axbanker | 2d31171c47dcc7679f4587acaca4e39ecb6d02a9f985158c0a18546a5770d85b | Triage

Sharing

General

Target

94d0d1fc6e18a3ac5a8ba45d642fccb9.apk
Size

5.4MB
Sample

240812-ttjslstbmd
MD5

94d0d1fc6e18a3ac5a8ba45d642fccb9
SHA1

8083cab1ba561bd7bddaa4faa191ab7e35e97bb4
SHA256

2d31171c47dcc7679f4587acaca4e39ecb6d02a9f985158c0a18546a5770d85b
SHA512

f232887707bc147c6e466f343b104a2344eee9d06c31ae24c5fb6d086ad024e839562ce99925911a010f145ccd7bde789f6b58d27cadd912f7cd6c3bef487f16
SSDEEP

98304:Nud41M2EX7EsrjiZQEqaNufTPX8rF/g2rbBxE/zl2Ji89jH1gTUqFyohMywHGs4c:No41M2EqZQGUwhnrbBuU79T1AUqQoKyW

Score

10^/10

axbanker android banker infostealer persistence

Malware Config

Extracted

Family

axbanker

C2

https://getliveservise.co.in/api/message.php/

Targets

- Target
  
  94d0d1fc6e18a3ac5a8ba45d642fccb9.apk
- Size
  
  5.4MB
- MD5
  
  94d0d1fc6e18a3ac5a8ba45d642fccb9
- SHA1
  
  8083cab1ba561bd7bddaa4faa191ab7e35e97bb4
- SHA256
  
  2d31171c47dcc7679f4587acaca4e39ecb6d02a9f985158c0a18546a5770d85b
- SHA512
  
  f232887707bc147c6e466f343b104a2344eee9d06c31ae24c5fb6d086ad024e839562ce99925911a010f145ccd7bde789f6b58d27cadd912f7cd6c3bef487f16
- SSDEEP
  
  98304:Nud41M2EX7EsrjiZQEqaNufTPX8rF/g2rbBxE/zl2Ji89jH1gTUqFyohMywHGs4c:No41M2EqZQGUwhnrbBuU79T1AUqQoKyW
Score

10^/10

axbanker banker infostealer persistence
- AxBanker
  AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
  banker infostealer axbanker
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

axbankerbankerinfostealerpersistence

behavioral2

behavioral3