soumnibot | 1ebce88fd9ed81307999d103ecfc34c2b496aaea197b6cb3be9d3f0c58923000 | Triage

Sharing

General

Target

1ebce88fd9ed81307999d103ecfc34c2b496aaea197b6cb3be9d3f0c58923000.bin
Size

4.3MB
Sample

241011-14metawhnh
MD5

1382eb0d9cce4223566c43d6fd5d819f
SHA1

a66e58e07af419cf02ea48b89be1fa94b9365747
SHA256

1ebce88fd9ed81307999d103ecfc34c2b496aaea197b6cb3be9d3f0c58923000
SHA512

9ff49d1952258fb1a01b6ac9cf22e5b3e7d986d5b226863dd4f80b3456b8034ee127e1d717dbb719930565408deea28e9ddc60d07e0769159ade30d8e3c7eb25
SSDEEP

98304:GP9xxsnMx8UDAVJGXfgQ+oQVpcjRUoxrn6wQn7g0dTeEkC1/4bE2VWrcynAXJTdx:Nne8UCGoQ+oUqlUcf+7GEkCIEMWhAXx

Score

10^/10

soumnibot android banker discovery evasion infostealer trojan

Malware Config

Targets

- Target
  
  1ebce88fd9ed81307999d103ecfc34c2b496aaea197b6cb3be9d3f0c58923000.bin
- Size
  
  4.3MB
- MD5
  
  1382eb0d9cce4223566c43d6fd5d819f
- SHA1
  
  a66e58e07af419cf02ea48b89be1fa94b9365747
- SHA256
  
  1ebce88fd9ed81307999d103ecfc34c2b496aaea197b6cb3be9d3f0c58923000
- SHA512
  
  9ff49d1952258fb1a01b6ac9cf22e5b3e7d986d5b226863dd4f80b3456b8034ee127e1d717dbb719930565408deea28e9ddc60d07e0769159ade30d8e3c7eb25
- SSDEEP
  
  98304:GP9xxsnMx8UDAVJGXfgQ+oQVpcjRUoxrn6wQn7g0dTeEkC1/4bE2VWrcynAXJTdx:Nne8UCGoQ+oUqlUcf+7GEkCIEMWhAXx
Score

10^/10

soumnibot banker discovery evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdiscoveryevasioninfostealertrojan