General
-
Target
2be52ceb5cd51bb7041d131a15c2aeb899cd4b0e7f0835393c4381b8611e0840.bin
-
Size
3.4MB
-
Sample
250115-13phsaykgj
-
MD5
b2816f155b2f3be229e1296be0a372f3
-
SHA1
e1b981e6b71fa17ca632feb6b4b43483c5e96bea
-
SHA256
2be52ceb5cd51bb7041d131a15c2aeb899cd4b0e7f0835393c4381b8611e0840
-
SHA512
81c3a19f1383ef44e6711ed6f67e50332a0a8bc37352e1a5ba4d38a5eaf9684a6f1a21bf47dae81397b2fb88468be6d55e60c1f83eea5d65fcb68102ac30e7b0
-
SSDEEP
98304:oxfFFzxa+JUxO09bWjneBtQEWNP87hTvDT92AdGc9txoA:yFFz0+JUg0dvcP87R9nGzA
Malware Config
Targets
-
-
Target
2be52ceb5cd51bb7041d131a15c2aeb899cd4b0e7f0835393c4381b8611e0840.bin
-
Size
3.4MB
-
MD5
b2816f155b2f3be229e1296be0a372f3
-
SHA1
e1b981e6b71fa17ca632feb6b4b43483c5e96bea
-
SHA256
2be52ceb5cd51bb7041d131a15c2aeb899cd4b0e7f0835393c4381b8611e0840
-
SHA512
81c3a19f1383ef44e6711ed6f67e50332a0a8bc37352e1a5ba4d38a5eaf9684a6f1a21bf47dae81397b2fb88468be6d55e60c1f83eea5d65fcb68102ac30e7b0
-
SSDEEP
98304:oxfFFzxa+JUxO09bWjneBtQEWNP87hTvDT92AdGc9txoA:yFFz0+JUg0dvcP87R9nGzA
Score10/10-
Android SoumniBot payload
-
SoumniBot
SoumniBot is an Android banking trojan first seen in April 2024.
-
Soumnibot family
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Acquires the wake lock
-
Queries information about active data network
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-