soumnibot | 8cbe4de4efe567f82cd9b9f3e8ae17d16358ea75b922e8751a3a10041ba2a86c | Triage

Sharing

General

Target

8cbe4de4efe567f82cd9b9f3e8ae17d16358ea75b922e8751a3a10041ba2a86c.bin
Size

4.3MB
Sample

241012-1yykwsxhrn
MD5

bb674fd9f2770871b428df68361aa6e8
SHA1

a254845f45d8d61978e55b3234d4804cee1f4c99
SHA256

8cbe4de4efe567f82cd9b9f3e8ae17d16358ea75b922e8751a3a10041ba2a86c
SHA512

e87c8970d358e420fed807b28f3a2b2aea8df501a19cdfc509ad1b768ad0ba304e0b847c3e3b073b5c8dc650b63c0914b6f23dadbd46a08058e62626c183213c
SSDEEP

98304:s9xx34x8zDAV6hLTzVNkwlb0vFoVoBt2dyRKyNjNOnlwa6f/zGMtmhfdr:ki8zhhXzV+eo72+xpOjC2r

Score

10^/10

soumnibot android banker discovery evasion infostealer trojan

Malware Config

Targets

- Target
  
  8cbe4de4efe567f82cd9b9f3e8ae17d16358ea75b922e8751a3a10041ba2a86c.bin
- Size
  
  4.3MB
- MD5
  
  bb674fd9f2770871b428df68361aa6e8
- SHA1
  
  a254845f45d8d61978e55b3234d4804cee1f4c99
- SHA256
  
  8cbe4de4efe567f82cd9b9f3e8ae17d16358ea75b922e8751a3a10041ba2a86c
- SHA512
  
  e87c8970d358e420fed807b28f3a2b2aea8df501a19cdfc509ad1b768ad0ba304e0b847c3e3b073b5c8dc650b63c0914b6f23dadbd46a08058e62626c183213c
- SSDEEP
  
  98304:s9xx34x8zDAV6hLTzVNkwlb0vFoVoBt2dyRKyNjNOnlwa6f/zGMtmhfdr:ki8zhhXzV+eo72+xpOjC2r
Score

10^/10

soumnibot banker discovery evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdiscoveryevasioninfostealertrojan