axbanker | 7803edca36272a0dd0db6c92a15d75a7be22d6d0ef211281520f40336d74c925

Analysis

max time kernel
49s
max time network
57s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
21/02/2025, 07:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

7.0MB
MD5

3576766d992b7c33538a39ae246dcdde
SHA1

7141d8f16a509cdcf0c8ad20e0cce321af094cb3
SHA256

aa359e67e5ad3fd36d9487b30fb08d7a47d66dae31edc7c4f32cdb626bc3228f
SHA512

4bdc5acf901e568c5c64d099bc5c2b4d7d9e770e649b1876305b4420f2a0044c3f4c0669306b7eefbdb131dec9c9d865bb34d6194087d6f62c36b5c849fd6965
SSDEEP

196608:LfL/hEh5MF+rrAMwv2IieF6RoEmLpolMYCF:nivMInAMwvJieF6K3LiM9

Score

10^/10

axbanker banker discovery infostealer

Malware Config

Signatures

AxBanker
AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
banker infostealer axbanker
Axbanker family
axbanker

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.nekki.vectorer

com.nekki.vectorer
1⤵
- Queries information about active data network
PID:4349

com.nekki.vectorer:my_process
1⤵
PID:4403

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.nekki.vectorer/cache/volley/-758317104-590220982

Filesize
22KB

MD5
78458ae9972dd9ec65bedcb9e41fb913

SHA1
c3f960f5474a2fda05afcfd285e9330d338e7a84

SHA256
5c1cc9f9486c3087f81400651e590cbd6a6a0506bd064346dcda9ab179b83be4

SHA512
4f0037969726c1463fb6f5148cbdce890db243cb1b5fbdbd14247fa96aea38c040f76fdc57f6ef6414c4fde28fddb02b64fa9cc5dc64f1fcf5b1998e06ad50bc

Download Submit
/data/data/com.nekki.vectorer/files/profileInstalled

Filesize
24B

MD5
39d4d03a2db4d685fe1a24c28e6f7ef4

SHA1
29ff38e8cb5eb8c67f51027ecfd66893675eaf50

SHA256
4305e15586881b6347d15300d11f5a1ab402ff0d96e0dabc884b05d992056223

SHA512
938b83ce320ddb7c5729e06250aa08471b0e036ddccb4abe0676d2992a26e6fd6c7bcd2105dff69e05219c446608b012f8dde91e963fb7f7da932386dc79f0bd

Download Submit
/data/data/com.nekki.vectorer/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
9e88a44adea861cf8794ef6514635212

SHA1
2004298937b5854ac686af16a74b1c15d51a44e1

SHA256
d133e83e80157e1a324ef6e7032b7b497c519abd24834cebc628a527da832043

SHA512
dc6df4cff22c23896c5591ea46669bec94d216bd5f0606c0673e09587c36da820856d00eff37a0785ca103b2249a828884a24d27e0a9dc7fbb926a13468b2d26

Download Submit
/data/data/com.nekki.vectorer/no_backup/androidx.work.workdb

Filesize
4KB

MD5
0eb157e1a86d4d00aa601dd2f6ff3ee3

SHA1
fee434f784e73cc7916322e949f727caf8363102

SHA256
b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

SHA512
b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

Download Submit
/data/data/com.nekki.vectorer/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
cde5297babf9f344001d00330394755f

SHA1
9d780c419db7617d3de075f0ea6f26a1fddf26bc

SHA256
e634c0cb992c6712ca173397bf40d6a8cc471725b4971654d54a3d82b7a2d4d4

SHA512
858e78c9af2e2d0ae8754d8016445f9ac0d640a1993bd15d2940122853213bc4af16768ed98aea0a15e63c947d6b60428c5c4e77ebc0ef78bc62fd65cf4bf2ae

Download Submit
/data/data/com.nekki.vectorer/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.nekki.vectorer/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
0dcbd35162ad9e0a113315eb74c3d503

SHA1
9f4e41fd2c5288243dfff81a6b0b06c1d50de6ea

SHA256
bfb9857552cf5c9e4b50893861fbc12babcc46212b0cc0399c71e678671c711e

SHA512
be4820508ce91383a2f0526c2bb0d343220e6df8047afd47a86dd925222f2c260ed6a2a47a6e307f204974002b34b5d7c08f1767d4e74a78cde0dcba9038e6a6

Download Submit
/data/data/com.nekki.vectorer/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
06e65bbc77eb81bc7b034e26a55d4dae

SHA1
91695abca249335eac69e7729d6d9e10ef4d867c

SHA256
fc462a4abdcc300543f5e28e1d1d10162253b586352440c672ac41fd2edd915f

SHA512
0f13e11f219aa47285265b8b7d68e0c9af3c19086300ba118439a88ba87b2c352e051c40fa040efbdef4cab624bdf6ad3e43244a15a9c58977a11bd77973a4d9

Download Submit
/data/misc/profiles/cur/0/com.nekki.vectorer/primary.prof

Filesize
7KB

MD5
0efc6272393dd16ea92a012fae0c906d

SHA1
76ca73b7664c4a8bb891bf9c6d13670a34f0a1e4

SHA256
bca8a1d638fda555ee25aa63fa94fcdab88fe29283bbe3a90059020ccbc03fa6

SHA512
db7420465796d6e033198f43aca848db35c012ceb38bc183d581b7f1818eccb672bb65ae395d136a9d824cc7208f1246d0155b551e18a5cd6691409f09f59fa8

Download Submit
/data/misc/profiles/cur/0/com.nekki.vectorer/primary.prof

Filesize
2KB

MD5
cc4b65d8877997bd1bcf9ca1ffe1fe79

SHA1
463fc7bb1a45ab8b8900aeb2c5992057772bbd91

SHA256
93d304fb8115cd09df11f1b8cb82398a17cc0d65ca74eff74c5f1d1ce8c335f4

SHA512
52fd661fab008180ed7720ac719277bd333e65590b636298e2f0b58469e5b8f9669a30e32c97d6818d4ec51704f3241f593b07c7fa01c3f01b18086e0420fd33

Download Submit