axbanker | 7774c84de0f094b254ec867c0015ea0a906f10239ea213ceff9b6aacb55f689b | Triage

Sharing

General

Target

Unconfirmed 985028.crdownload
Size

7.4MB
Sample

241104-e1fbfatdjg
MD5

6afaae1b22d81c415ae596706e1d92d6
SHA1

f83c7b0acb4db88440f88defae3dd35867839aaa
SHA256

7774c84de0f094b254ec867c0015ea0a906f10239ea213ceff9b6aacb55f689b
SHA512

e70e44eb9a9646aed4e7b1c0b8277b956c9211c9e2cad57633f1697bce1816ec7c20ef67736377e0c26e2eb401e48748a76d97c852eadf3a1986d3f6d51adbfb
SSDEEP

196608:TlYiXXzC/o++i1MtuNsa6KdLv5Go2cblu4:TrOo+Wt2sapdLv5scbw4

Score

10^/10

axbanker android discovery evasion persistence

Malware Config

Extracted

Family

axbanker

C2

https://getmyreward.co.in/api/user/step2

https://newax-d7dc6-default-rtdb.firebaseio.com

Targets

- Target
  
  Unconfirmed 985028.crdownload
- Size
  
  7.4MB
- MD5
  
  6afaae1b22d81c415ae596706e1d92d6
- SHA1
  
  f83c7b0acb4db88440f88defae3dd35867839aaa
- SHA256
  
  7774c84de0f094b254ec867c0015ea0a906f10239ea213ceff9b6aacb55f689b
- SHA512
  
  e70e44eb9a9646aed4e7b1c0b8277b956c9211c9e2cad57633f1697bce1816ec7c20ef67736377e0c26e2eb401e48748a76d97c852eadf3a1986d3f6d51adbfb
- SSDEEP
  
  196608:TlYiXXzC/o++i1MtuNsa6KdLv5Go2cblu4:TrOo+Wt2sapdLv5scbw4
Score

6^/10

discovery evasion persistence
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Queries information about active data network
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Foreground Persistence

Privilege Escalation

Defense Evasion

Foreground Persistence

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

evasionpersistence