General

  • Target

    1c38aab04f9a90b1948648c1a9882ee97d8335d7238e1a379d45023fff8c3a94.bin

  • Size

    2.6MB

  • Sample

    250403-1zdbcavvhs

  • MD5

    bb2396418a8bbc7f0a498b6ab1b51c80

  • SHA1

    5ecdd10e6b127aee65e5b4e2938fa77fe40403bd

  • SHA256

    1c38aab04f9a90b1948648c1a9882ee97d8335d7238e1a379d45023fff8c3a94

  • SHA512

    2bb6e89f31ed24f332b6d5e7723ea2695bf44053a3c4f968b184e221a227bed54788d3aac0f37ee6ecf444cbd0424c2ddf2108db9006aa80bc7d486baee3fa46

  • SSDEEP

    24576:NoAB4m51+WtE0vc2tAsuVwnwANMOl21G8yxmGnPATC2Mk:yAaJWu0YVaadyaC2F

Malware Config

Targets

    • Target

      1c38aab04f9a90b1948648c1a9882ee97d8335d7238e1a379d45023fff8c3a94.bin

    • Size

      2.6MB

    • MD5

      bb2396418a8bbc7f0a498b6ab1b51c80

    • SHA1

      5ecdd10e6b127aee65e5b4e2938fa77fe40403bd

    • SHA256

      1c38aab04f9a90b1948648c1a9882ee97d8335d7238e1a379d45023fff8c3a94

    • SHA512

      2bb6e89f31ed24f332b6d5e7723ea2695bf44053a3c4f968b184e221a227bed54788d3aac0f37ee6ecf444cbd0424c2ddf2108db9006aa80bc7d486baee3fa46

    • SSDEEP

      24576:NoAB4m51+WtE0vc2tAsuVwnwANMOl21G8yxmGnPATC2Mk:yAaJWu0YVaadyaC2F

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

    • Soumnibot family

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Mobile v15

Tasks