General
-
Target
ccd448d4cfd4e2ac74933913454e5b1f34432203116a2824a3061ce6966b49d2.bin
-
Size
4.7MB
-
Sample
240530-2adfgscg22
-
MD5
9875b8589878709911163ee12b9d55b3
-
SHA1
2fde4c4024505f98e61c0f8be069c34a56fe58c8
-
SHA256
ccd448d4cfd4e2ac74933913454e5b1f34432203116a2824a3061ce6966b49d2
-
SHA512
b6f5cbc684b8bbabc26f9189ae432183cec1ac091658dcad8ebb6ed39e92d83d0bf8aeb634d588c556783bb8eff12647d6558401e2f37039b50407d0c618167e
-
SSDEEP
98304:X5gHdZla58f4yquKjjc+Bse8I0k9V7X/ZFyniGs3P/nFwsP2Zr9lo:0dn5f4od+BJVf7RsiGs3P9wNo
Malware Config
Targets
-
-
Target
ccd448d4cfd4e2ac74933913454e5b1f34432203116a2824a3061ce6966b49d2.bin
-
Size
4.7MB
-
MD5
9875b8589878709911163ee12b9d55b3
-
SHA1
2fde4c4024505f98e61c0f8be069c34a56fe58c8
-
SHA256
ccd448d4cfd4e2ac74933913454e5b1f34432203116a2824a3061ce6966b49d2
-
SHA512
b6f5cbc684b8bbabc26f9189ae432183cec1ac091658dcad8ebb6ed39e92d83d0bf8aeb634d588c556783bb8eff12647d6558401e2f37039b50407d0c618167e
-
SSDEEP
98304:X5gHdZla58f4yquKjjc+Bse8I0k9V7X/ZFyniGs3P/nFwsP2Zr9lo:0dn5f4od+BJVf7RsiGs3P9wNo
Score10/10-
Android SoumniBot payload
-
SoumniBot
SoumniBot is an Android banking trojan first seen in April 2024.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-