axbanker | 21c78356d6f0385f18846e62fb1b19d5eea93079344273d386c147e6bba974ae | Triage

Sharing

General

Target

d396e3957d97f614588e8feab010802d.apk
Size

11.1MB
Sample

250223-rbjc1s1mar
MD5

d396e3957d97f614588e8feab010802d
SHA1

44b2ac18cc6a684a2ee04dc608ebd9cfbbe54ff8
SHA256

21c78356d6f0385f18846e62fb1b19d5eea93079344273d386c147e6bba974ae
SHA512

45dff9a9dd9141efa330a342f8a80a2fd7b62ae8d53e97df2400273b365c04d9a4f3b5040b0558c4bb4ba3eed1337bd64c2543793e42da42693751313b261fe4
SSDEEP

196608:l9xdCvDmAcrzSt/M6QZSDjim26Vbl3sEJbv0JzNkop1hg3:RsriSt/gZSDjn3Hxv0JzNp1hS

Score

10^/10

axbanker android banker defense_evasion discovery infostealer persistence

Malware Config

Extracted

Family

axbanker

C2

https://ajaychnapp-default-rtdb.firebaseio.com

https://geticapp.com/api/user/step2

Targets

- Target
  
  d396e3957d97f614588e8feab010802d.apk
- Size
  
  11.1MB
- MD5
  
  d396e3957d97f614588e8feab010802d
- SHA1
  
  44b2ac18cc6a684a2ee04dc608ebd9cfbbe54ff8
- SHA256
  
  21c78356d6f0385f18846e62fb1b19d5eea93079344273d386c147e6bba974ae
- SHA512
  
  45dff9a9dd9141efa330a342f8a80a2fd7b62ae8d53e97df2400273b365c04d9a4f3b5040b0558c4bb4ba3eed1337bd64c2543793e42da42693751313b261fe4
- SSDEEP
  
  196608:l9xdCvDmAcrzSt/M6QZSDjim26Vbl3sEJbv0JzNkop1hg3:RsriSt/gZSDjn3Hxv0JzNp1hS
Score

10^/10

defense_evasion persistence axbanker banker discovery infostealer
- AxBanker
  AxBanker is an Android banking trojan that targets bank customers information distributed through fake bank applications.
  banker infostealer axbanker
- Axbanker family
  axbanker
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  defense_evasion persistence
- Queries information about active data network
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

Privilege Escalation

Defense Evasion

Foreground Persistence

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionpersistence

behavioral2

axbankerbankerdefense_evasiondiscoveryinfostealerpersistence