soumnibot | ab0cd87d0acee5b27da33a73d2c96083ed000ea9abe6881bee22508afc7845c6 | Triage

Sharing

General

Target

ab0cd87d0acee5b27da33a73d2c96083ed000ea9abe6881bee22508afc7845c6.bin
Size

4.0MB
Sample

250206-11v8jsymdt
MD5

b1a56c7e9c513870bf2b1f66518a5250
SHA1

3a13375cafa69ca11dc9ac2373757c201215033b
SHA256

ab0cd87d0acee5b27da33a73d2c96083ed000ea9abe6881bee22508afc7845c6
SHA512

56edb0db622726673dd4f84a605b94d4eac0123cec8b5d0d405ba2d57c9eaec1587430bb58a724804b8dfc885aa0409d32c4d070b62351b8f3d0945421e3ddec
SSDEEP

98304:8a/xR9ayBdsLxiVmYoq7TFj0bcDUVl2XAbIgJ1a6dDC:NYyB52q710X+XAImDC

Score

10^/10

soumnibot android banker defense_evasion discovery evasion infostealer trojan

Malware Config

Targets

- Target
  
  ab0cd87d0acee5b27da33a73d2c96083ed000ea9abe6881bee22508afc7845c6.bin
- Size
  
  4.0MB
- MD5
  
  b1a56c7e9c513870bf2b1f66518a5250
- SHA1
  
  3a13375cafa69ca11dc9ac2373757c201215033b
- SHA256
  
  ab0cd87d0acee5b27da33a73d2c96083ed000ea9abe6881bee22508afc7845c6
- SHA512
  
  56edb0db622726673dd4f84a605b94d4eac0123cec8b5d0d405ba2d57c9eaec1587430bb58a724804b8dfc885aa0409d32c4d070b62351b8f3d0945421e3ddec
- SSDEEP
  
  98304:8a/xR9ayBdsLxiVmYoq7TFj0bcDUVl2XAbIgJ1a6dDC:NYyB52q710X+XAImDC
Score

10^/10

soumnibot banker defense_evasion discovery evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  defense_evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdefense_evasiondiscoveryevasioninfostealertrojan