General

  • Target

    f7bfb1fb5e20a0febb56ff4a2205416bcaf69a4b9f27064cde0f6e9909372a86.bin

  • Size

    2.6MB

  • Sample

    250403-11m7yavwdy

  • MD5

    8d273d8229ecd9d76cf7bda9e56c2737

  • SHA1

    85b058743092146942a819917aa477f3b383e93e

  • SHA256

    f7bfb1fb5e20a0febb56ff4a2205416bcaf69a4b9f27064cde0f6e9909372a86

  • SHA512

    e97b05b440e81fcaa83c91a881c757aa9bd72f02ba6559e16a79087809d0d4c99c564a88096a7ac71c208eb9ecc5a4206176ae2464385846915986b910a09356

  • SSDEEP

    24576:Z4m51+WtE0GCCe9NR5QNf2caFEd+hpUS3Zkr/1yaumJ8n0n6J4Y5aDH:CJWu0GC3BlC+ky+JmI

Malware Config

Targets

    • Target

      f7bfb1fb5e20a0febb56ff4a2205416bcaf69a4b9f27064cde0f6e9909372a86.bin

    • Size

      2.6MB

    • MD5

      8d273d8229ecd9d76cf7bda9e56c2737

    • SHA1

      85b058743092146942a819917aa477f3b383e93e

    • SHA256

      f7bfb1fb5e20a0febb56ff4a2205416bcaf69a4b9f27064cde0f6e9909372a86

    • SHA512

      e97b05b440e81fcaa83c91a881c757aa9bd72f02ba6559e16a79087809d0d4c99c564a88096a7ac71c208eb9ecc5a4206176ae2464385846915986b910a09356

    • SSDEEP

      24576:Z4m51+WtE0GCCe9NR5QNf2caFEd+hpUS3Zkr/1yaumJ8n0n6J4Y5aDH:CJWu0GC3BlC+ky+JmI

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

    • Soumnibot family

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Mobile v15

Tasks