axbanker | 1b21a43d31aea1a47004ef97de8e2bacf9a1a2629c2b47ac5bef80446028d28e

Analysis

max time kernel
126s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
02/02/2025, 11:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bb00255832f54bf47641388c70c7e75a.apk
Size

7.0MB
MD5

bb00255832f54bf47641388c70c7e75a
SHA1

9cf0b0131a0339178a8ef07b2efb9ad9c0670d67
SHA256

1b21a43d31aea1a47004ef97de8e2bacf9a1a2629c2b47ac5bef80446028d28e
SHA512

5e7a80617d27cdc2d1b85432f5d45accab20d6111ef92be99f3ddd2da90129cadb568f2af036ec271a12aa803dac2a0161ff818985edd48aaaaf6cdfb081bc4f
SSDEEP

98304:qAgJmFyqhu3nPLVyk+LgS8/1jERmjy5h7dM9/F4VCXMhHYJ6axaoscbYUM/Kr2aW:6ihu38vsHRER5D5MtKVMooscb7xBW

Score

10^/10

axbanker banker discovery infostealer persistence

Malware Config

Signatures

AxBanker
AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
banker infostealer axbanker
Axbanker family
axbanker

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.rewards.icicistore

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.rewards.icicistore

com.rewards.icicistore
1⤵
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4315

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.rewards.icicistore/files/profileInstalled

Filesize
24B

MD5
fc0c8c1544982ba149f0628a9080921e

SHA1
09bf323abf156c575235122e1ec7dc3a98e9b2b4

SHA256
1d10e2ddbfa8632cb0cd0a0cce632f1f6733e75e04de267dee2df0eedb06b8da

SHA512
b2e10ea43bbd30e57ca4ce394765055efc44d4177a661dfc26cf01f1f55b0e5b55328a292f881826d675e52ae18fd3f55f3598541b307bf447459b0868791149

Download Submit
/data/data/com.rewards.icicistore/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
e1f52059dfe3d0c6b6aa084dedf79d07

SHA1
3f77ffdb909d5f437f24367b49307d8e6f4b56ce

SHA256
8935f9a36d610ae425d11066ef790da5a5f9c2a63370554836ef1852d08776c2

SHA512
c4e0cba9da148c7872f2c494c7d3bfd443a05b2be0aadb1bbb15db4e10434f93a1caff3e36720326d68c74636f060225489d197bc96869de53b80437c2627bfd

Download Submit
/data/misc/profiles/cur/0/com.rewards.icicistore/primary.prof

Filesize
2KB

MD5
b07d327123fe8ee55f9be337d19292a2

SHA1
fe192cc70ffde2fedee9654059a6e885da30ad99

SHA256
f3ec694ac59d96395bde6d876cb90c9436fee373f7c52246bfe8d4fc1532b625

SHA512
4e6665cdb9a5ae7c644c2ea4a8fc37cc3de7db7970e5a1fa26a12fc7448911e91b29d912a2d19641d7597fca03c1e7ba0d1e8ea06ceb32b1b5757f1a60ec4bfd

Download Submit
/data/misc/profiles/cur/0/com.rewards.icicistore/primary.prof

Filesize
7KB

MD5
8c52acfb086ec4d11359872de98fad59

SHA1
d4371b05814e4d4db3a0028f691ad32c949ebf7f

SHA256
41d4c82bbbb3c28f3310821ad2ea5c482bc8f524bd6b1a3118ce9894aa30e651

SHA512
c0d26a63d985fefeb92e0edd074384b968f4a445023597cca8fb076074955cf904c93201e82205b632751add37114b1f62aa57f97f4e44dbc9e2def9cdf1805d

Download Submit
/data/misc/profiles/cur/0/com.rewards.icicistore/primary.prof

Filesize
8KB

MD5
bea2c02da9e95d23ff2fa96cca9c7848

SHA1
50fc6f29362e2190c39f24cd7a5c1314c893170d

SHA256
86341915d58e2192bc880d4f7a82ceabfaf4c84e869f5eeb75af87515efdb581

SHA512
247366c1db20ea57ef615bb45540076d4fc349d33cb509d55a5fd78dfbf3f16e12cc291dc95041a84ae5f8a9014135c6e320b5fa78ae258666b5d81aeb0213b3

Download Submit