soumnibot | 4625cdd7081f0f6e37491d9a4088cabd9935e2b3a3fa6ad20def3dc76a29de5c | Triage

Sharing

General

Target

4625cdd7081f0f6e37491d9a4088cabd9935e2b3a3fa6ad20def3dc76a29de5c.bin
Size

4.3MB
Sample

241012-1yzsystelb
MD5

ccefb13ebd0eaa4a682d582ee7ef92bd
SHA1

7fea7af543542183c964c5fe77724de743914cbe
SHA256

4625cdd7081f0f6e37491d9a4088cabd9935e2b3a3fa6ad20def3dc76a29de5c
SHA512

f52aa70fb46964f6c9ce619cd43c9425524aad9b1d7e718eff8af70234174724297d38966b4716d4dabf1601848c62057132a9901d1cd1564d6ec7a290b6857e
SSDEEP

98304:s9Ex0BCx8gDAV8n667GBoN8i/RNzWQ6n3VEO+v+v7PE1h1kCeMVIodL:WBk8gXnF7kC84KinU7PE/JL

Score

10^/10

soumnibot android banker discovery evasion infostealer trojan

Malware Config

Targets

- Target
  
  4625cdd7081f0f6e37491d9a4088cabd9935e2b3a3fa6ad20def3dc76a29de5c.bin
- Size
  
  4.3MB
- MD5
  
  ccefb13ebd0eaa4a682d582ee7ef92bd
- SHA1
  
  7fea7af543542183c964c5fe77724de743914cbe
- SHA256
  
  4625cdd7081f0f6e37491d9a4088cabd9935e2b3a3fa6ad20def3dc76a29de5c
- SHA512
  
  f52aa70fb46964f6c9ce619cd43c9425524aad9b1d7e718eff8af70234174724297d38966b4716d4dabf1601848c62057132a9901d1cd1564d6ec7a290b6857e
- SSDEEP
  
  98304:s9Ex0BCx8gDAV8n667GBoN8i/RNzWQ6n3VEO+v+v7PE1h1kCeMVIodL:WBk8gXnF7kC84KinU7PE/JL
Score

10^/10

soumnibot banker discovery evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdiscoveryevasioninfostealertrojan