soumnibot | 6e7dc5acbcf5601862c3dbd218beee92cb5cd17de962d0e9a8c477dc95a825f7 | Triage

Sharing

General

Target

6e7dc5acbcf5601862c3dbd218beee92cb5cd17de962d0e9a8c477dc95a825f7.bin
Size

2.0MB
Sample

250115-11t1gsyjgk
MD5

2cd3490bbaffe06194a5d41fea9de5e1
SHA1

95f6f04f057515b7f7800c515bfe0d7967e2067f
SHA256

6e7dc5acbcf5601862c3dbd218beee92cb5cd17de962d0e9a8c477dc95a825f7
SHA512

b7becbd7cf844f643adf725d40792a255592a1fcbe9e67ceb2074ccc97f99bd59b8a51974b55af2a8f163d5661f44f0640ca30dd7059d7ed1fd586f2999d99a1
SSDEEP

49152:hFgyFkxVhi5Y0GMMueQtzJWu0fGoOS3gSXL:UyF+KgMMuNxcfGPSrL

Score

10^/10

soumnibot android banker evasion infostealer trojan

Malware Config

Targets

- Target
  
  6e7dc5acbcf5601862c3dbd218beee92cb5cd17de962d0e9a8c477dc95a825f7.bin
- Size
  
  2.0MB
- MD5
  
  2cd3490bbaffe06194a5d41fea9de5e1
- SHA1
  
  95f6f04f057515b7f7800c515bfe0d7967e2067f
- SHA256
  
  6e7dc5acbcf5601862c3dbd218beee92cb5cd17de962d0e9a8c477dc95a825f7
- SHA512
  
  b7becbd7cf844f643adf725d40792a255592a1fcbe9e67ceb2074ccc97f99bd59b8a51974b55af2a8f163d5661f44f0640ca30dd7059d7ed1fd586f2999d99a1
- SSDEEP
  
  49152:hFgyFkxVhi5Y0GMMueQtzJWu0fGoOS3gSXL:UyF+KgMMuNxcfGPSrL
Score

10^/10

soumnibot banker evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerevasioninfostealertrojan