General
-
Target
4071e34ff06960e5ab4c5b8ed926c326e42c93fdabb53873339f9070606c9f01.bin
-
Size
4.3MB
-
Sample
241011-14c65swhmb
-
MD5
68106ad6b4a0c1417d2458027ed674f8
-
SHA1
6e21c3a25ffd0d5d4a40da8d1aab1efd3704b84b
-
SHA256
4071e34ff06960e5ab4c5b8ed926c326e42c93fdabb53873339f9070606c9f01
-
SHA512
2cf012e599b9c766a2cfe2c1bc0bf2335027f8850fb85ba5fb96eefed84f8947effa8a02915267525de48a310c670126621b5d0cb29ce6aedc61d3294847b6aa
-
SSDEEP
98304:lT9xxT5Rx8yDAVVrg7jGYM8UgpVdQnMEWYJcTJfzHbrgwcagUKtk3FuGYDsxdM+:rh8yQrWjGYM3iyMiwJfTHgvYwG5M+
Malware Config
Targets
-
-
Target
4071e34ff06960e5ab4c5b8ed926c326e42c93fdabb53873339f9070606c9f01.bin
-
Size
4.3MB
-
MD5
68106ad6b4a0c1417d2458027ed674f8
-
SHA1
6e21c3a25ffd0d5d4a40da8d1aab1efd3704b84b
-
SHA256
4071e34ff06960e5ab4c5b8ed926c326e42c93fdabb53873339f9070606c9f01
-
SHA512
2cf012e599b9c766a2cfe2c1bc0bf2335027f8850fb85ba5fb96eefed84f8947effa8a02915267525de48a310c670126621b5d0cb29ce6aedc61d3294847b6aa
-
SSDEEP
98304:lT9xxT5Rx8yDAVVrg7jGYM8UgpVdQnMEWYJcTJfzHbrgwcagUKtk3FuGYDsxdM+:rh8yQrWjGYM3iyMiwJfTHgvYwG5M+
Score10/10-
Android SoumniBot payload
-
SoumniBot
SoumniBot is an Android banking trojan first seen in April 2024.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Acquires the wake lock
-
Queries information about active data network
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-