General

  • Target

    cdb1e4e046c78783b9aea5b9b9a141d0f40cb41793be76ec06351a9d20e5d702.bin

  • Size

    3.5MB

  • Sample

    240912-1zjs5axcpq

  • MD5

    84726f482e92056fa5261c0fac085946

  • SHA1

    5802de8f45415ddbd7be51baad31a4ec81935692

  • SHA256

    cdb1e4e046c78783b9aea5b9b9a141d0f40cb41793be76ec06351a9d20e5d702

  • SHA512

    ac993ebcf1e838677f29afbb0a5cba2a94add745e0dd6977eca16f32881d84abf7c32b28857d34199f869e1ebbc5562b3de1ce539271f31811de3fc221b59135

  • SSDEEP

    98304:dZxgtImjr57+llJTK4AvgTDxIRUYRegfdpB7Ej8Pv:/6tIY+lDKUTD2e2pmAPv

Malware Config

Targets

    • Target

      cdb1e4e046c78783b9aea5b9b9a141d0f40cb41793be76ec06351a9d20e5d702.bin

    • Size

      3.5MB

    • MD5

      84726f482e92056fa5261c0fac085946

    • SHA1

      5802de8f45415ddbd7be51baad31a4ec81935692

    • SHA256

      cdb1e4e046c78783b9aea5b9b9a141d0f40cb41793be76ec06351a9d20e5d702

    • SHA512

      ac993ebcf1e838677f29afbb0a5cba2a94add745e0dd6977eca16f32881d84abf7c32b28857d34199f869e1ebbc5562b3de1ce539271f31811de3fc221b59135

    • SSDEEP

      98304:dZxgtImjr57+llJTK4AvgTDxIRUYRegfdpB7Ej8Pv:/6tIY+lDKUTD2e2pmAPv

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Acquires the wake lock

    • Queries information about active data network

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Mobile v15

Tasks