axbanker | e014b548d3225a6972ea67218a6ef51d2d36f03050244bb4f2c7201464497857 | Triage

Sharing

General

Target

ee39dd26b83a016f3c3e3b095ff15e88.apk
Size

5.3MB
Sample

240801-n5wzeszaql
MD5

ee39dd26b83a016f3c3e3b095ff15e88
SHA1

a6ec0acddacbc3e339bd0fbaa2d7a92831d95a93
SHA256

e014b548d3225a6972ea67218a6ef51d2d36f03050244bb4f2c7201464497857
SHA512

acd8e82e9d2c4462775a2eef2d3998aebaa1d91c7cc8ccba2e09800e6d9854a8bfa24868cc385577a9591f3a39256de7c3807643b78a3e1f9879c9add4e27a0e
SSDEEP

98304:3X6vH0fpdsCl039pnVVuzpVMAPHS8rf/O+T1LUTk6+Iufpl921ZZR1oTwr5xpiLB:6vH0fpstpnVMVMAPHZhpLMk6LO2dTpg

Score

10^/10

axbanker android discovery persistence

Malware Config

Extracted

Family

axbanker

C2

https://sheet-14c1d-default-rtdb.firebaseio.com

Targets

- Target
  
  ee39dd26b83a016f3c3e3b095ff15e88.apk
- Size
  
  5.3MB
- MD5
  
  ee39dd26b83a016f3c3e3b095ff15e88
- SHA1
  
  a6ec0acddacbc3e339bd0fbaa2d7a92831d95a93
- SHA256
  
  e014b548d3225a6972ea67218a6ef51d2d36f03050244bb4f2c7201464497857
- SHA512
  
  acd8e82e9d2c4462775a2eef2d3998aebaa1d91c7cc8ccba2e09800e6d9854a8bfa24868cc385577a9591f3a39256de7c3807643b78a3e1f9879c9add4e27a0e
- SSDEEP
  
  98304:3X6vH0fpdsCl039pnVVuzpVMAPHS8rf/O+T1LUTk6+Iufpl921ZZR1oTwr5xpiLB:6vH0fpstpnVMVMAPHZhpLMk6LO2dTpg
Score

6^/10

discovery persistence
- Queries the mobile country code (MCC)
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

behavioral3