soumnibot | 129fe4691e83e27e86e9e0303a8d85a8f33bb7a083877dfb4741a7d8bb0c5e61 | Triage

Sharing

General

Target

129fe4691e83e27e86e9e0303a8d85a8f33bb7a083877dfb4741a7d8bb0c5e61.bin
Size

2.0MB
Sample

250211-13s6zatldx
MD5

eec1028d4e7b1a39b715309e605eb6cc
SHA1

43de59fe76a934349db8e59f4a63c09856f6f9ed
SHA256

129fe4691e83e27e86e9e0303a8d85a8f33bb7a083877dfb4741a7d8bb0c5e61
SHA512

f99f82ae8bacf59e8cc145a89adbe03a1e70fcdc20720b0020215476cd9b85384137222a9cadf84654f6538019e422c0aaa99f61bc2009b99835701af3c55305
SSDEEP

49152:jCBx9y68crD7ksKyOO9JWu0BOMG+0MJugSw2:GBjy6DD72FucBO3dMJd2

Score

10^/10

soumnibot android banker evasion infostealer trojan

Malware Config

Targets

- Target
  
  129fe4691e83e27e86e9e0303a8d85a8f33bb7a083877dfb4741a7d8bb0c5e61.bin
- Size
  
  2.0MB
- MD5
  
  eec1028d4e7b1a39b715309e605eb6cc
- SHA1
  
  43de59fe76a934349db8e59f4a63c09856f6f9ed
- SHA256
  
  129fe4691e83e27e86e9e0303a8d85a8f33bb7a083877dfb4741a7d8bb0c5e61
- SHA512
  
  f99f82ae8bacf59e8cc145a89adbe03a1e70fcdc20720b0020215476cd9b85384137222a9cadf84654f6538019e422c0aaa99f61bc2009b99835701af3c55305
- SSDEEP
  
  49152:jCBx9y68crD7ksKyOO9JWu0BOMG+0MJugSw2:GBjy6DD72FucBO3dMJd2
Score

10^/10

soumnibot banker evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerevasioninfostealertrojan