axbanker | 1b21a43d31aea1a47004ef97de8e2bacf9a1a2629c2b47ac5bef80446028d28e | Triage

Sharing

General

Target

bb00255832f54bf47641388c70c7e75a.apk
Size

7.0MB
Sample

250202-nxklesslhj
MD5

bb00255832f54bf47641388c70c7e75a
SHA1

9cf0b0131a0339178a8ef07b2efb9ad9c0670d67
SHA256

1b21a43d31aea1a47004ef97de8e2bacf9a1a2629c2b47ac5bef80446028d28e
SHA512

5e7a80617d27cdc2d1b85432f5d45accab20d6111ef92be99f3ddd2da90129cadb568f2af036ec271a12aa803dac2a0161ff818985edd48aaaaf6cdfb081bc4f
SSDEEP

98304:qAgJmFyqhu3nPLVyk+LgS8/1jERmjy5h7dM9/F4VCXMhHYJ6axaoscbYUM/Kr2aW:6ihu38vsHRER5D5MtKVMooscb7xBW

Score

10^/10

axbanker android banker discovery infostealer persistence

Malware Config

Extracted

Family

axbanker

C2

https://icicistore.website/api/user/step2

https://newax-d7dc6-default-rtdb.firebaseio.com

Targets

- Target
  
  bb00255832f54bf47641388c70c7e75a.apk
- Size
  
  7.0MB
- MD5
  
  bb00255832f54bf47641388c70c7e75a
- SHA1
  
  9cf0b0131a0339178a8ef07b2efb9ad9c0670d67
- SHA256
  
  1b21a43d31aea1a47004ef97de8e2bacf9a1a2629c2b47ac5bef80446028d28e
- SHA512
  
  5e7a80617d27cdc2d1b85432f5d45accab20d6111ef92be99f3ddd2da90129cadb568f2af036ec271a12aa803dac2a0161ff818985edd48aaaaf6cdfb081bc4f
- SSDEEP
  
  98304:qAgJmFyqhu3nPLVyk+LgS8/1jERmjy5h7dM9/F4VCXMhHYJ6axaoscbYUM/Kr2aW:6ihu38vsHRER5D5MtKVMooscb7xBW
Score

10^/10

axbanker banker discovery infostealer persistence
- AxBanker
  AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
  banker infostealer axbanker
- Axbanker family
  axbanker
- Queries information about active data network
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

axbankerbankerdiscoveryinfostealerpersistence

behavioral2