soumnibot | 5252bb4647e37b6414d63d7bc26106b703452bc9802582f87374015cfaf2a310 | Triage

Sharing

General

Target

5252bb4647e37b6414d63d7bc26106b703452bc9802582f87374015cfaf2a310.bin
Size

2.4MB
Sample

241211-11jvhsvken
MD5

f7b278910e1445a9e56124921806890a
SHA1

4e44661d5ab1d00b367a38d343663378e3b4fa9c
SHA256

5252bb4647e37b6414d63d7bc26106b703452bc9802582f87374015cfaf2a310
SHA512

d3a444588a53813b2f0ce8582fdfda954282ad7ff1bdb7d9bbb71812f1f71bce737818e9f1fe3913f2b41d9579bc1ef9b2aaefec56a80d4ba64d186bae620280
SSDEEP

49152:iR5waP26nYccaYAzrrLKqyhHw5m0gciEbcgSdGfCQevD:QaaP26TYAzr/KqyJwjFikWGfCd

Score

10^/10

soumnibot android banker evasion infostealer trojan

Malware Config

Targets

- Target
  
  5252bb4647e37b6414d63d7bc26106b703452bc9802582f87374015cfaf2a310.bin
- Size
  
  2.4MB
- MD5
  
  f7b278910e1445a9e56124921806890a
- SHA1
  
  4e44661d5ab1d00b367a38d343663378e3b4fa9c
- SHA256
  
  5252bb4647e37b6414d63d7bc26106b703452bc9802582f87374015cfaf2a310
- SHA512
  
  d3a444588a53813b2f0ce8582fdfda954282ad7ff1bdb7d9bbb71812f1f71bce737818e9f1fe3913f2b41d9579bc1ef9b2aaefec56a80d4ba64d186bae620280
- SSDEEP
  
  49152:iR5waP26nYccaYAzrrLKqyhHw5m0gciEbcgSdGfCQevD:QaaP26TYAzr/KqyJwjFikWGfCd
Score

10^/10

soumnibot banker evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerevasioninfostealertrojan