axbanker | add6150ac7379b57ac72d97afeb75c7d[.]apk

General

Target

add6150ac7379b57ac72d97afeb75c7d.apk
Size

14.8MB
MD5

add6150ac7379b57ac72d97afeb75c7d
SHA1

885db03db68a51c10ad45e3fbcdeed9251918957
SHA256

0f20b4a9207324ab17c8935cbff4d86e5912e058d1e0caced636427a8696ab45
SHA512

404d141bde662daa0c20d83baa517122b9a987f9a95c02f8f0be8320a3c3ed8c1fe58dd8923cdaa5903b373e267c25bb2e82188718e1040dd491c15c65cb6a17
SSDEEP

393216:GiT2xVikSMGYOpmD98dLKKtborzTN5sPi:VKxU6Op1ZEz7

Score

10^/10

axbanker

Malware Config

Extracted

Family

axbanker

C2

https://newax-d7dc6-default-rtdb.firebaseio.com

Signatures

Axbanker family
axbanker

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an instant app to create foreground services.	android.permission.INSTANT_APP_FOREGROUND_SERVICE

Files

add6150ac7379b57ac72d97afeb75c7d.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.playrix.donow

com.playrix.donow.SplashActivity

Activities

com.playrix.donow.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INSTANT_APP_FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE
android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
com.playrix.donow.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Receivers

com.playrix.donow.MyReceiver

com.example.autostart.ACTION_IMPLICIT_BROADCAST
com.example.autostart.ACTION_EXPLICIT_BROADCAST
android.provider.Telephony.SMS_RECEIVED

androidx.profileinstaller.ProfileInstallReceiver

androidx.profileinstaller.action.INSTALL_PROFILE
androidx.profileinstaller.action.SKIP_FILE
androidx.profileinstaller.action.SAVE_PROFILE
androidx.profileinstaller.action.BENCHMARK_OPERATION

Services

Android Permissions

add6150ac7379b57ac72d97afeb75c7d.apk

Permissions

android.permission.RECEIVE_SMS

android.permission.READ_SMS

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.INSTANT_APP_FOREGROUND_SERVICE

android.permission.FOREGROUND_SERVICE

android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

com.playrix.donow.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Sharing

General

Malware Config

Extracted

Signatures

Files

com.playrix.donow

com.playrix.donow.SplashActivity

Activities

com.playrix.donow.SplashActivity

Permissions

Receivers

com.playrix.donow.MyReceiver

androidx.profileinstaller.ProfileInstallReceiver

Services

Android Permissions

add6150ac7379b57ac72d97afeb75c7d.apk