com.rewards.mycardnows.SplashActivity
android.intent.action.MAIN
com.google.firebase.auth.internal.GenericIdpActivity
android.intent.action.VIEW
com.google.firebase.auth.internal.RecaptchaActivity
android.intent.action.VIEW
General
-
Target
d396e3957d97f614588e8feab010802d.apk
-
Size
11.1MB
-
MD5
d396e3957d97f614588e8feab010802d
-
SHA1
44b2ac18cc6a684a2ee04dc608ebd9cfbbe54ff8
-
SHA256
21c78356d6f0385f18846e62fb1b19d5eea93079344273d386c147e6bba974ae
-
SHA512
45dff9a9dd9141efa330a342f8a80a2fd7b62ae8d53e97df2400273b365c04d9a4f3b5040b0558c4bb4ba3eed1337bd64c2543793e42da42693751313b261fe4
-
SSDEEP
196608:l9xdCvDmAcrzSt/M6QZSDjim26Vbl3sEJbv0JzNkop1hg3:RsriSt/gZSDjn3Hxv0JzNp1hS
Score
10/10
Malware Config
Extracted
Family
axbanker
C2
https://ajaychnapp-default-rtdb.firebaseio.com
https://geticapp.com/api/user/step2
Signatures
-
Axbanker family
-
Declares services with permission to bind to the system 2 IoCs
-
Requests dangerous framework permissions 8 IoCs
Files
-
d396e3957d97f614588e8feab010802d.apk
com.rewards.mycardnows
com.rewards.mycardnows.SplashActivity
Android Permissions
d396e3957d97f614588e8feab010802d.apk
Permissions
android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
android.permission.WRITE_SETTINGS
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.MODIFY_PHONE_STATE
android.permission.POST_NOTIFICATIONS
android.permission.FOREGROUND_SERVICE_DATA_SYNC
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.FOREGROUND_SERVICE
android.permission.FOREGROUND_SERVICE_CONNECTED_DEVICE
android.permission.INTERNET
android.permission.READ_PRIVILEGED_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.MODIFY_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WAKE_LOCK
android.permission.WRITE_SECURE_SETTINGS
android.permission.USE_FINGERPRINT
android.permission.BIND_ACCESSIBILITY_SERVICE
com.google.android.gms.permission.AD_ID
android.permission.ACCESS_ADSERVICES_ATTRIBUTION
android.permission.ACCESS_ADSERVICES_AD_ID
com.google.android.providers.gsf.permission.READ_GSERVICES
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.rewards.mycardnows.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION