axbanker | 3ca99c5ad6972692c48572125143958b57f164d9400b55901c335e4d5d49b416

Analysis

max time kernel
68s
max time network
64s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
13/02/2025, 13:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

7.0MB
MD5

eaf4bf36073ced5c5b7a59c5bd14ea1a
SHA1

6bd84f56189e80a6b89624d6205f93a0c47bfe01
SHA256

792e80d10dbbb86057e03f6cfc4822aac4705a40e66e3ff6f619924e60eb7f79
SHA512

c9bda56996babc0fbf198b11e2a148e9c14b8bb7119a78c44136b21bb3dd51c2965b10e9bad02daee34f8a351ac8a5f800a060ea6d8b00f7227a9a623bcf8f06
SSDEEP

98304:6+EGlPenzB7TaFMjCj9Ooj2nAwUHfTEIi14i6UHRoEALQjaolMhM/KrNgIH:fE3zBqbOo5wSfIIieF6RoEALjolMqy

Score

10^/10

axbanker banker discovery infostealer

Malware Config

Signatures

AxBanker
AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
banker infostealer axbanker
Axbanker family
axbanker

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.nekki.vector

com.nekki.vector
1⤵
- Queries information about active data network
PID:4462

com.nekki.vector:my_process
1⤵
PID:4509

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.nekki.vector/files/profileInstalled

Filesize
24B

MD5
6143026f867501ac1ff6ed5a227e49e3

SHA1
109f3d7fc3d93900153df1d9cb5c7c6bb8f398ac

SHA256
e5314bd12d4bca7a37a0de7f7ecf805b5da2bf6b9d18e6b17eb2f04418b3b23b

SHA512
cc7550df58cac40c995f071a9cf129b4248c34668cbb0d1d146b276d7bdb9ab23e9dcdbf530eeef8325e67bb43fd3fdf0be2254fd633562cb4ac04cefe52a48e

Download Submit
/data/data/com.nekki.vector/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
7f536b156a8b76354324ebaed61da3f1

SHA1
1c2af31133eef524d1e469ecdbc7450105f2571b

SHA256
4feb79c1ccfa8fe84ed1fe1502e0d1498305e80373792ec14e45e785a5119a4f

SHA512
030f01a7c3a91a5b02f39bbef696924aeb07414a87d1d71b1536f1ae418784543d6128c22146035a8fa4dbf66c35d172292087a8dac567a01a686f060bf81d9d

Download Submit
/data/data/com.nekki.vector/no_backup/androidx.work.workdb

Filesize
4KB

MD5
0eb157e1a86d4d00aa601dd2f6ff3ee3

SHA1
fee434f784e73cc7916322e949f727caf8363102

SHA256
b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

SHA512
b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

Download Submit
/data/data/com.nekki.vector/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
c55cc81cf4dbc5af7dbd6b2cc55e76b4

SHA1
9448ff167ee6073a96a338ff0f5c0533f3cd7211

SHA256
aae91eba798304bbd182321972c95cdabacd31c330745bec498a88f0666025bd

SHA512
48b897866df1fd2c1497b7bae534611e7fec45d41701b5e602c6647a7df967e11c63a12480f1270623dc9fbdc6821394b1e7dbe2addfbe89ae4cf51c39b6fb45

Download Submit
/data/data/com.nekki.vector/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.nekki.vector/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
a24197b76ac689d3b012e5ab2ea8a715

SHA1
00034d02800d121f15d7ee260e5960514180719b

SHA256
1a345b2081663ae28d600013b6ce7601ca06cb870292aa7d51cebffe2df30058

SHA512
bb7bca369e35bb1b92f979b95b009036f7c4288221fafc4271da69d2072cbc6280e22727bea875a59aae0b85a6afb531f94522d6a38ec599c0e94aeaaf7feb33

Download Submit
/data/data/com.nekki.vector/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
11e460187238e620312a7329e89e127b

SHA1
5b49b4721f79908f358af20aad2566f65d3b625d

SHA256
ff9fe6f949ba6b8fe579ae6dd53bce4ddcef090a1b363b3c17cb2b6e4a668dce

SHA512
d4dfe3ebba51b96e20c96fd4bdcf91ac914e19662f2dbaebbc31307fc7cfe78e29b4418145c07cb4b61bcbd6ef37c35b5301806e8f33a3c45b72b022428b2183

Download Submit
/data/misc/profiles/cur/0/com.nekki.vector/primary.prof

Filesize
2KB

MD5
46fe1216f7905e917ee81009c121cd07

SHA1
34db5745a9941a367140bc3c662fc3fc30b1bfd0

SHA256
e0674854adc67dce8f21c4e83b01a8fc431ce063ee8e4a06d5ba7fdd9fb921f4

SHA512
19a18b728c88acb01ad39450602f43523f63066b71c6d369073cb803f7b2dea76accb8125870001f40274d12b4fd79969820a81a59f90d701eadf809a92644c4

Download Submit
/data/misc/profiles/cur/0/com.nekki.vector/primary.prof

Filesize
7KB

MD5
19e582ebd2a9bed4b0bc27ddc060dfe9

SHA1
fa2f554bef370b7a997c4c366cbed462be354af7

SHA256
dd87927b008002726f9cacaa29c3c9d460eff63dd2192d3614ed314e41e49837

SHA512
16e30433dc4a4f03304d324f72a21794abfebae085709dedd774a223617bd1db4257e8d255439d786be6328f66c2670e3c0047b195283bfb976efc7f54151f72

Download Submit