com.nekki.vector.SplashActivity
android.intent.action.MAIN
General
-
Target
485fab3ac27b6fd3ca570c7732bf31f1.apk
-
Size
7.0MB
-
MD5
485fab3ac27b6fd3ca570c7732bf31f1
-
SHA1
22d587aa9ddb607d7491af1caaaa52788e53b455
-
SHA256
9dd601fca2436a82a61453216060c0e0b0e4e8fd6c134ddc5d70db70c214f254
-
SHA512
3aa4bcff7cb046b36faae0eb26d9e6f5660dc42557f6b62ee1c89cdbc577bc18baeb6ba0551a8f810253b5943b7eecf7251d5b217061bbf54267f4339f8ea936
-
SSDEEP
196608:sB72QXdCqiiHp8pxGqvTyAGIieF6RoE4LLolMqq:U7xdCqhHp3qvTyOieF6K1L0Mn
Score
10/10
Malware Config
Extracted
Family
axbanker
C2
https://icappstore.co.in/index.php/api/user/step3
https://newax-d7dc6-default-rtdb.firebaseio.com
Signatures
-
Axbanker family
-
Declares services with permission to bind to the system 2 IoCs
-
Requests dangerous framework permissions 7 IoCs
Files
-
485fab3ac27b6fd3ca570c7732bf31f1.apk
com.nekki.vector
com.nekki.vector.SplashActivity
Android Permissions
485fab3ac27b6fd3ca570c7732bf31f1.apk
Permissions
android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
android.permission.WRITE_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.MODIFY_PHONE_STATE
android.permission.MODIFY_PHONE_STATE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE_CONNECTED_DEVICE
android.permission.INTERNET
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WAKE_LOCK
android.permission.WRITE_SECURE_SETTINGS
android.permission.USE_FINGERPRINT
android.permission.BIND_ACCESSIBILITY_SERVICE
com.nekki.vector.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION