axbanker | 614db3e6c162bf9adfb3452622764b229b53538577b5b1cc1c2e11e993a6568d | Triage

Sharing

General

Target

cba7f0629e45f2110cdd03c5f3c071e6.apk
Size

5.4MB
Sample

240812-trbdfsyfpm
MD5

cba7f0629e45f2110cdd03c5f3c071e6
SHA1

aa4641a85fa5bec7073b649658ab5d963d3f53af
SHA256

614db3e6c162bf9adfb3452622764b229b53538577b5b1cc1c2e11e993a6568d
SHA512

d2b1ce518a46012c0d161bdb0a4fe3fecd8e79e29d476b8622c95bcc6f055e5c93978eb625d300b891ce1774f48c52e6d94c40d23d1806ca98b2e39001e53b91
SSDEEP

98304:zod41M2PX7EsrjiYmxPoPSecXKeg0wLszIt8+JEAXb44/MKyQCpFRPTEbHXjJZo8:z+41M2PqYV94K106UA9JzbjRyRZTQdZZ

Score

10^/10

axbanker android banker infostealer persistence

Malware Config

Extracted

Family

axbanker

C2

https://pointwinoffer.co.in/api/message.php/

Targets

- Target
  
  cba7f0629e45f2110cdd03c5f3c071e6.apk
- Size
  
  5.4MB
- MD5
  
  cba7f0629e45f2110cdd03c5f3c071e6
- SHA1
  
  aa4641a85fa5bec7073b649658ab5d963d3f53af
- SHA256
  
  614db3e6c162bf9adfb3452622764b229b53538577b5b1cc1c2e11e993a6568d
- SHA512
  
  d2b1ce518a46012c0d161bdb0a4fe3fecd8e79e29d476b8622c95bcc6f055e5c93978eb625d300b891ce1774f48c52e6d94c40d23d1806ca98b2e39001e53b91
- SSDEEP
  
  98304:zod41M2PX7EsrjiYmxPoPSecXKeg0wLszIt8+JEAXb44/MKyQCpFRPTEbHXjJZo8:z+41M2PqYV94K106UA9JzbjRyRZTQdZZ
Score

10^/10

axbanker banker infostealer persistence
- AxBanker
  AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
  banker infostealer axbanker
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

axbankerbankerinfostealerpersistence

behavioral2

behavioral3