soumnibot | 454cc2043cae5bf50a3cdf758ea0e1148c85580ed3fe9659da5d420f111ef65e | Triage

Sharing

General

Target

454cc2043cae5bf50a3cdf758ea0e1148c85580ed3fe9659da5d420f111ef65e.bin
Size

4.0MB
Sample

240911-11dnhawcmf
MD5

735f57ad92379cc5459400ca8318ef4e
SHA1

f49b0d5e9abc4faa9b54b833eda9313d299eaeb7
SHA256

454cc2043cae5bf50a3cdf758ea0e1148c85580ed3fe9659da5d420f111ef65e
SHA512

46b06964d6fb184ee7356118aae941167c208f8999d8192c29ac6780646bf0f370496bc81598ada7e38d0355f987cf78bb46ec1231564a586aab2ce41553ee0d
SSDEEP

98304:2D481GLZ2DeYDjbbF/x+Xb2mCUbXWoxjrrLyN:2081DPfFoNCUbXWayN

Score

10^/10

soumnibot android banker discovery evasion infostealer persistence trojan

Malware Config

Targets

- Target
  
  454cc2043cae5bf50a3cdf758ea0e1148c85580ed3fe9659da5d420f111ef65e.bin
- Size
  
  4.0MB
- MD5
  
  735f57ad92379cc5459400ca8318ef4e
- SHA1
  
  f49b0d5e9abc4faa9b54b833eda9313d299eaeb7
- SHA256
  
  454cc2043cae5bf50a3cdf758ea0e1148c85580ed3fe9659da5d420f111ef65e
- SHA512
  
  46b06964d6fb184ee7356118aae941167c208f8999d8192c29ac6780646bf0f370496bc81598ada7e38d0355f987cf78bb46ec1231564a586aab2ce41553ee0d
- SSDEEP
  
  98304:2D481GLZ2DeYDjbbF/x+Xb2mCUbXWoxjrrLyN:2081DPfFoNCUbXWayN
Score

10^/10

soumnibot banker discovery evasion infostealer persistence trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Checks if the Android device is rooted.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdiscoveryevasioninfostealerpersistencetrojan