soumnibot | f697cd567febfe4a7620b9f906d744950e6738424fd5c120dbff9f154999a010 | Triage

Sharing

General

Target

f697cd567febfe4a7620b9f906d744950e6738424fd5c120dbff9f154999a010.bin
Size

2.1MB
Sample

241216-1w33la1nct
MD5

61e865527d5555824428a6b7f3f253b2
SHA1

fcd14231ef35d8c805e3460321fe252fda8c5e6b
SHA256

f697cd567febfe4a7620b9f906d744950e6738424fd5c120dbff9f154999a010
SHA512

0ff423e35327569d34d63c6d10fdd10c88a4c143bc6c96162e1fabddcf067cc4932338c9ce96e025f6bb171826cc91c69e8502146228a2c5f662b2860e55b523
SSDEEP

49152:pG/tLrqG1XhEKnXdRIX3kvQVXoSjgciEbr2gSXbvqsd:p8t3qG1RrnXYnJRPjFikrybvqe

Score

10^/10

soumnibot android banker evasion infostealer trojan

Malware Config

Targets

- Target
  
  f697cd567febfe4a7620b9f906d744950e6738424fd5c120dbff9f154999a010.bin
- Size
  
  2.1MB
- MD5
  
  61e865527d5555824428a6b7f3f253b2
- SHA1
  
  fcd14231ef35d8c805e3460321fe252fda8c5e6b
- SHA256
  
  f697cd567febfe4a7620b9f906d744950e6738424fd5c120dbff9f154999a010
- SHA512
  
  0ff423e35327569d34d63c6d10fdd10c88a4c143bc6c96162e1fabddcf067cc4932338c9ce96e025f6bb171826cc91c69e8502146228a2c5f662b2860e55b523
- SSDEEP
  
  49152:pG/tLrqG1XhEKnXdRIX3kvQVXoSjgciEbr2gSXbvqsd:p8t3qG1RrnXYnJRPjFikrybvqe
Score

10^/10

soumnibot banker evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerevasioninfostealertrojan