Analysis
-
max time kernel
1s -
max time network
150s -
platform
android-13_x64 -
resource
android-33-x64-arm64-20240910-en -
resource tags
arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system -
submitted
16-12-2024 22:07
Behavioral task
behavioral1
Sample
f86d588d3091b2a195c417c6c56e0a49eb06a6d679e208cf8d0fd0476b43e02e.apk
Resource
android-33-x64-arm64-20240910-en
General
-
Target
f86d588d3091b2a195c417c6c56e0a49eb06a6d679e208cf8d0fd0476b43e02e.apk
-
Size
2.1MB
-
MD5
e35a905312362b90b083e559f7eb38bf
-
SHA1
bfed1d2c169c8919e7ead94653828011c52345e4
-
SHA256
f86d588d3091b2a195c417c6c56e0a49eb06a6d679e208cf8d0fd0476b43e02e
-
SHA512
1addb2678fd0d41b36a8e50679ce0c5f2cee77f4a16764c14a05d2114421d10c4941b5aaedd7a6da2436118bf713b8a55a13fbe134f6e37044ce949546043506
-
SSDEEP
49152:kgS0rigGhgciEbYfgXNMk+3rLt4OHvlmxMOJ:Lrig8FikYfKGkwrB9drOJ
Malware Config
Signatures
-
Android SoumniBot payload 1 IoCs
resource yara_rule behavioral1/memory/4463-0.dex family_soumnibot -
SoumniBot
SoumniBot is an Android banking trojan first seen in April 2024.
-
Soumnibot family
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/tv8x6.gdd5v.fjyi0/[email protected] 4463 tv8x6.gdd5v.fjyi0 /data/user/0/tv8x6.gdd5v.fjyi0/[email protected] 4463 tv8x6.gdd5v.fjyi0
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
226KB
MD5dbf6186a7e1151fb8287fd7e34e735c4
SHA170805ef97d21e8eb80965750f4679f4af212dd85
SHA25635de124826257236a8788c1903459b04f698602a128530f6735d33836ac9cccf
SHA512c30ffac26d9ae72619c88d0cb90212ceb3fe6884dc4013b391ae86c78257843c2229559c74e98bc664119731d2d0d41eb90170af52f65fcb154e6295e093e1c0
-
/data/data/tv8x6.gdd5v.fjyi0/oat/x86_64/[email protected]
Filesize61KB
MD50c386d281bdb9fe869c1728016e7e619
SHA1983974afa8f00f3fe505539087ae3c9fb863edcf
SHA2562c7ea60443dbf742db26efb647291de1861ec2f82ff95db7eb45504989bee865
SHA5123c0a4813ed7baa268d887a4e53066cad396ddeea651d8608cf64f584517d0b4d5ad797665d505143298b6b5f92ae27439b32d06ff4df01ec7d059c02c310008c
-
/data/user/0/tv8x6.gdd5v.fjyi0/[email protected]
Filesize2.2MB
MD5281a6c9f1635f984a34b196ad2889518
SHA1e326635dbc79ac3d6ea3ef451d8d1d20b8b53cc8
SHA25642f282141a4bbbb9fe3ac437aa323ea41f0d6dcdb7949826213e680efdfef61f
SHA512daaae11fa52d006c5f22d20f0e3042bd9f73157833cc72893fafba107033e67323666d0b3a35db436f6bd3f2b429c152eb4bc0bc0d5beccbd263264c223b7d1a