soumnibot | 13ba519f4882b55c6445bb2ee3b8d08e6c397bea378905d572b6414302469c3c | Triage

Sharing

General

Target

13ba519f4882b55c6445bb2ee3b8d08e6c397bea378905d572b6414302469c3c.bin
Size

2.1MB
Sample

241114-139hystkgv
MD5

e0c9c8de8050934d2a028ef12a72224d
SHA1

75c0f4e038960b1896e9bbf9db5541d697792234
SHA256

13ba519f4882b55c6445bb2ee3b8d08e6c397bea378905d572b6414302469c3c
SHA512

04b5f5136207794cf973514103fba6c76b6f168496ad6a2a7d0415c354227dbe6de61dfc4486ea183e5e272bda859d0e506252d61152ef4eda3a6d9ba3d48716
SSDEEP

49152:T7hp39jp11W45k3f+ruo5EngZJWu0LH3ggSYVB0l:T7hp3/18YkPQeGcLH5VB0l

Score

10^/10

soumnibot android banker evasion infostealer trojan

Malware Config

Targets

- Target
  
  13ba519f4882b55c6445bb2ee3b8d08e6c397bea378905d572b6414302469c3c.bin
- Size
  
  2.1MB
- MD5
  
  e0c9c8de8050934d2a028ef12a72224d
- SHA1
  
  75c0f4e038960b1896e9bbf9db5541d697792234
- SHA256
  
  13ba519f4882b55c6445bb2ee3b8d08e6c397bea378905d572b6414302469c3c
- SHA512
  
  04b5f5136207794cf973514103fba6c76b6f168496ad6a2a7d0415c354227dbe6de61dfc4486ea183e5e272bda859d0e506252d61152ef4eda3a6d9ba3d48716
- SSDEEP
  
  49152:T7hp39jp11W45k3f+ruo5EngZJWu0LH3ggSYVB0l:T7hp3/18YkPQeGcLH5VB0l
Score

10^/10

soumnibot banker evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerevasioninfostealertrojan