axbanker | 823154425d547eb8cdb77ca50cb5094d893e2b52f78080810424e0a58293d5a9 | Triage

Sharing

General

Target

6998bdf133befab11bc8aa987a82f58b.apk
Size

6.1MB
Sample

241217-rk5mlsslfq
MD5

6998bdf133befab11bc8aa987a82f58b
SHA1

8e3c275fa9767182d4f115e3132228d3f21c8a9f
SHA256

823154425d547eb8cdb77ca50cb5094d893e2b52f78080810424e0a58293d5a9
SHA512

bb2d646c12e7966a1f542536efe8e3f96b65b1272c34a51f768f49dd0afac02175ca55a8eb6943f7bb058fc9a3b19ef8d522fb919bfdaa57ce024fe966144b82
SSDEEP

98304:7ju9Cy3aaoVq59w+Gvls8uOz3QS5SdOw+dZABNKaoUP3EsrsKk:7ju9C8aN8nGPgSX/ZABJoUxk

Score

10^/10

axbanker android banker discovery infostealer persistence

Malware Config

Extracted

Family

axbanker

C2

https://iciciapp.co/api/user/step2

https://newax-d7dc6-default-rtdb.firebaseio.com

Targets

- Target
  
  6998bdf133befab11bc8aa987a82f58b.apk
- Size
  
  6.1MB
- MD5
  
  6998bdf133befab11bc8aa987a82f58b
- SHA1
  
  8e3c275fa9767182d4f115e3132228d3f21c8a9f
- SHA256
  
  823154425d547eb8cdb77ca50cb5094d893e2b52f78080810424e0a58293d5a9
- SHA512
  
  bb2d646c12e7966a1f542536efe8e3f96b65b1272c34a51f768f49dd0afac02175ca55a8eb6943f7bb058fc9a3b19ef8d522fb919bfdaa57ce024fe966144b82
- SSDEEP
  
  98304:7ju9Cy3aaoVq59w+Gvls8uOz3QS5SdOw+dZABNKaoUP3EsrsKk:7ju9C8aN8nGPgSX/ZABJoUxk
Score

10^/10

axbanker banker discovery infostealer persistence
- AxBanker
  AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
  banker infostealer axbanker
- Axbanker family
  axbanker
- Queries information about active data network
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

axbankerbankerdiscoveryinfostealerpersistence

behavioral2