axbanker | 4588e760ddd211334809fab8845a961f45cbd085918632e9bc3b6ce1a9c69195 | Triage

Sharing

General

Target

ic.apk
Size

6.1MB
Sample

241230-jpmzcstmck
MD5

0a4ff567bc56e56f5ed0881ed72e666b
SHA1

b929a345ae8452d413a73dfee91f8d7450d4d792
SHA256

4588e760ddd211334809fab8845a961f45cbd085918632e9bc3b6ce1a9c69195
SHA512

c75134c64aaaf584cbc48947d79007bbca971079df1bdeacde2a1f765823823f9baf49421fd84ccb3e6c6ad473e689c4a0b418d6fdca5f09dc047ea4e800f095
SSDEEP

98304:Uj3lMNub+XevyeFiAT3XEUM4bxFtjcbZ8k1TNjaoVR3Esrsee:6VDTvyD6HnTbxFS6k1TIoV1e

Score

10^/10

axbanker android banker discovery infostealer persistence

Malware Config

Extracted

Family

axbanker

C2

https://icicistoreapo.live/api/user/step2

https://newax-d7dc6-default-rtdb.firebaseio.com

Targets

- Target
  
  ic.apk
- Size
  
  6.1MB
- MD5
  
  0a4ff567bc56e56f5ed0881ed72e666b
- SHA1
  
  b929a345ae8452d413a73dfee91f8d7450d4d792
- SHA256
  
  4588e760ddd211334809fab8845a961f45cbd085918632e9bc3b6ce1a9c69195
- SHA512
  
  c75134c64aaaf584cbc48947d79007bbca971079df1bdeacde2a1f765823823f9baf49421fd84ccb3e6c6ad473e689c4a0b418d6fdca5f09dc047ea4e800f095
- SSDEEP
  
  98304:Uj3lMNub+XevyeFiAT3XEUM4bxFtjcbZ8k1TNjaoVR3Esrsee:6VDTvyD6HnTbxFS6k1TIoV1e
Score

10^/10

axbanker banker discovery infostealer persistence
- AxBanker
  AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
  banker infostealer axbanker
- Axbanker family
  axbanker
- Queries information about active data network
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

axbankerbankerdiscoveryinfostealerpersistence

behavioral2