soumnibot | 6614421c0602fdb03ecc3a246ca4c92407ed1d3e0a07c211684a8b6d3133610e | Triage

Sharing

General

Target

6614421c0602fdb03ecc3a246ca4c92407ed1d3e0a07c211684a8b6d3133610e.bin
Size

4.4MB
Sample

240621-3ve1gswepb
MD5

9faef2c74b83e6a46573cc7b4b57dce7
SHA1

d6718b8216a996bc4bc1998760291f2014304f2d
SHA256

6614421c0602fdb03ecc3a246ca4c92407ed1d3e0a07c211684a8b6d3133610e
SHA512

bc11d8b29e4adff651cac962c2558a5b9f8ff99712c49e7627180c0918b8de0ad18adea0f21b557344a242a369151ba47c42efce74e0645c6407d54801d9bc0d
SSDEEP

98304:XugHWZVJRaJmV4kKke8O0kWV7X/ZFyniGs3P/BF/AP2Zr99:lWnahNfS7RsiGs3P7/B

Score

10^/10

soumnibot android banker collection credential_access evasion impact infostealer trojan

Malware Config

Targets

- Target
  
  6614421c0602fdb03ecc3a246ca4c92407ed1d3e0a07c211684a8b6d3133610e.bin
- Size
  
  4.4MB
- MD5
  
  9faef2c74b83e6a46573cc7b4b57dce7
- SHA1
  
  d6718b8216a996bc4bc1998760291f2014304f2d
- SHA256
  
  6614421c0602fdb03ecc3a246ca4c92407ed1d3e0a07c211684a8b6d3133610e
- SHA512
  
  bc11d8b29e4adff651cac962c2558a5b9f8ff99712c49e7627180c0918b8de0ad18adea0f21b557344a242a369151ba47c42efce74e0645c6407d54801d9bc0d
- SSDEEP
  
  98304:XugHWZVJRaJmV4kKke8O0kWV7X/ZFyniGs3P/BF/AP2Zr99:lWnahNfS7RsiGs3P7/B
Score

10^/10

soumnibot banker collection credential_access evasion impact infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

behavioral2

soumnibotbankercollectioncredential_accessevasionimpactinfostealertrojan