General

  • Target

    6e6393dd8232207c08c34ce63352be9fb21153fcf918b204c745403b6ff33764.bin

  • Size

    2.6MB

  • Sample

    250403-124lbavwh1

  • MD5

    035165aee89c1ec2dbd090ec8d28152a

  • SHA1

    7eec3eedb39e4e41b250b841f81e68510e00bac6

  • SHA256

    6e6393dd8232207c08c34ce63352be9fb21153fcf918b204c745403b6ff33764

  • SHA512

    8fa76d73d84d6dd06bbebeea7d581f0fe4e2413a71ec1f87173a20db95c114a32078a0e30cd210b89daf91a6b03aab958223c600bb0e2436d423cd6222d01fea

  • SSDEEP

    24576:I4m51+WtE0OH8/4YtSjcGjsqr51btTQBWT6UaviDD5vCp6x:vJWu0OgSIGVrf6Wu5viZvCpm

Malware Config

Targets

    • Target

      6e6393dd8232207c08c34ce63352be9fb21153fcf918b204c745403b6ff33764.bin

    • Size

      2.6MB

    • MD5

      035165aee89c1ec2dbd090ec8d28152a

    • SHA1

      7eec3eedb39e4e41b250b841f81e68510e00bac6

    • SHA256

      6e6393dd8232207c08c34ce63352be9fb21153fcf918b204c745403b6ff33764

    • SHA512

      8fa76d73d84d6dd06bbebeea7d581f0fe4e2413a71ec1f87173a20db95c114a32078a0e30cd210b89daf91a6b03aab958223c600bb0e2436d423cd6222d01fea

    • SSDEEP

      24576:I4m51+WtE0OH8/4YtSjcGjsqr51btTQBWT6UaviDD5vCp6x:vJWu0OgSIGVrf6Wu5viZvCpm

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

    • Soumnibot family

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Mobile v15

Tasks