General

  • Target

    116e89a276ed2ea060146a0b737c90666d4a64a71cc4369bcc427ee5d86c39e8.bin

  • Size

    4.5MB

  • Sample

    250403-123n1sxpv8

  • MD5

    04fd1eea3da308190c90db6605e27f41

  • SHA1

    a2d3244120aab2a12247d3930679ea45db16f80e

  • SHA256

    116e89a276ed2ea060146a0b737c90666d4a64a71cc4369bcc427ee5d86c39e8

  • SHA512

    c8e40b4b3a3c1a02c55de62f167a2c5e3b5197f3daf403158356ad6cb41510348b7e20777f3de110746ffcbe4b15aa2632f4d5f898467a0c05948d6a63a3a8d8

  • SSDEEP

    49152:0JWu0kCiSbSjQC3G3FbERkk8EWo8Q3mXX:0c6S+QZERkktiX

Malware Config

Targets

    • Target

      116e89a276ed2ea060146a0b737c90666d4a64a71cc4369bcc427ee5d86c39e8.bin

    • Size

      4.5MB

    • MD5

      04fd1eea3da308190c90db6605e27f41

    • SHA1

      a2d3244120aab2a12247d3930679ea45db16f80e

    • SHA256

      116e89a276ed2ea060146a0b737c90666d4a64a71cc4369bcc427ee5d86c39e8

    • SHA512

      c8e40b4b3a3c1a02c55de62f167a2c5e3b5197f3daf403158356ad6cb41510348b7e20777f3de110746ffcbe4b15aa2632f4d5f898467a0c05948d6a63a3a8d8

    • SSDEEP

      49152:0JWu0kCiSbSjQC3G3FbERkk8EWo8Q3mXX:0c6S+QZERkktiX

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

    • Soumnibot family

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Mobile v15

Tasks