General

  • Target

    c61fc2292d27ee5ba346bf16c4b9972271962b39018d404d3976d4dda2c84360.bin

  • Size

    2.6MB

  • Sample

    250403-11gp6axny3

  • MD5

    6afe6226efb9a1b94e678ad89fc71fac

  • SHA1

    4d4713f81ab85b54e28946957d0e8aa1ac154d68

  • SHA256

    c61fc2292d27ee5ba346bf16c4b9972271962b39018d404d3976d4dda2c84360

  • SHA512

    bbef5b5f337cf93f0dc0c0c70e3fd52de5401c04276ae71b740389f1989f35530620a91c5b509830d4ac0616c1dd987c9e9e56b16123178a80f4f71495372f33

  • SSDEEP

    24576:c4m51+WtE0l7YXH94otRdb8hDlXKYP5FOFZWlsnYgfoC+Fi:rJWu0l7I/YPWWinYpC+c

Malware Config

Targets

    • Target

      c61fc2292d27ee5ba346bf16c4b9972271962b39018d404d3976d4dda2c84360.bin

    • Size

      2.6MB

    • MD5

      6afe6226efb9a1b94e678ad89fc71fac

    • SHA1

      4d4713f81ab85b54e28946957d0e8aa1ac154d68

    • SHA256

      c61fc2292d27ee5ba346bf16c4b9972271962b39018d404d3976d4dda2c84360

    • SHA512

      bbef5b5f337cf93f0dc0c0c70e3fd52de5401c04276ae71b740389f1989f35530620a91c5b509830d4ac0616c1dd987c9e9e56b16123178a80f4f71495372f33

    • SSDEEP

      24576:c4m51+WtE0l7YXH94otRdb8hDlXKYP5FOFZWlsnYgfoC+Fi:rJWu0l7I/YPWWinYpC+c

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

    • Soumnibot family

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Mobile v15

Tasks