soumnibot | b1593b1fc98d60ce81d7ac67a3449545e1ace11b92345e36ab2b0d019b86127e | Triage

Sharing

General

Target

b1593b1fc98d60ce81d7ac67a3449545e1ace11b92345e36ab2b0d019b86127e.bin
Size

2.0MB
Sample

241206-12pgdszpbs
MD5

12799e22d8637da428ad08d2520fa8ae
SHA1

3287b63b5a41b128d1c9afaddaf4775c2a59adf5
SHA256

b1593b1fc98d60ce81d7ac67a3449545e1ace11b92345e36ab2b0d019b86127e
SHA512

b8aa760f596a7eb5c75de59d32ebafa353604f5e59b44b89abb3f845817b534f664059f3d6aa07d276e6de1cfa9236fe7a7f204797be618cc59784601ef71517
SSDEEP

24576:jB+QWpL2eCbw2cd98wt6Abth3c4CvMteNipubBgSztrCL+1tgmWv9:d+PN2eSNcw/Abth3cpgciEbBgSBGaBq

Score

10^/10

soumnibot android banker evasion infostealer trojan

Malware Config

Targets

- Target
  
  b1593b1fc98d60ce81d7ac67a3449545e1ace11b92345e36ab2b0d019b86127e.bin
- Size
  
  2.0MB
- MD5
  
  12799e22d8637da428ad08d2520fa8ae
- SHA1
  
  3287b63b5a41b128d1c9afaddaf4775c2a59adf5
- SHA256
  
  b1593b1fc98d60ce81d7ac67a3449545e1ace11b92345e36ab2b0d019b86127e
- SHA512
  
  b8aa760f596a7eb5c75de59d32ebafa353604f5e59b44b89abb3f845817b534f664059f3d6aa07d276e6de1cfa9236fe7a7f204797be618cc59784601ef71517
- SSDEEP
  
  24576:jB+QWpL2eCbw2cd98wt6Abth3c4CvMteNipubBgSztrCL+1tgmWv9:d+PN2eSNcw/Abth3cpgciEbBgSBGaBq
Score

10^/10

soumnibot banker evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerevasioninfostealertrojan