General

  • Target

    33f521ddf220c29c239d84cc00463b9b477dacf95332d57f0e0ae1914703b8ea.bin

  • Size

    4.0MB

  • Sample

    240729-11pe1ashmr

  • MD5

    c628e022bddfc897fe7ed5f58107037b

  • SHA1

    39b27956f99b8ca2fc59585cb27ab2f5a025c726

  • SHA256

    33f521ddf220c29c239d84cc00463b9b477dacf95332d57f0e0ae1914703b8ea

  • SHA512

    a31c95cdf4acc091bbcb4cb46afa8e46d7e6188ec0786619358fc2c0156a8c659174acf6d94bc058d36cc764df92c585acf561bb371f23bf9663957283375d6b

  • SSDEEP

    98304:cWZUZj6+zM+kC6LFkEPvuIEDzQQUG5wb2mSzox+94jrrLpn:cWWkMPzUG5QSzox+cpn

Malware Config

Targets

    • Target

      33f521ddf220c29c239d84cc00463b9b477dacf95332d57f0e0ae1914703b8ea.bin

    • Size

      4.0MB

    • MD5

      c628e022bddfc897fe7ed5f58107037b

    • SHA1

      39b27956f99b8ca2fc59585cb27ab2f5a025c726

    • SHA256

      33f521ddf220c29c239d84cc00463b9b477dacf95332d57f0e0ae1914703b8ea

    • SHA512

      a31c95cdf4acc091bbcb4cb46afa8e46d7e6188ec0786619358fc2c0156a8c659174acf6d94bc058d36cc764df92c585acf561bb371f23bf9663957283375d6b

    • SSDEEP

      98304:cWZUZj6+zM+kC6LFkEPvuIEDzQQUG5wb2mSzox+94jrrLpn:cWWkMPzUG5QSzox+cpn

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about active data network

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Matrix

Tasks