soumnibot | 4f53b06c35093d8d2a63e7da9e1bd305e23257cc582f436e9ec93a6be9752a5a | Triage

Sharing

General

Target

4f53b06c35093d8d2a63e7da9e1bd305e23257cc582f436e9ec93a6be9752a5a.bin
Size

2.1MB
Sample

241112-12exysselk
MD5

de0ce23f852381f8fffa4851192f3224
SHA1

84a55eca64589484aa2d2a2071cebfbc77d1e3f5
SHA256

4f53b06c35093d8d2a63e7da9e1bd305e23257cc582f436e9ec93a6be9752a5a
SHA512

fe066efc4117c53f44951498d36bba458e467fc2ccf9111992ef1b6975d5525e55a4c0fcd0dd20ad093a120178fa004452f9adfd323833554857a083dbf06929
SSDEEP

24576:m17KKC69tOncPrGeO1Wvcrv+JdRwLonKMrhqBNeqw5hk4m51+WtE0h1qfrEqkvgm:Q7KKLVPnJJYonAvwvDJWu0h1O2gS5QMX

Score

10^/10

soumnibot android banker evasion infostealer trojan

Malware Config

Targets

- Target
  
  4f53b06c35093d8d2a63e7da9e1bd305e23257cc582f436e9ec93a6be9752a5a.bin
- Size
  
  2.1MB
- MD5
  
  de0ce23f852381f8fffa4851192f3224
- SHA1
  
  84a55eca64589484aa2d2a2071cebfbc77d1e3f5
- SHA256
  
  4f53b06c35093d8d2a63e7da9e1bd305e23257cc582f436e9ec93a6be9752a5a
- SHA512
  
  fe066efc4117c53f44951498d36bba458e467fc2ccf9111992ef1b6975d5525e55a4c0fcd0dd20ad093a120178fa004452f9adfd323833554857a083dbf06929
- SSDEEP
  
  24576:m17KKC69tOncPrGeO1Wvcrv+JdRwLonKMrhqBNeqw5hk4m51+WtE0h1qfrEqkvgm:Q7KKLVPnJJYonAvwvDJWu0h1O2gS5QMX
Score

10^/10

soumnibot banker evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerevasioninfostealertrojan