axbanker | 7b03b91887dfed7fbbd931f8ccea337926b8d55e675f4d15edfec6f0c7b960aa

Analysis

max time kernel
149s
max time network
160s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
23/02/2025, 13:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

11.1MB
MD5

d396e3957d97f614588e8feab010802d
SHA1

44b2ac18cc6a684a2ee04dc608ebd9cfbbe54ff8
SHA256

21c78356d6f0385f18846e62fb1b19d5eea93079344273d386c147e6bba974ae
SHA512

45dff9a9dd9141efa330a342f8a80a2fd7b62ae8d53e97df2400273b365c04d9a4f3b5040b0558c4bb4ba3eed1337bd64c2543793e42da42693751313b261fe4
SSDEEP

196608:l9xdCvDmAcrzSt/M6QZSDjim26Vbl3sEJbv0JzNkop1hg3:RsriSt/gZSDjn3Hxv0JzNp1hS

Score

10^/10

axbanker banker defense_evasion discovery infostealer persistence

Malware Config

Signatures

AxBanker
AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
banker infostealer axbanker
Axbanker family
axbanker

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

defense_evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.rewards.mycardnows

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.rewards.mycardnows

com.rewards.mycardnows
1⤵
- Makes use of the framework's foreground persistence service
- Queries information about active data network
PID:4486

com.rewards.mycardnows:my_process
1⤵
PID:4575

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a1cbafcbaf374f0234f58a899038f12f

SHA1
9deba0c74a7d9cb0e9dfdc2ae26ae5e20106d6d8

SHA256
222d24efcf0c8d6c3ddf969995718d23b80cef9b7ac2e539d6bc66eb354d5657

SHA512
755924cd999d756d6a4d6b64a0ff5720ed0e98fdee7e1f43b4c4804fca6fc007e18436f58047bf8dba8b12742506e766a3887c312fcb6e58ed6c48a4dc864ea6

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4495254ee856b1f451e258f5073534fc

SHA1
643af504a5351c8f2c96b84ae3a9f794a6ab593a

SHA256
6c60bc896e9efdeb1c4ce76419e199053cc2be4f6f4d4bfa1781da519e504cad

SHA512
606838f95cde9500cc89ec689e616304a0320320d15b316d756712f84146b94be8c5ef49a6cb6be4540911c18efe9bd8ca55163611d385883997277e72078b72

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
01c4e50b6e18b547d32ed9173c4c2caf

SHA1
c4e3bc8e8c7a1aba3270e457c6f455ab8e103bda

SHA256
e005af59fd7087eb2e04682f0c770df05133f5a94cf3c322a8a7df54d67c5a65

SHA512
fa1999dc1e216429cdd82384d686ad60e99efd78ba3f41e1a510cb6acf64a559f559eebbb2a8cf38aa7d5ece1488b72af2775400b45513b0f644d73ca958508c

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6d06176d8fb92c73469e6c0665f7afe7

SHA1
699c7a84a66272b813ef580e3b70371e27d9eccc

SHA256
9f3d2634c5791292b01f694a48fd077f0d27d201d6031f257e0f540a445140ef

SHA512
f340412949a9dcfb471ef37c54cfb9d1d6b2246524f9bcbe86c6fbbcfd0d860b1a756c1da406e82b670d255f60ff98f79c22c4bb85cb3321e0eb54482da1d710

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
57d809824db8c28ee5ceba6ce2ddc34c

SHA1
80a8a0a10807d77529954c5fb7edefc64c4c1516

SHA256
bb76b10c0e8415871fd592f8cb0a2eb6e517f3dbe75092e491f26a5772c82229

SHA512
2728d52f9792196b8058d5838fc9b3a59b13e24c3e848f7dd1887351d299ea3dfb89538f5f206f8c12329538ef5ae700ccf23492219d07159fc0b8ec5e3a5997

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f4a5d21085d31fe21859a579feca2084

SHA1
981c56308beffaad935cb7446ba72ffb8374b120

SHA256
f6bcc72ff25b526df74ab737e38bdf606014b3ad9c4eb02e86e26c5c4f6c9096

SHA512
8d7ce499183c607baa64f9bef0f91b196820c3abc6d191a51c8242d1e360a38e6afc0636195f35472ed7ca0eaa407da9b51bad218d6d443e7e48838af95154e2

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8a1609f5764960265a778c60dc2b107d

SHA1
29c8c6a523eaf16cb96a6432e03bb413ff4f4173

SHA256
01963009cf4a996ec3db58fc2a29a3b92773e9c673301eec4c667a088255efa4

SHA512
09ecb926598ede377ec974d9cc436723081c1eefdffc2a69de0a8a46a9fd347f79685a86d851305fb69f3943bec704dd8e448588daba584b27d9d4851e777c21

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
675adae993b2d3a8c3a82d53b9fd4f85

SHA1
3efed9b23d074a9824894cf9aa695be859685f87

SHA256
b96ccf7783d81653b2c3274282b89088c945e3fb92b5d8e656d8b767a6c6bf12

SHA512
dadfbf596061a37d34bb1cca42dc0ad2ffb4f7423f3e8a043edf45ae20adbd6f33394b45829b668eb9a73428f8fec7eb207900ac94abb0bd4221544ac5e5b91d

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
5d0c8f8df701659b7c1925d9bb2f646a

SHA1
a1e3928d29a680dc7ee4811a1b3ab50c22f0b8db

SHA256
cb35d2fe764fa6b59113d855429fac15e44a67edc1f8913252cf376afe13d049

SHA512
626720df5783e27683396e700d748b5b9935e2411116a2603bab0d632124f525b27b7937b871cf17517115b035e61d58eeb2b22823f972dabd7f16edabd52c06

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
1c370f2a365851769531934e729ed408

SHA1
666a710500e3362eba7d47faaa26a3c652d51239

SHA256
643c58896a41a09484d921e524a2409213661e432545ebd5d316f73a397b811c

SHA512
0cb025f2bb6443b01b4756c17e96d845a45f171f3a2580590eb180a07184d63bd56c7e5e2fa1d7475d5d45ae7ba58d136466d63c791b9640beaef26e238338ac

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
aade5da595ab8b93800c6cae3490178c

SHA1
f8b7a96bbd3a92f2fa83742115ece11ce50c7b55

SHA256
a993388880956547f6c4871012a1ed025ec021c529dca6f3cc0b8426585a2b36

SHA512
6dd9feff32cae7ab2a604204d32e8628d5c131d6c455f2686333c39040c5a05c3cd3deb52dd9b3ea759cd7524ce6fc8eb38cf9914235b3520bdbbf85af38f84e

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
1b6328a1afc70f466df500182dbf381d

SHA1
099ea8373e5ab3a976154ee7c19ebc76317c3300

SHA256
c8f64a226d6fd0eaefedaabb7c325ea5d97c2aea6006ae55d92b3d55eab33ac3

SHA512
5eb5adb7480dd4a0aa4da57162a81a0c04e435375ce8364d149e7f7de6062a3614fe1fefb896734bd3ac809aa8768c36216a7083ba9abbbb9864888af0c7d312

Download Submit
/data/data/com.rewards.mycardnows/files/PersistedInstallation3443602017571732219tmp

Filesize
569B

MD5
56bfa2b1ae85815aaab6b188567d02ef

SHA1
206cb1fe203b318d84c2abb263d4ffb93d7b4f2e

SHA256
959db0134a4de179670bda9e05f8b311480c40d5c093b257bd293ca7ab4183fa

SHA512
3495df029d6e24fbf91cfd0b0a1755bc13a53b5698d8359b75b9ee31027f7c2cc567df9737ad5bc8131bd8dd93aa36412c2106cdec7f6dc46f52ff1a237c8889

Download Submit
/data/data/com.rewards.mycardnows/files/PersistedInstallation3872737008692769755tmp

Filesize
90B

MD5
f3646029f285f38f393a683e868749f1

SHA1
b01c69f87d70eea1bdc36257dd70750e0d94bc13

SHA256
6767bc88fd4e02285ae0f134367e7fd7c26749c63ebd63290f2c0a90351e2b83

SHA512
63c087eb778543286f93d395b445c10b1f41df441ca334f2f6cd9bd245296e7ef021bc7a6bf48b8ea98d20b524145031ac041a7ea17c59e37835581b3d76918b

Download Submit
/data/data/com.rewards.mycardnows/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
e71053545c2c1b7432132314cf312708

SHA1
fb47b0c1bcf985014b14737125fcc60301144b4b

SHA256
aea158ed2a44c03b1e3843df67d2cf41a212398d3890019658a6d88d92d16fb4

SHA512
57cd624239ea1600937b2ad70ab92e38fb103e55d17c46a59b10f61d267a235fdd057693075f9d5a9a2e6b9458fb9651bdc9548a38d8f760254b9abaf4cd4be9

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
212a341e51d7a923fe485d377319253f

SHA1
9195f04bd3e4de00257e57bdd1257c9d035d812b

SHA256
f817588a5069266cb8a198ad584231a5ba4418931729490c03c024d44759fa38

SHA512
ca6e7349e10f11db3c083d1b70516058d39efa6a0f0f0973e2ab38fc0b27b786cc4e7ea68a1c5a6ccce5c3148bb9b79a45c15f81c361a97ebb1956a99e97574e

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
cdbb9ef6a266fd67dc4142d0f1315ad0

SHA1
af64142feaea0861d32a43391b4493ddb228ddbd

SHA256
8bc8df5f889bee112cdff97fa1b76c6f31a5358335bfb8a7efe2bd2d8cb7c90c

SHA512
bfa50b9f1ec16e2277542383b2e4e6208c7641725823a53d007781fc5886d9a5cf51f07473173e72f9efa7422a9d16c672c2eba5598f17ee4f8b7f3009c5b1a6

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
b27fb9025be0fdc7ed4cc45112cbba41

SHA1
7b0a6b5e3d4306b78b45c4c6e6e3887797d19875

SHA256
f6cfd6f90a78f7985325af749be200d6d5978ebd93430bffad1b55589d4d92aa

SHA512
b568d3c4a2c07b921d25da63be7a3c670520dd7f5c90836c393c379297851b0ddf3164bfe8fb73ccdefafbcdc20fb2e63592f816bbfe9b9c080682181030c938

Download Submit
/data/misc/profiles/cur/0/com.rewards.mycardnows/primary.prof

Filesize
2KB

MD5
b52af5f6e884232dfc5b88be454a1cd4

SHA1
54561c213c2988b83db6de487b405f42147adfa6

SHA256
f981d2ec41e6ab1264328221ae16b68ee323067e2b95b1b0055052748041009f

SHA512
8dd9dd498a11ab885e5db5b9d45daede69910ef5c810d904407d253e132225a1ca542497d2d6a66dbf0938096d1c733ac5b73e7761a86efc557ba760e28ea88c

Download Submit
/data/misc/profiles/cur/0/com.rewards.mycardnows/primary.prof

Filesize
10KB

MD5
f06901121b9a9343a9bf87a809c1c6d6

SHA1
10c96ec4abf3b82d55e303eca911a200481d32cd

SHA256
cda2f1370571f55d4ad94675d9ce0d9f51f48903cca73300649a3394b8a40d88

SHA512
30d6ff99a64bc5ec814376bd70645f5feaf0edd6973b90b0f7b8f32b33cac5bfc1d71d35080276cd75bf58dcc2e3f42d1feccbe69a4fd51522143abf50dde393

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads