Overview

overview

10

Static

static

10

hdfc-life.apk

android-9-x86

1

hdfc-life.apk

android-10-x64

1

hdfc-life.apk

android-11-x64

1

aa-bb-cc.apk

android-9-x86

10

aa-bb-cc.apk

android-10-x64

10

origin.apk

android-9-x86

6

origin.apk

android-11-x64

6

Resubmissions

Sharing

Copy URL
Twitter E-mail

General

  • Target

    hdfc-life.apk

  • Size

    27.5MB

  • MD5

    beee1ed2dedb77f45a83dca3ef9e6626

  • SHA1

    6f684f2f6a9baa335f18bf3c2caf150b71e95e32

  • SHA256

    afd3227c4fb790a2033f99857417061be8eb1c3c1db0cc2910f252ed0959a3cc

  • SHA512

    86f03d4f2c6f766ec93d12b0f62b4eaa100e9d708cbf804a22bd71263b1cde747bbc35ae2cec40caf5c396790ce7d9dae4eb5e4c5140db92968c9cea3228111b

  • SSDEEP

    786432:AydtjvnZqH5j9MHlw5JT5Ifjhrk9e/PaIlAE2qSp7D:xvcHO8p5EhOevZ2BZD

Score
10/10
axbanker

Malware Config

Extracted

Family

axbanker

C2

https://hdfclifeproject-default-rtdb.firebaseio.com

https://lapsclaim.co.in/new/api/user/step1

Signatures

  • Axbanker family
    axbanker
  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 4 IoCs

Files

  • hdfc-life.apk
    .apk android

    com.vishakasettle.droper

    com.vishakasettle.droper.MainActivity


  • aa-bb-cc.apk
    .apk android arch:arm64 arch:arm arch:x86 arch:x64

    com.disprzs.hdfclife

    com.disprzs.hdfclife.SplashActivity


  • origin.apk
    .apk android arch:arm64 arch:arm arch:x86 arch:x64

    com.disprzs.hdfclife

    com.disprzs.hdfclife.SplashActivity


Android Permissions

hdfc-life.apk

Permissions

android.permission.INTERNET

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.MANAGE_EXTERNAL_STORAGE

android.permission.GET_TASKS

android.permission.QUERY_ALL_PACKAGES

com.vishakasettle.droper.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION