Overview

overview

10

Static

static

6

a9bc191a2d...e7.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a9bc191a2dc31af00bd2ef15dcc6181f231ea29013b35328554cf7f7ec13bae7.bin

  • Size

    4.3MB

  • Sample

    241012-1y1egstelc

  • MD5

    a60e3e57ca8d639b842b43061cc4a728

  • SHA1

    b6a509469db7b2ca3dc79538dcde562f335d8f98

  • SHA256

    a9bc191a2dc31af00bd2ef15dcc6181f231ea29013b35328554cf7f7ec13bae7

  • SHA512

    e8c04ce7853279851f5ec9044b3a7ca55bb0b981d2cbe289bfc028b3575b10f4c1a53032732ecea5e97689f4b500d7fbb2dc0a825577a19f679e69f39b639f9b

  • SSDEEP

    98304:49xx0t9x86DAVmYxLlFmk9OZqg4N10K03smAPr7aRmbc09IdpM:bp86zYUk9YP4NuKbr7aR4lkpM

Score
10/10
soumnibotandroidbankerdiscoveryevasioninfostealertrojan

Malware Config

Targets

    • Target

      a9bc191a2dc31af00bd2ef15dcc6181f231ea29013b35328554cf7f7ec13bae7.bin

    • Size

      4.3MB

    • MD5

      a60e3e57ca8d639b842b43061cc4a728

    • SHA1

      b6a509469db7b2ca3dc79538dcde562f335d8f98

    • SHA256

      a9bc191a2dc31af00bd2ef15dcc6181f231ea29013b35328554cf7f7ec13bae7

    • SHA512

      e8c04ce7853279851f5ec9044b3a7ca55bb0b981d2cbe289bfc028b3575b10f4c1a53032732ecea5e97689f4b500d7fbb2dc0a825577a19f679e69f39b639f9b

    • SSDEEP

      98304:49xx0t9x86DAVmYxLlFmk9OZqg4N10K03smAPr7aRmbc09IdpM:bp86zYUk9YP4NuKbr7aR4lkpM

    Score
    10/10
    soumnibotbankerdiscoveryevasioninfostealertrojan

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

      trojaninfostealerbankersoumnibot

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Acquires the wake lock

    • Queries information about active data network

      discovery

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1

MITRE ATT&CK Mobile v15

Tasks