Analysis
-
max time kernel
3s -
max time network
136s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
22-12-2024 22:06
Behavioral task
behavioral1
Sample
b3316495c827454bfd84b00013a336f94a939ef4e0fa589e66e460130347f9aa.apk
Resource
android-x86-arm-20240624-en
General
-
Target
b3316495c827454bfd84b00013a336f94a939ef4e0fa589e66e460130347f9aa.apk
-
Size
2.5MB
-
MD5
75adecc6370d5241370efe12797ff357
-
SHA1
b4715b52fd2c9f56ddd1ebe4cb3103e22515ac53
-
SHA256
b3316495c827454bfd84b00013a336f94a939ef4e0fa589e66e460130347f9aa
-
SHA512
de6309e32771c45fd3da49656a5989374686610921b18197f317328cec3b32e2f40021321945db5e4785b0cdd5170b3c0023dcf186566080de83d171e135fff2
-
SSDEEP
49152:w8opJAdTa27IDJIvQGr4Kd12Hd25zg7dyg2Amjrra:w83dG27SI94Kb297wjrra
Malware Config
Signatures
-
Android SoumniBot payload 1 IoCs
resource yara_rule behavioral1/memory/4262-0.dex family_soumnibot -
SoumniBot
SoumniBot is an Android banking trojan first seen in April 2024.
-
Soumnibot family
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process Anonymous-DexFile@0xd2cae000-0xd2e7fab8 4262 com.yxhuiueaon.xnniiaauin
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
125KB
MD5889b8fb63cef543863398ddc7ed1f62f
SHA1bf1982faae81e36aa1e998ef9ec8ccfcc7b59b17
SHA256a7cc5386e0cc7dc773aa2090f692b84aa758492b3006f806961ce0ba7a126c48
SHA512e6c7b8207007e68aa625b1db04aed7c981ef67f6dbf9f8b38963638cb2230aef771adaf42bb1b56c3338e34fce5c4dd34e5e632209c970d28395a87e1928c628
-
Filesize
1.8MB
MD5e092e1ee3699367530854c86287464e2
SHA154dcaaa192c958da336b0979bcb0c7707fd420cc
SHA256ba9c3afd70f7f4381991f3e889773bbfbbeb5bc0c287ac3bdac6a7b0e88b938e
SHA51253909479e45d9f7e69888726d260add7452bf062124b03192a7bd381a9f2df88f8ae179784d863a5e221b3b6c776b9333a51ea6eccb4f7d81eb9fa47a3cd6afe