Overview

overview

10

Static

static

6

ec72e22032...a5.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ec72e22032c926718c519fe2651cbd12c44fbb0a4c950ae39db87158b065eaa5.bin

  • Size

    4.3MB

  • Sample

    241017-179drazdqc

  • MD5

    fd1e030e8af69cfe80f76b99eec9ff2b

  • SHA1

    de59b675c8f1b97c9c4124a11321bda898a79951

  • SHA256

    ec72e22032c926718c519fe2651cbd12c44fbb0a4c950ae39db87158b065eaa5

  • SHA512

    d78f04375ee3325e76b980fd6bf9a53815bad0cc8cd888bb816bd0b88dd62fc028d0c8544f43a114c10d343bd4120a7cc161459feecfebf8d21a4c31755ccf96

  • SSDEEP

    98304:L9xxHYx8/DAVQbtbDxXt8V5OHtGjOJUMOJkM4RZoXp1w1//pdcU:JC8/jbtbDxXt8+HtG6iMnM4W1wxcU

Score
10/10
soumnibotandroidbankerdiscoveryevasioninfostealertrojan

Malware Config

Targets

    • Target

      ec72e22032c926718c519fe2651cbd12c44fbb0a4c950ae39db87158b065eaa5.bin

    • Size

      4.3MB

    • MD5

      fd1e030e8af69cfe80f76b99eec9ff2b

    • SHA1

      de59b675c8f1b97c9c4124a11321bda898a79951

    • SHA256

      ec72e22032c926718c519fe2651cbd12c44fbb0a4c950ae39db87158b065eaa5

    • SHA512

      d78f04375ee3325e76b980fd6bf9a53815bad0cc8cd888bb816bd0b88dd62fc028d0c8544f43a114c10d343bd4120a7cc161459feecfebf8d21a4c31755ccf96

    • SSDEEP

      98304:L9xxHYx8/DAVQbtbDxXt8V5OHtGjOJUMOJkM4RZoXp1w1//pdcU:JC8/jbtbDxXt8+HtG6iMnM4W1wxcU

    Score
    10/10
    soumnibotbankerdiscoveryevasioninfostealertrojan

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

      trojaninfostealerbankersoumnibot

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Acquires the wake lock

    • Queries information about active data network

      discovery

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1

MITRE ATT&CK Mobile v15

Tasks