soumnibot | b82631ef994561ec601a28d4caf2da14ed6d39d96b5ddd3fe98418971ba1206c | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

6

b82631ef99...6c.apk

android-9-x86

Sharing

General

Target

b82631ef994561ec601a28d4caf2da14ed6d39d96b5ddd3fe98418971ba1206c.bin
Size

3.7MB
Sample

241231-1zav8atqfp
MD5

54fcd493cc7f0aebb4bdc06e02d0e520
SHA1

35eb554ef89db898666e7028df1b313ce9823ca1
SHA256

b82631ef994561ec601a28d4caf2da14ed6d39d96b5ddd3fe98418971ba1206c
SHA512

65057b3be1745f9369ae632c96b9f1da458b86211ec79c0388c0b957d02375a555234ad01b4f48b888db6ae2dbbd8b196b71ddafb188ed15b87b0fe11007be89
SSDEEP

98304:obXP1b29WtW4vehyNY5k2uXxn+Gxu9nwsl2mh:orGWbve8NWZuXxnw9nwsbh

Score

10^/10

soumnibot android banker discovery evasion infostealer persistence trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

b82631ef994561ec601a28d4caf2da14ed6d39d96b5ddd3fe98418971ba1206c.apk

Resource

android-x86-arm-20240910-en

soumnibot banker discovery evasion infostealer persistence trojan

android-9-x86

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  b82631ef994561ec601a28d4caf2da14ed6d39d96b5ddd3fe98418971ba1206c.bin
- Size
  
  3.7MB
- MD5
  
  54fcd493cc7f0aebb4bdc06e02d0e520
- SHA1
  
  35eb554ef89db898666e7028df1b313ce9823ca1
- SHA256
  
  b82631ef994561ec601a28d4caf2da14ed6d39d96b5ddd3fe98418971ba1206c
- SHA512
  
  65057b3be1745f9369ae632c96b9f1da458b86211ec79c0388c0b957d02375a555234ad01b4f48b888db6ae2dbbd8b196b71ddafb188ed15b87b0fe11007be89
- SSDEEP
  
  98304:obXP1b29WtW4vehyNY5k2uXxn+Gxu9nwsl2mh:orGWbve8NWZuXxnw9nwsbh
Score

10^/10

soumnibot banker discovery evasion infostealer persistence trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdiscoveryevasioninfostealerpersistencetrojan

© 2018-2025

Terms | Privacy