Analysis
-
max time kernel
1s -
max time network
150s -
platform
android-13_x64 -
resource
android-33-x64-arm64-20240910-en -
resource tags
arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system -
submitted
08-11-2024 22:47
Behavioral task
behavioral1
Sample
b5347714c46a9c3b6eb2100847f7c431580920b59262f9bced6439a9f37e8e53.apk
Resource
android-33-x64-arm64-20240910-en
General
-
Target
b5347714c46a9c3b6eb2100847f7c431580920b59262f9bced6439a9f37e8e53.apk
-
Size
2.1MB
-
MD5
bc73b0ff59b059700983d97c09655b67
-
SHA1
c68cacf0a26c1982dd2efd62745c32ff7193c9e7
-
SHA256
b5347714c46a9c3b6eb2100847f7c431580920b59262f9bced6439a9f37e8e53
-
SHA512
a1e1bd39178381456213979b1fc443e1697be8f514ccacd51560df78c9309f088154947c655824136d5991f001510d0d667c1bd41465ebd8a9d326d19ceb5683
-
SSDEEP
24576:z17U/5iAWYxQBgcXCc/aei7YRF9jIO/ZBsYWha4m51+WtE0rTsDMI4gS571eY:x7U/SmkzPC8NsQjsYCJWu0rTPgS5Jp
Malware Config
Signatures
-
Android SoumniBot payload 1 IoCs
resource yara_rule behavioral1/memory/4512-0.dex family_soumnibot -
SoumniBot
SoumniBot is an Android banking trojan first seen in April 2024.
-
Soumnibot family
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/lrb3b.bwonb.y_pyz/[email protected] 4512 lrb3b.bwonb.y_pyz /data/user/0/lrb3b.bwonb.y_pyz/[email protected] 4512 lrb3b.bwonb.y_pyz
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
226KB
MD55107dfedd09395af41fb9eed0a945fa0
SHA1cd00d76fb6ea1395c86a130058102fa164c8cb0a
SHA256b18f5f324b7b8af370156949098be6c48d20ab05475203ec84a980a058563d95
SHA5129d22986ad1ce3e21696584fcdb4214db1e2811bee008fe8fa4b57ca2517604db35522266480e98705446e4aedbb72a95c89ae7046560ceed200893ec185957d3
-
/data/data/lrb3b.bwonb.y_pyz/oat/x86_64/[email protected]
Filesize61KB
MD57fc525a828e2a32822d17d85a0850dd7
SHA14ca28d6e003d159dab26cb7a43d9ea9ddeddb9c9
SHA2566164772b03d3e1029fa76e34cc72b5e3aff4ea588593e92f6a570c7614a9a6e4
SHA5122f1e917935f9f60005585d89a551631398d631a3ee4f86dc7c3a393d94a2a0e65b3f8ac1339092125ea1988d2f226451d962f2683c5749511d2ea439ce48ecb7
-
/data/user/0/lrb3b.bwonb.y_pyz/[email protected]
Filesize2.2MB
MD5ce298c6a222731c0540b5540251f8dd4
SHA10f744658749bd3f0590adcf1aa7981ecc45515f0
SHA2568f9200a59ac4bac2093831316f197538575f238d4f6d311f985c25c0eb521ef4
SHA5128a6bd10ab8b72ce46ed4900c310458e579155e157213c5c91d9610977c6963f39c9466ae609ec707daad825de057f418d667988d712a410d30eb8d6dcc038738