Overview

overview

10

Static

static

6

5ce03fb616...46.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5ce03fb6165f1eea6b73d524d7c5698e8e0aaf4e9e01bb898147e9cf0810a446.bin

  • Size

    4.2MB

  • Sample

    240617-ab6pwayfmp

  • MD5

    436233b7c21bdaa0e04642351571ff4e

  • SHA1

    6252134d49c7deca4a6a9cde82910caf5e30a771

  • SHA256

    5ce03fb6165f1eea6b73d524d7c5698e8e0aaf4e9e01bb898147e9cf0810a446

  • SHA512

    635824f5a208ae4243d4f44a0108f9ee9f7874e715e2e3aef7f8b2ad3c53dbfe782a891ceaadaa00c4b61c00466130d4972338d532f6a746905b8317f6df2258

  • SSDEEP

    98304:mSZxv4yIIHTyT9UjrBGDk2O8gVqdoaIHrHJIIfpDBrEEjIShl:Zx4xkTyT9DnOf4in58Il

Score
10/10
soumnibotandroidbankerdiscoveryevasioninfostealerpersistencetrojan

Malware Config

Targets

    • Target

      5ce03fb6165f1eea6b73d524d7c5698e8e0aaf4e9e01bb898147e9cf0810a446.bin

    • Size

      4.2MB

    • MD5

      436233b7c21bdaa0e04642351571ff4e

    • SHA1

      6252134d49c7deca4a6a9cde82910caf5e30a771

    • SHA256

      5ce03fb6165f1eea6b73d524d7c5698e8e0aaf4e9e01bb898147e9cf0810a446

    • SHA512

      635824f5a208ae4243d4f44a0108f9ee9f7874e715e2e3aef7f8b2ad3c53dbfe782a891ceaadaa00c4b61c00466130d4972338d532f6a746905b8317f6df2258

    • SSDEEP

      98304:mSZxv4yIIHTyT9UjrBGDk2O8gVqdoaIHrHJIIfpDBrEEjIShl:Zx4xkTyT9DnOf4in58Il

    Score
    10/10
    soumnibotbankerdiscoveryevasioninfostealerpersistencetrojan

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

      trojaninfostealerbankersoumnibot

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Acquires the wake lock

    • Queries information about active data network

      discovery

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1

MITRE ATT&CK Mobile v15

Tasks