axbanker | ic[.]apk

General

Target

ic.apk
Size

6.1MB
MD5

0a4ff567bc56e56f5ed0881ed72e666b
SHA1

b929a345ae8452d413a73dfee91f8d7450d4d792
SHA256

4588e760ddd211334809fab8845a961f45cbd085918632e9bc3b6ce1a9c69195
SHA512

c75134c64aaaf584cbc48947d79007bbca971079df1bdeacde2a1f765823823f9baf49421fd84ccb3e6c6ad473e689c4a0b418d6fdca5f09dc047ea4e800f095
SSDEEP

98304:Uj3lMNub+XevyeFiAT3XEUM4bxFtjcbZ8k1TNjaoVR3Esrsee:6VDTvyD6HnTbxFS6k1TIoV1e

Score

10^/10

axbanker

Malware Config

Extracted

Family

axbanker

C2

https://icicistoreapo.live/api/user/step2

https://newax-d7dc6-default-rtdb.firebaseio.com

Signatures

Axbanker family
axbanker

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an instant app to create foreground services.	android.permission.INSTANT_APP_FOREGROUND_SERVICE

Files

ic.apk
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.gameram.gameram

com.gameram.gameram.SplashActivity

Activities

com.gameram.gameram.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INSTANT_APP_FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE
android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE

Receivers

com.gameram.gameram.MyReceiver

com.example.autostart.ACTION_IMPLICIT_BROADCAST
com.example.autostart.ACTION_EXPLICIT_BROADCAST
android.provider.Telephony.SMS_RECEIVED

Services

Android Permissions

ic.apk

Permissions

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.READ_SMS

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.INSTANT_APP_FOREGROUND_SERVICE

android.permission.FOREGROUND_SERVICE

android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

Sharing

General

Malware Config

Extracted

Signatures

Files

com.gameram.gameram

com.gameram.gameram.SplashActivity

Activities

com.gameram.gameram.SplashActivity

Permissions

Receivers

com.gameram.gameram.MyReceiver

Services

Android Permissions

ic.apk