soumnibot | 7b1d2827faea41382e4717bebdf19eff880f1f50215bd37557775c46a6e47110 | Triage

Sharing

General

Target

7b1d2827faea41382e4717bebdf19eff880f1f50215bd37557775c46a6e47110.bin
Size

2.4MB
Sample

241011-14r1aswhph
MD5

5ddc0ddaef97209ad34ec89baa62b79c
SHA1

5da9e7d0a09968c866edd4f3b0f576ffd294a712
SHA256

7b1d2827faea41382e4717bebdf19eff880f1f50215bd37557775c46a6e47110
SHA512

7b3f53778d591e918beca9b1aac648a95ff69afa63e909cfe3c6ca89b2eae9a04e5667c6fe4193ed8e73c35e4d25e9ecc69ac0ee1fe60198d167503aea4cd883
SSDEEP

49152:9JWu0DdVXgS6CzFz19dDjEogprGqq4HaPklJDNUnwUeR:9cDmCzrVgAqjaML+nwUy

Score

10^/10

soumnibot android banker evasion infostealer trojan

Malware Config

Targets

- Target
  
  7b1d2827faea41382e4717bebdf19eff880f1f50215bd37557775c46a6e47110.bin
- Size
  
  2.4MB
- MD5
  
  5ddc0ddaef97209ad34ec89baa62b79c
- SHA1
  
  5da9e7d0a09968c866edd4f3b0f576ffd294a712
- SHA256
  
  7b1d2827faea41382e4717bebdf19eff880f1f50215bd37557775c46a6e47110
- SHA512
  
  7b3f53778d591e918beca9b1aac648a95ff69afa63e909cfe3c6ca89b2eae9a04e5667c6fe4193ed8e73c35e4d25e9ecc69ac0ee1fe60198d167503aea4cd883
- SSDEEP
  
  49152:9JWu0DdVXgS6CzFz19dDjEogprGqq4HaPklJDNUnwUeR:9cDmCzrVgAqjaML+nwUy
Score

10^/10

soumnibot banker evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerevasioninfostealertrojan