axbanker | e0aa0e7933325b4e5d923e1e2f809048bd641307c01d0e8846733f9dc298a5ef | Triage

Sharing

General

Target

5c69e39a507887077cb47262ac5ee506.apk
Size

6.1MB
Sample

250119-qmp49szlhp
MD5

5c69e39a507887077cb47262ac5ee506
SHA1

bc545ed33f630ac714803e100e77f8f075e812de
SHA256

e0aa0e7933325b4e5d923e1e2f809048bd641307c01d0e8846733f9dc298a5ef
SHA512

6d277ad04ff9ff71e42182ccbe671c27b1fa8e08622046c65ee976d3f4183ba468569c0e681dde6ce9c0c44cef4e0db42959e3f8d989db5ba95b95e411db69c8
SSDEEP

98304:y//lm/IpNgLHX03zOLhnDrADpdwT7riFqxbdROGKKQGQJeKudKnjjaoVD3Esrsl:qpng+zOLhDcDnwmExb+K7Q/6Kn6oVu

Score

10^/10

axbanker android banker discovery infostealer

Malware Config

Extracted

Family

axbanker

C2

https://icicxt.in/api/user/step2

https://newax-d7dc6-default-rtdb.firebaseio.com

Targets

- Target
  
  5c69e39a507887077cb47262ac5ee506.apk
- Size
  
  6.1MB
- MD5
  
  5c69e39a507887077cb47262ac5ee506
- SHA1
  
  bc545ed33f630ac714803e100e77f8f075e812de
- SHA256
  
  e0aa0e7933325b4e5d923e1e2f809048bd641307c01d0e8846733f9dc298a5ef
- SHA512
  
  6d277ad04ff9ff71e42182ccbe671c27b1fa8e08622046c65ee976d3f4183ba468569c0e681dde6ce9c0c44cef4e0db42959e3f8d989db5ba95b95e411db69c8
- SSDEEP
  
  98304:y//lm/IpNgLHX03zOLhnDrADpdwT7riFqxbdROGKKQGQJeKudKnjjaoVD3Esrsl:qpng+zOLhDcDnwmExb+K7Q/6Kn6oVu
Score

10^/10

axbanker banker discovery infostealer
- AxBanker
  AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
  banker infostealer axbanker
- Axbanker family
  axbanker
- Queries information about active data network
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

axbankerbankerdiscoveryinfostealer

behavioral2