soumnibot | 2ad81b398c82f099000202b00008c22324b2a068fba552d04e355f06ae7d5863 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

2ad81b398c...63.apk

android-13-x64

Sharing

General

Target

2ad81b398c82f099000202b00008c22324b2a068fba552d04e355f06ae7d5863.bin
Size

2.6MB
Sample

250327-137pcs1ms6
MD5

7b5374be5a90d70be04b9d362e79f90a
SHA1

6792e51ee7d5767fe5345b0663a3ce46ffaf7a34
SHA256

2ad81b398c82f099000202b00008c22324b2a068fba552d04e355f06ae7d5863
SHA512

e754624a4d3630121d5a41216319b3e54250c7af0c569e490c638af7dc11e3068abd519b4c4fe8673fccc3ba6c597c1f6b80612d26ac41698de2783ea05986c3
SSDEEP

24576:jm4m51+WtE0MywGXVTG4ePt+qd3MqsHpUPEQRxZDs8YqNFhIlnXbJ9iNUPRq9xfc:BJWu0EfSqsJuw/8tC53

Score

10^/10

soumnibot android banker defense_evasion evasion infostealer trojan

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

2ad81b398c82f099000202b00008c22324b2a068fba552d04e355f06ae7d5863.apk

Resource

android-33-x64-arm64-20240910-en

soumnibot banker defense_evasion evasion infostealer trojan

android-13-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2ad81b398c82f099000202b00008c22324b2a068fba552d04e355f06ae7d5863.bin
- Size
  
  2.6MB
- MD5
  
  7b5374be5a90d70be04b9d362e79f90a
- SHA1
  
  6792e51ee7d5767fe5345b0663a3ce46ffaf7a34
- SHA256
  
  2ad81b398c82f099000202b00008c22324b2a068fba552d04e355f06ae7d5863
- SHA512
  
  e754624a4d3630121d5a41216319b3e54250c7af0c569e490c638af7dc11e3068abd519b4c4fe8673fccc3ba6c597c1f6b80612d26ac41698de2783ea05986c3
- SSDEEP
  
  24576:jm4m51+WtE0MywGXVTG4ePt+qd3MqsHpUPEQRxZDs8YqNFhIlnXbJ9iNUPRq9xfc:BJWu0EfSqsJuw/8tC53
Score

10^/10

soumnibot banker defense_evasion evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  defense_evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdefense_evasionevasioninfostealertrojan

© 2018-2025

Terms | Privacy