Overview

overview

10

Static

static

10

d5f2e9d300...f0.apk

android-11-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    android-11_x64
  • resource
    android-x64-arm64-20240910-en
  • resource tags

    arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
  • submitted
    27/03/2025, 22:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d5f2e9d300cb449206ff82ac1f50a8ccff9778c87d9b8354c703b966ed2aaef0.apk

  • Size

    2.6MB

  • MD5

    2fd9fefa92b0f0b0d1dcac7beb4374b7

  • SHA1

    bd1756a2a2bf4c13e5800b4de157eacfdf538fc1

  • SHA256

    d5f2e9d300cb449206ff82ac1f50a8ccff9778c87d9b8354c703b966ed2aaef0

  • SHA512

    187ce8ad2fe78202e47dd10e36eb7d42df15ff36e7f0bbadb7915be7f0b4bda10cc0d7cbfb741a1bf33cae22c18c00c20d085b563219c074e5dd082f12375e6a

  • SSDEEP

    24576:d4m51+WtE0Tmv8iZ32NNl4jo29SD/mzONPJrpjhDpvVq5rKKPqXbl9FpGPg69nf7:+JWu0To2NI9SDjPHj3ONCjO

Score
10/10
soumnibotbankerdefense_evasionevasioninfostealertrojan

Malware Config

Signatures

  • Android SoumniBot payload 1 IoCs
  • SoumniBot

    SoumniBot is an Android banking trojan first seen in April 2024.

    trojaninfostealerbankersoumnibot
  • Soumnibot family
    soumnibot
  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs
    defense_evasion

Processes

  • rgvk.ewpfver.welfdv
    1⤵
    • Loads dropped Dex/Jar
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    PID:4690

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/rgvk.ewpfver.welfdv/app_rgvk.ewpfver.welfdv.AAbaseZZ.AABaseApplicationZZ/newobfs/0.pobfs
    Filesize

    1.8MB

    MD5

    7ee51b48af5a90d9a9d4cfdda66a7dd6

    SHA1

    fc0b1eb14d57713c0317d92c5ec04b44411776a1

    SHA256

    3c1d79f373a3084cd39e386072391733fb1d62f8caba95bd2cbc1b3f052e5e8b

    SHA512

    fa5627ab9e269bc05c28948fef87081eb94fc7d67074f7a1c304ac035a2ee5423866b5b96d10d86505c94a36ed867fb8785691a4cd8f9dc93119a1cdd000bd22

    Download Submit