soumnibot | b12577e4f2d7f78b2ac810b7704d6488539beb2a106bb101c43981a6b11940d3 | Triage

Sharing

General

Target

b12577e4f2d7f78b2ac810b7704d6488539beb2a106bb101c43981a6b11940d3.bin
Size

3.0MB
Sample

241108-2qqqra1gqr
MD5

de5a39440a19c9639e08eaeb8108713d
SHA1

322482b8ba45cb648caa01cbc45a501ca5992627
SHA256

b12577e4f2d7f78b2ac810b7704d6488539beb2a106bb101c43981a6b11940d3
SHA512

c5c371e8be003cacd776fef3a4dbc7c4677d3f4aaa49274e6b8b8efa0d4b7efc5a897c910af31990918551443fe739d3f9918e1dd5479c1d58b1733eb36ac31b
SSDEEP

49152:AdwB+sXbQ/fZhlJ02ge3rDOGpesLNc2HSsqg1wHP2Zr9KI8:AxMbQHZhz02gCrle8C3HP2Zr96

Score

10^/10

soumnibot android banker evasion infostealer trojan

Malware Config

Targets

- Target
  
  b12577e4f2d7f78b2ac810b7704d6488539beb2a106bb101c43981a6b11940d3.bin
- Size
  
  3.0MB
- MD5
  
  de5a39440a19c9639e08eaeb8108713d
- SHA1
  
  322482b8ba45cb648caa01cbc45a501ca5992627
- SHA256
  
  b12577e4f2d7f78b2ac810b7704d6488539beb2a106bb101c43981a6b11940d3
- SHA512
  
  c5c371e8be003cacd776fef3a4dbc7c4677d3f4aaa49274e6b8b8efa0d4b7efc5a897c910af31990918551443fe739d3f9918e1dd5479c1d58b1733eb36ac31b
- SSDEEP
  
  49152:AdwB+sXbQ/fZhlJ02ge3rDOGpesLNc2HSsqg1wHP2Zr9KI8:AxMbQHZhz02gCrle8C3HP2Zr96
Score

10^/10

soumnibot banker evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerevasioninfostealertrojan