Overview

overview

10

Static

static

6

a4b08cbacf...b8.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a4b08cbacf079c8aee6d3cf7855bac5e83368942a52ac2c081234ff685bfefb8.bin

  • Size

    4.3MB

  • Sample

    241012-1yxnlatekf

  • MD5

    2a0dabd9682b2569190f364a02b485f1

  • SHA1

    3b1dd7031f82da48f12537f665a14892583ce466

  • SHA256

    a4b08cbacf079c8aee6d3cf7855bac5e83368942a52ac2c081234ff685bfefb8

  • SHA512

    c89b0aa8f2d457106b20a3df82393a94fa3ef4d694975a5065bbadd8c0e6c070b3f4cbf41d024e72944c5492529e2731464219a5fe6194cc8f0a94a48a9c1cac

  • SSDEEP

    98304:u9xxm5x8sDAVEY/ySUBoO8zA4WF7+Mp+HtA/Ljz4H3nY1inWTgrdx:/T8s/Y/ySU5DF6DIzUeiBBx

Score
10/10
soumnibotandroidbankerdiscoveryevasioninfostealertrojan

Malware Config

Targets

    • Target

      a4b08cbacf079c8aee6d3cf7855bac5e83368942a52ac2c081234ff685bfefb8.bin

    • Size

      4.3MB

    • MD5

      2a0dabd9682b2569190f364a02b485f1

    • SHA1

      3b1dd7031f82da48f12537f665a14892583ce466

    • SHA256

      a4b08cbacf079c8aee6d3cf7855bac5e83368942a52ac2c081234ff685bfefb8

    • SHA512

      c89b0aa8f2d457106b20a3df82393a94fa3ef4d694975a5065bbadd8c0e6c070b3f4cbf41d024e72944c5492529e2731464219a5fe6194cc8f0a94a48a9c1cac

    • SSDEEP

      98304:u9xxm5x8sDAVEY/ySUBoO8zA4WF7+Mp+HtA/Ljz4H3nY1inWTgrdx:/T8s/Y/ySU5DF6DIzUeiBBx

    Score
    10/10
    soumnibotbankerdiscoveryevasioninfostealertrojan

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

      trojaninfostealerbankersoumnibot

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Acquires the wake lock

    • Queries information about active data network

      discovery

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1

MITRE ATT&CK Mobile v15

Tasks