axbanker | 71c8d909f8045ac13feffdcc29f58ed47577e595f89412922e846887fb7976cc | Triage

Sharing

General

Target

3879d752ea8896c2ec215bec35f1ac2c.apk
Size

5.4MB
Sample

240812-tnamrashmb
MD5

3879d752ea8896c2ec215bec35f1ac2c
SHA1

149b357513a94102ebe85ca8e9e33af04bb4219e
SHA256

71c8d909f8045ac13feffdcc29f58ed47577e595f89412922e846887fb7976cc
SHA512

dec13c2d2e60766e3423fd4a8dc925f2d3cbde40f4ce5dbc6e41bdc9dc9cf68e92e316eaf78b8a6cd7a4d10820b3771c2ec25ed619f94a5858ba42d6dfc9fc4b
SSDEEP

98304:b5d41M2zX7EsrjiXS0kdsJA5ckJQ+84ZGEbiw6q4zaxqrjHjSoh5j5PH80RXKM+n:bD41M2zqi0KsJA5m41bbX4EqLphXhKMQ

Score

10^/10

axbanker android banker infostealer persistence

Malware Config

Extracted

Family

axbanker

C2

https://mainserviseawail.co.in/api/message.php/

Targets

- Target
  
  3879d752ea8896c2ec215bec35f1ac2c.apk
- Size
  
  5.4MB
- MD5
  
  3879d752ea8896c2ec215bec35f1ac2c
- SHA1
  
  149b357513a94102ebe85ca8e9e33af04bb4219e
- SHA256
  
  71c8d909f8045ac13feffdcc29f58ed47577e595f89412922e846887fb7976cc
- SHA512
  
  dec13c2d2e60766e3423fd4a8dc925f2d3cbde40f4ce5dbc6e41bdc9dc9cf68e92e316eaf78b8a6cd7a4d10820b3771c2ec25ed619f94a5858ba42d6dfc9fc4b
- SSDEEP
  
  98304:b5d41M2zX7EsrjiXS0kdsJA5ckJQ+84ZGEbiw6q4zaxqrjHjSoh5j5PH80RXKM+n:bD41M2zqi0KsJA5m41bbX4EqLphXhKMQ
Score

10^/10

axbanker banker infostealer persistence
- AxBanker
  AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
  banker infostealer axbanker
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

axbankerbankerinfostealerpersistence

behavioral2

behavioral3