General

  • Target

    0390f758fbe151a06d8a1e15920b651fc6fc4013b1ab9e1e483e04401d69f214.bin

  • Size

    4.4MB

  • Sample

    240729-13b8fstakr

  • MD5

    fbe4719ef350788b02a74470e44e1001

  • SHA1

    3d68df753d73bc9ab3e4f15284df182adb7eafd8

  • SHA256

    0390f758fbe151a06d8a1e15920b651fc6fc4013b1ab9e1e483e04401d69f214

  • SHA512

    b864812341d65ca11af32dd7245b6072b804905776dfa80e7ad59bc230f3b500585fea2dbc8310f4656efd20f12b1fdf52298a5a8e845dd759dd12f723d4765d

  • SSDEEP

    98304:K7gHLZuZR0vvQ/be8I0kjV7X/ZFyniGs3P/vF3nP2Zr9YX:tLER0nUy9Z7RsiGs3PF3R

Malware Config

Targets

    • Target

      0390f758fbe151a06d8a1e15920b651fc6fc4013b1ab9e1e483e04401d69f214.bin

    • Size

      4.4MB

    • MD5

      fbe4719ef350788b02a74470e44e1001

    • SHA1

      3d68df753d73bc9ab3e4f15284df182adb7eafd8

    • SHA256

      0390f758fbe151a06d8a1e15920b651fc6fc4013b1ab9e1e483e04401d69f214

    • SHA512

      b864812341d65ca11af32dd7245b6072b804905776dfa80e7ad59bc230f3b500585fea2dbc8310f4656efd20f12b1fdf52298a5a8e845dd759dd12f723d4765d

    • SSDEEP

      98304:K7gHLZuZR0vvQ/be8I0kjV7X/ZFyniGs3P/vF3nP2Zr9YX:tLER0nUy9Z7RsiGs3PF3R

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Matrix

Tasks