Overview

overview

10

Static

static

6

0f8bea787a...6c.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0f8bea787a83d2723ff2386b732771f836c48ac39272da07f9e283b0e94b9b6c.bin

  • Size

    4.6MB

  • Sample

    240615-3s9r3szelb

  • MD5

    48609f0ad63ae087999b3dfb310821f4

  • SHA1

    ea27f6b6740ee70e44b3cff90a9ed7d56255d9c8

  • SHA256

    0f8bea787a83d2723ff2386b732771f836c48ac39272da07f9e283b0e94b9b6c

  • SHA512

    a659cd1b5ad761b426411e1ba9382e1e5ba3f57ae787c66a71838e0e56dc8004f28298a7595bb250aa76a346fa92822c8b49356b0023b270f9d26e01ab552666

  • SSDEEP

    98304:z94x9Dx8+DAVPCJlggxDz91LaXbtDGH6UPEeR8HCf+eIW0AGEjt:sF8+eCJlBDzjcDVGENHvvCJ

Score
10/10
soumnibotandroidbankerdiscoveryevasioninfostealertrojan

Malware Config

Targets

    • Target

      0f8bea787a83d2723ff2386b732771f836c48ac39272da07f9e283b0e94b9b6c.bin

    • Size

      4.6MB

    • MD5

      48609f0ad63ae087999b3dfb310821f4

    • SHA1

      ea27f6b6740ee70e44b3cff90a9ed7d56255d9c8

    • SHA256

      0f8bea787a83d2723ff2386b732771f836c48ac39272da07f9e283b0e94b9b6c

    • SHA512

      a659cd1b5ad761b426411e1ba9382e1e5ba3f57ae787c66a71838e0e56dc8004f28298a7595bb250aa76a346fa92822c8b49356b0023b270f9d26e01ab552666

    • SSDEEP

      98304:z94x9Dx8+DAVPCJlggxDz91LaXbtDGH6UPEeR8HCf+eIW0AGEjt:sF8+eCJlBDzjcDVGENHvvCJ

    Score
    10/10
    soumnibotbankerdiscoveryevasioninfostealertrojan

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

      trojaninfostealerbankersoumnibot

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Acquires the wake lock

    • Queries information about active data network

      discovery

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1

MITRE ATT&CK Mobile v15

Tasks