soumnibot | 08f1f21bcc53d89117a92075a6f99b2738d77964a1231431518bb93b0a644ea3 | Triage

Sharing

General

Target

08f1f21bcc53d89117a92075a6f99b2738d77964a1231431518bb93b0a644ea3.bin
Size

4.3MB
Sample

241011-14p6pswhpe
MD5

1bfd3f22cd833b36b52eda6b8d1e1cc0
SHA1

daaaab0449e02bb4128ec8ff9f98f35471f31b58
SHA256

08f1f21bcc53d89117a92075a6f99b2738d77964a1231431518bb93b0a644ea3
SHA512

b1ab0c1fbffcb619d66e77276ca43f77f4e5dca222abbe23d1c19211568247bfd4d5876e1806685ed8c4231d0de79b876fcf7e0c85c4c1ac4e87f8d9e32bc7c1
SSDEEP

98304:m59xx0qx81DAV1tWV5J1qovcjrVykuN1/8xK8jV1WjBivXLxJsMd3:ts816tWVP1o/UNJUMjyXLLsI3

Score

10^/10

soumnibot android banker discovery evasion infostealer trojan

Malware Config

Targets

- Target
  
  08f1f21bcc53d89117a92075a6f99b2738d77964a1231431518bb93b0a644ea3.bin
- Size
  
  4.3MB
- MD5
  
  1bfd3f22cd833b36b52eda6b8d1e1cc0
- SHA1
  
  daaaab0449e02bb4128ec8ff9f98f35471f31b58
- SHA256
  
  08f1f21bcc53d89117a92075a6f99b2738d77964a1231431518bb93b0a644ea3
- SHA512
  
  b1ab0c1fbffcb619d66e77276ca43f77f4e5dca222abbe23d1c19211568247bfd4d5876e1806685ed8c4231d0de79b876fcf7e0c85c4c1ac4e87f8d9e32bc7c1
- SSDEEP
  
  98304:m59xx0qx81DAV1tWV5J1qovcjrVykuN1/8xK8jV1WjBivXLxJsMd3:ts816tWVP1o/UNJUMjyXLLsI3
Score

10^/10

soumnibot banker discovery evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdiscoveryevasioninfostealertrojan