31fc2d3a8b1f91af00eba41041bd6f0d7c9e74e0301f2
SSDEEP

98304:hTxB7YOCZc8EHeectu6XO2kuoQNm7qsuqhQIxOCJMXNv2e7i0r+k5Ks9wD:V7QEHeZ+IoQbKjJMdR5Ks98

Score

10^/10

axbanker banker infostealer persistence

Malware Config

Signatures

AxBanker
AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
banker infostealer axbanker

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.mxtjech.videoplayers

com.mxtjech.videoplayers
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4969

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads