soumnibot | 62acd5f13c53554bb416ca655ab20128b4b740f84264d69055446125276e66c7 | Triage

Sharing

General

Target

62acd5f13c53554bb416ca655ab20128b4b740f84264d69055446125276e66c7.bin
Size

2.4MB
Sample

240717-1y9yxs1fqk
MD5

cba8f182e007bb9e629abbbabeb00f84
SHA1

55419e7d2cf279fbfa892bb0853575136d9bda71
SHA256

62acd5f13c53554bb416ca655ab20128b4b740f84264d69055446125276e66c7
SHA512

9f2390819c2d5ae266524e0430ca15d5012fda419c25cab593e8a78053239a3545a4ae3f253730ff0f5c2d57b93e633c2f23b1940d0ca011433ab5a8ea242409
SSDEEP

49152:52J2pd8k24m+tQzoeJcnM3RYtXwfO2h812TIUny/JWu0r0OwS:fpd8kV4c+cMBuXwm2h812TNny/cIO

Score

10^/10

soumnibot android banker evasion infostealer trojan

Malware Config

Targets

- Target
  
  62acd5f13c53554bb416ca655ab20128b4b740f84264d69055446125276e66c7.bin
- Size
  
  2.4MB
- MD5
  
  cba8f182e007bb9e629abbbabeb00f84
- SHA1
  
  55419e7d2cf279fbfa892bb0853575136d9bda71
- SHA256
  
  62acd5f13c53554bb416ca655ab20128b4b740f84264d69055446125276e66c7
- SHA512
  
  9f2390819c2d5ae266524e0430ca15d5012fda419c25cab593e8a78053239a3545a4ae3f253730ff0f5c2d57b93e633c2f23b1940d0ca011433ab5a8ea242409
- SSDEEP
  
  49152:52J2pd8k24m+tQzoeJcnM3RYtXwfO2h812TIUny/JWu0r0OwS:fpd8kV4c+cMBuXwm2h812TNny/cIO
Score

10^/10

soumnibot banker evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerevasioninfostealertrojan