soumnibot | 09eb8f0de5f1f0c10ddbe76532f22149e15112858c153f942d75b2d32c25b127 | Triage

Sharing

General

Target

09eb8f0de5f1f0c10ddbe76532f22149e15112858c153f942d75b2d32c25b127.bin
Size

4.3MB
Sample

241011-14qr8s1fmp
MD5

0bc28a430a3eb7b94be4e6854cdd5fc0
SHA1

69266b9b8eb7d7544a7f3efa703b2bf37903b914
SHA256

09eb8f0de5f1f0c10ddbe76532f22149e15112858c153f942d75b2d32c25b127
SHA512

991cd3ede895244f23146cdae8ffaef428d7ec49e4cfcf2354761387d4aa7199b160174bba04af6a400090b290a721c47f493a5a8b558374b6f535910dc27e07
SSDEEP

98304:o9LxQCx8CDAVwiaIeF3arLvzQ0zzymwTSJ7x2orSB4d38:Fk8CTiaoLz/zzymWSJ7s638

Score

10^/10

soumnibot android banker discovery evasion infostealer trojan

Malware Config

Targets

- Target
  
  09eb8f0de5f1f0c10ddbe76532f22149e15112858c153f942d75b2d32c25b127.bin
- Size
  
  4.3MB
- MD5
  
  0bc28a430a3eb7b94be4e6854cdd5fc0
- SHA1
  
  69266b9b8eb7d7544a7f3efa703b2bf37903b914
- SHA256
  
  09eb8f0de5f1f0c10ddbe76532f22149e15112858c153f942d75b2d32c25b127
- SHA512
  
  991cd3ede895244f23146cdae8ffaef428d7ec49e4cfcf2354761387d4aa7199b160174bba04af6a400090b290a721c47f493a5a8b558374b6f535910dc27e07
- SSDEEP
  
  98304:o9LxQCx8CDAVwiaIeF3arLvzQ0zzymwTSJ7x2orSB4d38:Fk8CTiaoLz/zzymWSJ7s638
Score

10^/10

soumnibot banker discovery evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdiscoveryevasioninfostealertrojan