General

  • Target

    f636b31d60db339f6f25414d30ad5dff1d61c888583bdea5f345e11680a83562.bin

  • Size

    4.6MB

  • Sample

    250403-1zw4fsxnv9

  • MD5

    0f1d58d82c7697426e131a5ea69f2332

  • SHA1

    e559378be62d6e0ba7d67eec88b0c97b88867576

  • SHA256

    f636b31d60db339f6f25414d30ad5dff1d61c888583bdea5f345e11680a83562

  • SHA512

    7d7ed3d25adf1f85d7bbf18a6deb943c624358cec062e8734e063649a590d7ab4618e69fc129e45dfb545e89c28a1d73048d3e86fa4f23fb712d6589c64504bc

  • SSDEEP

    49152:vAJWu04F3r8PtLxej5aC1dGuK9wZdR5KmUS1wX:YcHmFdVK9wZ/5K3X

Malware Config

Targets

    • Target

      f636b31d60db339f6f25414d30ad5dff1d61c888583bdea5f345e11680a83562.bin

    • Size

      4.6MB

    • MD5

      0f1d58d82c7697426e131a5ea69f2332

    • SHA1

      e559378be62d6e0ba7d67eec88b0c97b88867576

    • SHA256

      f636b31d60db339f6f25414d30ad5dff1d61c888583bdea5f345e11680a83562

    • SHA512

      7d7ed3d25adf1f85d7bbf18a6deb943c624358cec062e8734e063649a590d7ab4618e69fc129e45dfb545e89c28a1d73048d3e86fa4f23fb712d6589c64504bc

    • SSDEEP

      49152:vAJWu04F3r8PtLxej5aC1dGuK9wZdR5KmUS1wX:YcHmFdVK9wZ/5K3X

    • Android SoumniBot payload

    • SoumniBot

      SoumniBot is an Android banking trojan first seen in April 2024.

    • Soumnibot family

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Mobile v15

Tasks