Analysis
-
max time kernel
179s -
max time network
136s -
platform
android_x64 -
resource
android-33-x64-arm64-20240624-en -
resource tags
-
submitted
30-07-2024 22:01
General
-
Target
ebe706fe2992c1fe438aa3d8df51b3a392a57803bf530c34fe005366a322b6da.apk
-
Size
4.7MB
-
MD5
930d276beaffbaf14c339415f47c398a
-
SHA1
caea438c04c78e5023ddc6b39729960530e3d25b
-
SHA256
ebe706fe2992c1fe438aa3d8df51b3a392a57803bf530c34fe005366a322b6da
-
SHA512
befe8579c4e9eb088a8d6b4821c1df6f51492ae26cbfc44dfa24176ef997cd5b78c2c5649989b697daab6a2f7cc4b60084e77f994ff1fa5b4a15b0bb05739821
-
SSDEEP
98304:X5gHdZla58f4yquKjjc+Bse8I0k9V7X/ZFyniGs3P/nFwsP2Zr9Z1KQ:0dn5f4od+BJVf7RsiGs3P9wh1KQ
Malware Config
Signatures
-
Android SoumniBot payload 1 IoCs
-
SoumniBot
SoumniBot is an Android banking trojan first seen in April 2024.
-
Loads dropped Dex/Jar 1 TTPs 10 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
cubes.gears.blot1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Requests disabling of battery optimizations (often used to enable hiding in the background).
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
265KB
MD523c1696b63c1e3d44e50c6ebb6196e42
SHA1e204e02cd2354ed225f57d5170114eca827b93f1
SHA256004d3fba49899402d953819de96a3421c49e0df1efd705386d6a8745ebf3504b
SHA512d50783c087a01ebfa6db10149aa01289be8f9999094b06eb4db529280bb409c09138f80775e9a1c5677c3a87edcb6561465ec9f603560fabdbcaacf9fcfc1d4f
-
Filesize
465KB
MD5c37155e7858a2f7d8d5e93659004ef08
SHA1b8ed836a3f8e7dbcd0b3d4d043cc7f1b72267f67
SHA256836a15feb041c9c586321f63728629d291112914c113dd0b84a43dc7b17e72ea
SHA512441302dcb5e8e48c077b0d433211bc13048a4093ff82162f6681457a52952afa839d3ca3227def875480f93f1af2b9c6e58fac74cbeaa3bc3524aa703cafdd51
-
Filesize
491KB
MD5eb8184eafa2f7e0d6414103aa2b0a3e8
SHA1219f70c497a40cc019dba4c49f43870b9233add7
SHA25649af3bdc9c9101b72ddb3d232c89c7c56df49667073a8b8533108f516f08cc32
SHA512da0fad889ff7812bb3ab6a77f038e553f49a26fa422a36ff945b2cc85c7a4be7c7c88a56ed42eb3ccf3f656f61c4372c232709269ed1e6370ef0b43ff6e9723b
-
Filesize
464KB
MD54113a4346f11243c8e44ed0092efcc26
SHA1c1e7cfee3d0cc49202aa10a6b384900076b8e3ff
SHA2561e76852c350c43849ef3f0ae461f7860d82b97fa30b886963b11ee409640a547
SHA512e891841689e76bbd57942c1acdb1b6572af930334091e5472124f4f6a90181a485977819bd203c513c484bfbe41913d7becaf64b1b899930aac101271c54460f
-
Filesize
471KB
MD5e319a84a2f607581d65f108f18da3096
SHA149b42e267c8f2a1b1138159e30ec59f952e69a5c
SHA25656bb3278df1fb6b3ea522b77007c9019775ca71c0b1445bcf81d92a24a8c5a8c
SHA512e504a91dd0638decfa2e167b4367ae81ecefcdc00fc47cd7f721fd7f7ae4669f7da2b1a83f0c3d96e3b49bb5f3b3155402ad50f1f2c10ef91e645e3b1311fc1e
-
Filesize
476KB
MD51c288688d1c71a34e7c52852f9f7f75e
SHA14ccbb269e8e30285164e1ddfafe2f82031a50bb9
SHA256cc6afbe80d413aa51c63879c8e63cb2a27f545f8bcff4c7067682409142be2b7
SHA512ebd98e1bf9ce35e8e8de819211f0f3e0e6bbd6cf9a718b687a6e036af29ed8bdf33b02efa182b6bfc612ff5c57d31396182fba007a4ad600eb058438dffdd9ef
-
Filesize
4KB
MD5620f0b67a91f7f74151bc5be745b7110
SHA11ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d
SHA256ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7
SHA5122d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d
-
Filesize
36KB
MD5aa3fc7cff070af7df8a31ac563705114
SHA176f38820aa101ce572c06ff356a482814e526b8c
SHA2564cff8e0f9c8d5cfc2283e9be39a1286d1f09ae6f6bf683dbcd8126514329f483
SHA5128ca947b03994e4abcd31149cac960c42c6f95015e805696cd057e27a2be7e3c039206388dd4ec62663d9e97fd99be103230752611ca20051e15e1aefdcc1167a