axbanker | d7fbc1e2c1eeaf98bfeb664d115dc82b7415ccbf1805902da7f0ef31cd8cb2d4

Analysis

max time kernel
134s
max time network
145s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
29/11/2024, 09:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bc940641035dd13d692a1926753cf8ca.apk
Size

6.1MB
MD5

bc940641035dd13d692a1926753cf8ca
SHA1

c3a5af64d0fbad4bae256daa3443a52821825bb3
SHA256

d7fbc1e2c1eeaf98bfeb664d115dc82b7415ccbf1805902da7f0ef31cd8cb2d4
SHA512

046433961bec16a098fca6d5af5ba820c43a50187753075e52aba2f1a1a5be5496a3afc53c26599eef7b642f160adf1bef19d6379f819434d734ec71b682d604
SSDEEP

98304:7ju9Cy3aaoVq59w+Gvls8uOz3QS5SdOw+dZABNKaoUP3EsrsKo:7ju9C8aN8nGPgSX/ZABJoUxo

Score

10^/10

axbanker banker discovery infostealer persistence

Malware Config

Signatures

AxBanker
AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
banker infostealer axbanker
Axbanker family
axbanker

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.rewards.iciciapp

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.rewards.iciciapp

com.rewards.iciciapp
1⤵
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4244

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.rewards.iciciapp/cache/volley/-4335737051594840139

Filesize
1023B

MD5
498e68fb53f0acfbd79a4a78a8b9a481

SHA1
df7ee53a2374334dec9e8f6f2398437891e021d7

SHA256
2b7103debaabf0f736d1ef3acb4b1a04f697c2cb690ec1b8e4c4591d5a2b2a55

SHA512
2959547adf3376c8556c76e263fe5b77add9e3a71006cc5e80cbb6325d1baec2db70d3c11f366f124eae3127907c7ee90027d143b0d72e23e4e961fd8e4f5001

Download Submit
/data/data/com.rewards.iciciapp/cache/volley/-4335737051594840140

Filesize
1023B

MD5
e9cd4a74f8b418af12ef283ef6cbdea1

SHA1
ba2b661b744540b9ea2d9353f1cd8cf6f51f5b6e

SHA256
87ceb8b00e8b22495803a212fb7eb065216193ce40254989c6863ba227007df8

SHA512
cc224755ea59c9668b7b28e5284d9a491c5d37ea51475a692dad6eea9d6699687ff83d2bf4bfca2a48d035af29eca3bbde9439fae768ede38a1184b2b8898e1c

Download Submit
/data/data/com.rewards.iciciapp/cache/volley/-525012681658743973

Filesize
1KB

MD5
c37ad771683d01c89c8b8d4010aad315

SHA1
36114d04cbea11b5e7ba1068f63e7d2ab0694994

SHA256
d381e9f0d61e479783bc06fdec32d1d8d20be73dd8c697dae25cbd7e940e6596

SHA512
d466829f5d193ae298c0669e52a87e6a884ab9b26c62d4f1c9a9754062fdd034a4a7051b7ba83698045050326cd79e191b12790a59165ca18535b580dd73cc26

Download Submit