soumnibot | 5f39f5f6c699c46dfcc5493d4ab21990be5d9e2514963a23b650235b7ecfaf2b | Triage

Sharing

General

Target

5f39f5f6c699c46dfcc5493d4ab21990be5d9e2514963a23b650235b7ecfaf2b.bin
Size

4.3MB
Sample

241012-1yw23axhrl
MD5

1b4234423265834490a2bddf4e2657dc
SHA1

5c3dd46572df5b9ef2b8bf8cbc256879b11e1e28
SHA256

5f39f5f6c699c46dfcc5493d4ab21990be5d9e2514963a23b650235b7ecfaf2b
SHA512

77dee2320acc0c478939778401bdd9ec943ee953e31a9105e7b5dcb15e95751268a6de59e968e5cbff4af6a6859f24a5f833759f48cd48f01eb03d25515e04ae
SSDEEP

98304:19xxHhx8DDAVXqkuQHd7VrGByesqiQFLTv+FMmgN4D3Wo3Jk86EojZM9ndwiHgdc:T78D4qrQ9Ji6p8L7+FzDtZk86ZZEwi8c

Score

10^/10

soumnibot android banker discovery evasion infostealer trojan

Malware Config

Targets

- Target
  
  5f39f5f6c699c46dfcc5493d4ab21990be5d9e2514963a23b650235b7ecfaf2b.bin
- Size
  
  4.3MB
- MD5
  
  1b4234423265834490a2bddf4e2657dc
- SHA1
  
  5c3dd46572df5b9ef2b8bf8cbc256879b11e1e28
- SHA256
  
  5f39f5f6c699c46dfcc5493d4ab21990be5d9e2514963a23b650235b7ecfaf2b
- SHA512
  
  77dee2320acc0c478939778401bdd9ec943ee953e31a9105e7b5dcb15e95751268a6de59e968e5cbff4af6a6859f24a5f833759f48cd48f01eb03d25515e04ae
- SSDEEP
  
  98304:19xxHhx8DDAVXqkuQHd7VrGByesqiQFLTv+FMmgN4D3Wo3Jk86EojZM9ndwiHgdc:T78D4qrQ9Ji6p8L7+FzDtZk86ZZEwi8c
Score

10^/10

soumnibot banker discovery evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdiscoveryevasioninfostealertrojan