axbanker | 7d5239a2800c04ba03e0d700fe506b60c89e1312f4bd46275ec4ca687280caf9 | Triage

Sharing

General

Target

2a9cabedd66f5ae92154079d9f5ff792.apk
Size

5.4MB
Sample

240812-tpqqcsshrc
MD5

2a9cabedd66f5ae92154079d9f5ff792
SHA1

9a6ab3347e6c7f783e9fc3423f900ecde89330c4
SHA256

7d5239a2800c04ba03e0d700fe506b60c89e1312f4bd46275ec4ca687280caf9
SHA512

5fb247e7b4ad8d1c538dabe3bd1438550da07107812ec9bdfd95022f8a103c0d9a6313d5e8fdc99ea88659b6dc841881c1c10898b9d13dcda84cfce1694c16ef
SSDEEP

98304:q1DY+AOGVX7EsrjUKUFeedeB3PS51dDXwYhwp51mHLJKmIMD8ZwapJhj:q1E+3gcKUAed4PS51ZwYhwp/uJKmhAwA

Score

10^/10

axbanker android banker infostealer persistence

Malware Config

Extracted

Family

axbanker

C2

https://getlivepoint.co.in/api/message.php/

https://getlivepoint.co.in/api/signup.php/

Targets

- Target
  
  2a9cabedd66f5ae92154079d9f5ff792.apk
- Size
  
  5.4MB
- MD5
  
  2a9cabedd66f5ae92154079d9f5ff792
- SHA1
  
  9a6ab3347e6c7f783e9fc3423f900ecde89330c4
- SHA256
  
  7d5239a2800c04ba03e0d700fe506b60c89e1312f4bd46275ec4ca687280caf9
- SHA512
  
  5fb247e7b4ad8d1c538dabe3bd1438550da07107812ec9bdfd95022f8a103c0d9a6313d5e8fdc99ea88659b6dc841881c1c10898b9d13dcda84cfce1694c16ef
- SSDEEP
  
  98304:q1DY+AOGVX7EsrjUKUFeedeB3PS51dDXwYhwp51mHLJKmIMD8ZwapJhj:q1E+3gcKUAed4PS51ZwYhwp/uJKmhAwA
Score

10^/10

axbanker banker infostealer persistence
- AxBanker
  AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
  banker infostealer axbanker
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

axbankerbankerinfostealerpersistence

behavioral2

behavioral3