General

  • Target

    afd3227c4fb790a2033f99857417061be8eb1c3c1db0cc2910f252ed0959a3cc.apk

  • Size

    27.5MB

  • MD5

    beee1ed2dedb77f45a83dca3ef9e6626

  • SHA1

    6f684f2f6a9baa335f18bf3c2caf150b71e95e32

  • SHA256

    afd3227c4fb790a2033f99857417061be8eb1c3c1db0cc2910f252ed0959a3cc

  • SHA512

    86f03d4f2c6f766ec93d12b0f62b4eaa100e9d708cbf804a22bd71263b1cde747bbc35ae2cec40caf5c396790ce7d9dae4eb5e4c5140db92968c9cea3228111b

  • SSDEEP

    786432:AydtjvnZqH5j9MHlw5JT5Ifjhrk9e/PaIlAE2qSp7D:xvcHO8p5EhOevZ2BZD

Score
10/10

Malware Config

Extracted

Family

axbanker

C2

https://hdfclifeproject-default-rtdb.firebaseio.com

https://lapsclaim.co.in/new/api/user/step1

Signatures

  • Axbanker family
  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 4 IoCs

Files

  • afd3227c4fb790a2033f99857417061be8eb1c3c1db0cc2910f252ed0959a3cc.apk
    .apk android

    com.vishakasettle.droper

    com.vishakasettle.droper.MainActivity


  • aa-bb-cc.apk
    .apk android arch:arm64 arch:arm arch:x86 arch:x64

    com.disprzs.hdfclife

    com.disprzs.hdfclife.SplashActivity


  • origin.apk
    .apk android arch:arm64 arch:arm arch:x86 arch:x64

    com.disprzs.hdfclife

    com.disprzs.hdfclife.SplashActivity


Android Permissions

afd3227c4fb790a2033f99857417061be8eb1c3c1db0cc2910f252ed0959a3cc.apk

Permissions

android.permission.INTERNET

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.MANAGE_EXTERNAL_STORAGE

android.permission.GET_TASKS

android.permission.QUERY_ALL_PACKAGES

com.vishakasettle.droper.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.