Overview

overview

10

Static

static

6

0b1f689b9f...4b.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0b1f689b9f8e8900f098098f115f52be3ff75f03233aaae6a6b1791e6b45cf4b.bin

  • Size

    4.2MB

  • Sample

    240715-1yrsca1gkj

  • MD5

    f0141e2688066259487f619b1dd4d15a

  • SHA1

    68010d532364ca8b6e094870352dfd7ddd60c60e

  • SHA256

    0b1f689b9f8e8900f098098f115f52be3ff75f03233aaae6a6b1791e6b45cf4b

  • SHA512

    181aa1233c34b9bc495746a86665d50b4803f16a70f0438cd5f34655538a9967d5ed872f60a653c301cf91a9a912f4237f72509c8796f9119980cc5585a80765

  • SSDEEP

    98304:Eb257Or8Gs7HRsJFr15eQ2pD/F28O+ObmINcmoQuPQp9:Qs7WJF5VsBl/rINcmxLv

Score
10/10
soumnibotandroidbankerdiscoveryevasioninfostealerpersistencetrojan

Malware Config

Targets

    • Target

      0b1f689b9f8e8900f098098f115f52be3ff75f03233aaae6a6b1791e6b45cf4b.bin

    • Size

      4.2MB

    • MD5

      f0141e2688066259487f619b1dd4d15a

    • SHA1

      68010d532364ca8b6e094870352dfd7ddd60c60e

    • SHA256

      0b1f689b9f8e8900f098098f115f52be3ff75f03233aaae6a6b1791e6b45cf4b

    • SHA512

      181aa1233c34b9bc495746a86665d50b4803f16a70f0438cd5f34655538a9967d5ed872f60a653c301cf91a9a912f4237f72509c8796f9119980cc5585a80765

    • SSDEEP

      98304:Eb257Or8Gs7HRsJFr15eQ2pD/F28O+ObmINcmoQuPQp9:Qs7WJF5VsBl/rINcmxLv

    Score
    10/10
    soumnibotbankerdiscoveryevasioninfostealerpersistencetrojan

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

      trojaninfostealerbankersoumnibot

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about active data network

      discovery

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1

MITRE ATT&CK Mobile v15

Tasks