soumnibot | 5cc99ff25c71eb8110a1666607516ed22d4d60ee5f8132b686106cf13b89742b | Triage

Sharing

General

Target

5cc99ff25c71eb8110a1666607516ed22d4d60ee5f8132b686106cf13b89742b.bin
Size

3.7MB
Sample

240729-1z443ashll
MD5

cffbbb44cd99b1e17b68c356893e65e7
SHA1

72e4f468e7fdbe9cc092167abc2c26aaa558da2e
SHA256

5cc99ff25c71eb8110a1666607516ed22d4d60ee5f8132b686106cf13b89742b
SHA512

c1e336002dbcdac4ed7bbbc8ec81401da91f841df335614c714cba5bc9c15592be0be347d5985ce7c8a56449332b58d68069cfd8912ac11d04714fbaa17d7d53
SSDEEP

98304:qNn8ILrA5ersLxc4DYjxsFwjig1cwB8TdTmer0P:qhcermm4Dfijizw6TdiTP

Score

10^/10

soumnibot android banker evasion infostealer trojan

Malware Config

Targets

- Target
  
  5cc99ff25c71eb8110a1666607516ed22d4d60ee5f8132b686106cf13b89742b.bin
- Size
  
  3.7MB
- MD5
  
  cffbbb44cd99b1e17b68c356893e65e7
- SHA1
  
  72e4f468e7fdbe9cc092167abc2c26aaa558da2e
- SHA256
  
  5cc99ff25c71eb8110a1666607516ed22d4d60ee5f8132b686106cf13b89742b
- SHA512
  
  c1e336002dbcdac4ed7bbbc8ec81401da91f841df335614c714cba5bc9c15592be0be347d5985ce7c8a56449332b58d68069cfd8912ac11d04714fbaa17d7d53
- SSDEEP
  
  98304:qNn8ILrA5ersLxc4DYjxsFwjig1cwB8TdTmer0P:qhcermm4Dfijizw6TdiTP
Score

10^/10

soumnibot banker evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerevasioninfostealertrojan