Overview

overview

10

Static

static

6

7fb6587355...f0.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7fb658735522dd8350b0e775293215a0551a1fe96b598c11e819e032a79860f0.bin

  • Size

    4.2MB

  • Sample

    240621-am8zdaxerm

  • MD5

    760bacaa2712c06fa967c418123485f5

  • SHA1

    2fef5550c3e5769bdf3a106b45b569334cc75643

  • SHA256

    7fb658735522dd8350b0e775293215a0551a1fe96b598c11e819e032a79860f0

  • SHA512

    008ebce4dde7b5a80c9195902e34de8b183c2ee17113abc8a749a621d206e9a8b9c6c0a9c2a4c92904a856f57ac9ea91212fee365818abbec024e66c396d23f3

  • SSDEEP

    98304:tb2+2Kr6KFYziEfJfffKD15lc90mNH4vTuHlHOSCoZ:ZFYWExfKB5lqLNYvSFHt7Z

Score
10/10
soumnibotandroidbankerdiscoveryevasioninfostealerpersistencetrojan

Malware Config

Targets

    • Target

      7fb658735522dd8350b0e775293215a0551a1fe96b598c11e819e032a79860f0.bin

    • Size

      4.2MB

    • MD5

      760bacaa2712c06fa967c418123485f5

    • SHA1

      2fef5550c3e5769bdf3a106b45b569334cc75643

    • SHA256

      7fb658735522dd8350b0e775293215a0551a1fe96b598c11e819e032a79860f0

    • SHA512

      008ebce4dde7b5a80c9195902e34de8b183c2ee17113abc8a749a621d206e9a8b9c6c0a9c2a4c92904a856f57ac9ea91212fee365818abbec024e66c396d23f3

    • SSDEEP

      98304:tb2+2Kr6KFYziEfJfffKD15lc90mNH4vTuHlHOSCoZ:ZFYWExfKB5lqLNYvSFHt7Z

    Score
    10/10
    soumnibotbankerdiscoveryevasioninfostealerpersistencetrojan

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

      trojaninfostealerbankersoumnibot

    • Checks if the Android device is rooted.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about active data network

      discovery

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1

MITRE ATT&CK Mobile v15

Tasks