General

  • Target

    4a15439331f615179a822d19997d1ec5df93c6cc0ca5802f33fe699f9a830253.bin

  • Size

    2.6MB

  • Sample

    250403-11214axn14

  • MD5

    25dbfc77ee452f2366ad220718846608

  • SHA1

    0ec12fa86cdea7b6bc8ec36cfffef5bdb843781d

  • SHA256

    4a15439331f615179a822d19997d1ec5df93c6cc0ca5802f33fe699f9a830253

  • SHA512

    5b5dd2060cacb114bd21eb479b8304f326a88c069a229d6ba627d97a27b492ccb562b31cdd7fc1595452b8fe2c03b461d3ed3555d1f78991994b58c57b6a323a

  • SSDEEP

    24576:Lf4m51+WtE0K24sCMi+mouORWSzrOh984wOn++HoW1xjV0KifXLCkhw:LAJWu08sChLwO+WDjV0KobCk2

Malware Config

Targets

    • Target

      4a15439331f615179a822d19997d1ec5df93c6cc0ca5802f33fe699f9a830253.bin

    • Size

      2.6MB

    • MD5

      25dbfc77ee452f2366ad220718846608

    • SHA1

      0ec12fa86cdea7b6bc8ec36cfffef5bdb843781d

    • SHA256

      4a15439331f615179a822d19997d1ec5df93c6cc0ca5802f33fe699f9a830253

    • SHA512

      5b5dd2060cacb114bd21eb479b8304f326a88c069a229d6ba627d97a27b492ccb562b31cdd7fc1595452b8fe2c03b461d3ed3555d1f78991994b58c57b6a323a

    • SSDEEP

      24576:Lf4m51+WtE0K24sCMi+mouORWSzrOh984wOn++HoW1xjV0KifXLCkhw:LAJWu08sChLwO+WDjV0KobCk2

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

    • Soumnibot family

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Mobile v15

Tasks