Overview

overview

10

Static

static

6

1db6238391...42.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1db62383913af929524cc60e5efc660f2f5a0320ea27d85c96e436e3de33fe42.bin

  • Size

    4.3MB

  • Sample

    241011-14f8sswhmh

  • MD5

    f291a88e1994461726c0cc92c0670193

  • SHA1

    01599aa643b56c9717a026e48aa8bb086d181045

  • SHA256

    1db62383913af929524cc60e5efc660f2f5a0320ea27d85c96e436e3de33fe42

  • SHA512

    e55a3a0123a47cdd7f1de4744ca29512633c3d569042493e02a5b8722c6688c7e3adce2096db3955747e18e7b2dbb897a7f8f7b91c87451aa2118c5d8e6cb7c3

  • SSDEEP

    98304:o9xxQGnx82DAVOCHNO2w7LsDMZabrSHKWRuvtbFqF50Csv51dz:RGx82JCHYzBWSqBbFG52v5z

Score
10/10
soumnibotandroidbankerdiscoveryevasioninfostealertrojan

Malware Config

Targets

    • Target

      1db62383913af929524cc60e5efc660f2f5a0320ea27d85c96e436e3de33fe42.bin

    • Size

      4.3MB

    • MD5

      f291a88e1994461726c0cc92c0670193

    • SHA1

      01599aa643b56c9717a026e48aa8bb086d181045

    • SHA256

      1db62383913af929524cc60e5efc660f2f5a0320ea27d85c96e436e3de33fe42

    • SHA512

      e55a3a0123a47cdd7f1de4744ca29512633c3d569042493e02a5b8722c6688c7e3adce2096db3955747e18e7b2dbb897a7f8f7b91c87451aa2118c5d8e6cb7c3

    • SSDEEP

      98304:o9xxQGnx82DAVOCHNO2w7LsDMZabrSHKWRuvtbFqF50Csv51dz:RGx82JCHYzBWSqBbFG52v5z

    Score
    10/10
    soumnibotbankerdiscoveryevasioninfostealertrojan

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

      trojaninfostealerbankersoumnibot

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Acquires the wake lock

    • Queries information about active data network

      discovery

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1

MITRE ATT&CK Mobile v15

Tasks