axbanker | 7803edca36272a0dd0db6c92a15d75a7be22d6d0ef211281520f40336d74c925

Analysis

max time kernel
66s
max time network
75s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
21/02/2025, 07:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

7.0MB
MD5

3576766d992b7c33538a39ae246dcdde
SHA1

7141d8f16a509cdcf0c8ad20e0cce321af094cb3
SHA256

aa359e67e5ad3fd36d9487b30fb08d7a47d66dae31edc7c4f32cdb626bc3228f
SHA512

4bdc5acf901e568c5c64d099bc5c2b4d7d9e770e649b1876305b4420f2a0044c3f4c0669306b7eefbdb131dec9c9d865bb34d6194087d6f62c36b5c849fd6965
SSDEEP

196608:LfL/hEh5MF+rrAMwv2IieF6RoEmLpolMYCF:nivMInAMwvJieF6K3LiM9

Score

10^/10

axbanker banker discovery infostealer

Malware Config

Signatures

AxBanker
AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
banker infostealer axbanker
Axbanker family
axbanker

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.nekki.vectorer

com.nekki.vectorer
1⤵
- Queries information about active data network
PID:4351

com.nekki.vectorer:my_process
1⤵
PID:4406

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.nekki.vectorer/cache/volley/-758317104-590220981

Filesize
22KB

MD5
8f20b54e6b8ddf3211c1724aacf5fcc3

SHA1
f0afbf2bc5430aeb2b79d691f04c5da4bc3702b2

SHA256
abcb74d3699c7f0b2dd7df2dc56ddadbdfe393e5d01d09a3de5187e4f102f077

SHA512
579964ee9903435d70647557807ba8bd5f69c5a79345d1fa3a979b551fd82f9566882b3112cf1a63963f3d9dd459370116189e559346791dced45eb58669140d

Download Submit
/data/data/com.nekki.vectorer/cache/volley/-758317104-590220982

Filesize
22KB

MD5
89c65e8bae37242f6c0803312dad6977

SHA1
e5c208ae6b4378ab494025cb32c014896c17e4c2

SHA256
64bab3f3e4f21f09234df615cd530cd7083eb8195be60252d0764d8fb16ffab8

SHA512
6ee14c54c83f3d9f80904fb21540a4cc02bdee25ed1d33ee91b5971e3ddf7df8c5417a8202c1363a3307be7f331bc9df9cc9bd06bded8e3d29a93c2d249e60b7

Download Submit
/data/data/com.nekki.vectorer/cache/volley/140170683371476312

Filesize
22KB

MD5
81811e7ca35e824280cc00d538b8b74b

SHA1
d74ede67be1d41343a45ca37fd3488b680e65875

SHA256
59f5fc75bcd42c42d10711f70b3542ec8494d31dd3f25bf0ae56ade6530a7ad5

SHA512
687e53d14147ef2669c47857e4d1c1c125230a7b99d001ecea8c9c81cf55cfaecc9f45bf3613d8eb6491de1467d4841c4cd93c8f4a57646b16dc8119199cd5c9

Download Submit
/data/data/com.nekki.vectorer/files/profileInstalled

Filesize
24B

MD5
1bce328ab4b2047d1b360703453f06cf

SHA1
7c9cbc5ed8854ebb4db7a92d0b4bc4c66ab8b652

SHA256
e97c6be02a29db543c7781b61c41a0c53af2f5721066fa394a0b835e3527cf06

SHA512
7d3727928e0fd89d4f435f054efad99521a9e17f9d8c1d2da70539a440f25b06f8254676f3891c88784d74fb5d33094f6e627e242643c08e8a2176b4b58271b1

Download Submit
/data/data/com.nekki.vectorer/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
e4a321ab5e164eb052b351d304c25849

SHA1
102630b57206cc2368b71d781d9937b727d32f84

SHA256
cc4b7019236c558cb2e1399332db41b6381b2f070f09ba9c9370bee1d85f996f

SHA512
9195a2becf8483f5f130fe897ffb23e28080ccd987d6b267d85f07a53be5f1f51b770d0bd0d08ba455bd2293c31c4e6d4ee05a6df959a78cb604bb4cc5527709

Download Submit
/data/data/com.nekki.vectorer/no_backup/androidx.work.workdb

Filesize
4KB

MD5
0eb157e1a86d4d00aa601dd2f6ff3ee3

SHA1
fee434f784e73cc7916322e949f727caf8363102

SHA256
b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

SHA512
b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

Download Submit
/data/data/com.nekki.vectorer/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
975ca30b05f07d871a0a5e723d5c8859

SHA1
733922ffa7cad2b3f926330e4e3eaa4e7dcc62be

SHA256
a0162a182a4e5d4069e5903a1d0540285f3d083d30511ac01e30efefceefdf4a

SHA512
8622c71a75a280456206740997451fee69097724a202a3aa21ce3b3708ca39d2c17d16337d1db4a3874abf42656aac6dfbb828d2f3a799a216ebcf5842d491e6

Download Submit
/data/data/com.nekki.vectorer/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.nekki.vectorer/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
51e9781c10fbf18a3e739f5c704e8db8

SHA1
38c1aea950dd72a900d6f603f1d095a8c4fb4453

SHA256
257bbdc1b5a0febbb938edb73da9bd716237fbd73f9650a2bb149fefc5486ee8

SHA512
609913933f69b8b97bd9b3e8ba7eb3465b74ac2328c3bb99b7708f024bdcd6ceead658e081fe8ec67e3ab93bc1a8c4ff231bc510f7f9e2cd2e2083f0e19ae588

Download Submit
/data/data/com.nekki.vectorer/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
03f53ab85bf5b2159e0cfc7353d78da9

SHA1
f41dc102bc58906c461f925cf487f4d6a7b250e8

SHA256
c9e38c2befb76b2ec1e5d1ffedf7610fa80bff42a2a5ca5eb284ef1080c686a6

SHA512
d0ed500b9e3a1b22bd18655b212e65231230eed4585eb1725f1e8f8fb3145795c1581aad29d2adc6b29a9babe4a8fe8d265a1b304113bd1d0930c7c04e047de9

Download Submit
/data/misc/profiles/cur/0/com.nekki.vectorer/primary.prof

Filesize
2KB

MD5
cc4b65d8877997bd1bcf9ca1ffe1fe79

SHA1
463fc7bb1a45ab8b8900aeb2c5992057772bbd91

SHA256
93d304fb8115cd09df11f1b8cb82398a17cc0d65ca74eff74c5f1d1ce8c335f4

SHA512
52fd661fab008180ed7720ac719277bd333e65590b636298e2f0b58469e5b8f9669a30e32c97d6818d4ec51704f3241f593b07c7fa01c3f01b18086e0420fd33

Download Submit
/data/misc/profiles/cur/0/com.nekki.vectorer/primary.prof

Filesize
7KB

MD5
26a833412e882874e08d43f7a939198d

SHA1
f1452a954f7c409bda4280a0c9fffd40b8fc2ba8

SHA256
e50e473622090c130f85064725f665e5bd8bc7f8e71aa56b3ce6412c3af5734c

SHA512
c60899d8fed9d485a166894d7248a13f0ad14699003158646db7d3e867aed9c1af7f4ba2b9dc326ba697c46285df2351b23fc7b07e50edeb89c67a5f0067791c

Download Submit