soumnibot | f5913ecb4ee9204d74904634cb73e829ce017b6ea821ab92a65700fcc372cb60 | Triage

Sharing

General

Target

f5913ecb4ee9204d74904634cb73e829ce017b6ea821ab92a65700fcc372cb60.bin
Size

2.1MB
Sample

241110-12mykaweml
MD5

94af3cb3576b8db0b947673c018deea5
SHA1

4bc4cdd9fbfd1b35d686e6ee04a8ab028d47f8fa
SHA256

f5913ecb4ee9204d74904634cb73e829ce017b6ea821ab92a65700fcc372cb60
SHA512

253f84430abeea35ea2361630986dccad97297ac6831b18891ea7acac69c07a0f669c4ec219582d0d0e44065df8b53606a111adefb6efbf6ef366437efefd450
SSDEEP

49152:h7xT5n++4M+8kbMXHaTh2Fw9tGUfBJQJWu0xB9gSoJO:h755nf4MhkbMqTh0s9ZGcxwJO

Score

10^/10

soumnibot android banker evasion infostealer trojan

Malware Config

Targets

- Target
  
  f5913ecb4ee9204d74904634cb73e829ce017b6ea821ab92a65700fcc372cb60.bin
- Size
  
  2.1MB
- MD5
  
  94af3cb3576b8db0b947673c018deea5
- SHA1
  
  4bc4cdd9fbfd1b35d686e6ee04a8ab028d47f8fa
- SHA256
  
  f5913ecb4ee9204d74904634cb73e829ce017b6ea821ab92a65700fcc372cb60
- SHA512
  
  253f84430abeea35ea2361630986dccad97297ac6831b18891ea7acac69c07a0f669c4ec219582d0d0e44065df8b53606a111adefb6efbf6ef366437efefd450
- SSDEEP
  
  49152:h7xT5n++4M+8kbMXHaTh2Fw9tGUfBJQJWu0xB9gSoJO:h755nf4MhkbMqTh0s9ZGcxwJO
Score

10^/10

soumnibot banker evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerevasioninfostealertrojan