soumnibot | 0b9d3e86a4f5e2912a50892206d4ec33c0283142e7d2de8f8fab6ec4fab42790 | Triage

Submit
Reports

Overview

overview

Static

static

6

0b9d3e86a4...90.apk

android-9-x86

Sharing

General

Target

0b9d3e86a4f5e2912a50892206d4ec33c0283142e7d2de8f8fab6ec4fab42790.bin
Size

3.3MB
Sample

241201-12n6mayqhq
MD5

f235b6d6209816fe828dc4f78a555188
SHA1

00917a8c74fe00d4fd68b379a43ee2f0e53cfe36
SHA256

0b9d3e86a4f5e2912a50892206d4ec33c0283142e7d2de8f8fab6ec4fab42790
SHA512

091c230dafd83cd30977fcbb694cccf0f9628fecfe47634b68e0ab31ad97492ede35942d723e239b6242b4c8a11abcebb75046858f4a87a78a7f26fcc265c014
SSDEEP

98304:s95xaGEdoLzOZc74fNGhIpLc9pIvsGSNC3ZxB8:lGgonacMfKIJc9p4CCJs

Score

10^/10

soumnibot android banker discovery evasion infostealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0b9d3e86a4f5e2912a50892206d4ec33c0283142e7d2de8f8fab6ec4fab42790.apk

Resource

android-x86-arm-20240910-en

soumnibot banker discovery evasion infostealer trojan

android-9-x86

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  0b9d3e86a4f5e2912a50892206d4ec33c0283142e7d2de8f8fab6ec4fab42790.bin
- Size
  
  3.3MB
- MD5
  
  f235b6d6209816fe828dc4f78a555188
- SHA1
  
  00917a8c74fe00d4fd68b379a43ee2f0e53cfe36
- SHA256
  
  0b9d3e86a4f5e2912a50892206d4ec33c0283142e7d2de8f8fab6ec4fab42790
- SHA512
  
  091c230dafd83cd30977fcbb694cccf0f9628fecfe47634b68e0ab31ad97492ede35942d723e239b6242b4c8a11abcebb75046858f4a87a78a7f26fcc265c014
- SSDEEP
  
  98304:s95xaGEdoLzOZc74fNGhIpLc9pIvsGSNC3ZxB8:lGgonacMfKIJc9p4CCJs
Score

10^/10

soumnibot banker discovery evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdiscoveryevasioninfostealertrojan

© 2018-2025

Terms | Privacy