Overview

overview

10

Static

static

10

afd3227c4f...cc.apk

android-9-x86

1

afd3227c4f...cc.apk

android-10-x64

1

afd3227c4f...cc.apk

android-11-x64

1

aa-bb-cc.apk

android-9-x86

10

aa-bb-cc.apk

android-13-x64

10

origin.apk

android-9-x86

6

origin.apk

android-13-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21478550451.zip

  • Size

    26.6MB

  • MD5

    d74c9ad8d581ed45d277c25869da5d9b

  • SHA1

    67b50f320970c4877b16bab61b1d39d80c763e08

  • SHA256

    16a1157a52d06932ce0f7af9c8725ed8a549aa2ed28edf04650c076608b6bb29

  • SHA512

    fb7f585187ab76665e1ba80725a4e383d6d9083924bedf42a8105b88cb861737e26473277128e80c9de37558d5a04a76d911c0fffdb5a60824146135ba9cbed9

  • SSDEEP

    786432:MYOKQ5AwStB7XME9oIyFZrNZ5P1M0phfyPG:LOKQGtBSZd2u

Score
10/10
axbanker

Malware Config

Extracted

Family

axbanker

C2

https://hdfclifeproject-default-rtdb.firebaseio.com

https://lapsclaim.co.in/new/api/user/step1

Signatures

  • Axbanker family
    axbanker
  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 4 IoCs

Files

  • 21478550451.zip
    .zip

    Password: infected

  • afd3227c4fb790a2033f99857417061be8eb1c3c1db0cc2910f252ed0959a3cc
    .apk android

    com.vishakasettle.droper

    com.vishakasettle.droper.MainActivity


  • aa-bb-cc.apk
    .apk android arch:arm64 arch:arm arch:x86 arch:x64

    com.disprzs.hdfclife

    com.disprzs.hdfclife.SplashActivity


  • origin.apk
    .apk android arch:arm64 arch:arm arch:x86 arch:x64

    com.disprzs.hdfclife

    com.disprzs.hdfclife.SplashActivity