soumnibot | 95e22f086037fe1ce1379c7b1b009daca8513dd43b78704a20b2dbc7ff2d08ba | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

95e22f0860...ba.apk

android-13-x64

Sharing

General

Target

95e22f086037fe1ce1379c7b1b009daca8513dd43b78704a20b2dbc7ff2d08ba.bin
Size

2.6MB
Sample

250327-13w8ma1l17
MD5

42f694fe0dbfdca6fda98db4eac5fbcd
SHA1

d8212615a08707b38055e20822386cd2a45426b7
SHA256

95e22f086037fe1ce1379c7b1b009daca8513dd43b78704a20b2dbc7ff2d08ba
SHA512

0588da1b1a4ee1359019f8654b2814ca5a4a11e5e20fbe2eb613b9d855f7ce2f72dfb43a910379a0d7d14c93f71d1b17454bdaefce2db7cd93dec8b20e37300e
SSDEEP

24576:jjl4m51+WtE0ticNv0jkkwxXajC2mXcvUaBBkMiApUSyHljgmeFyU9YOfnT6xU0q:OJWu0iBFB0gY6C3H4

Score

10^/10

soumnibot android banker defense_evasion evasion infostealer trojan

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

95e22f086037fe1ce1379c7b1b009daca8513dd43b78704a20b2dbc7ff2d08ba.apk

Resource

android-33-x64-arm64-20240910-en

soumnibot banker defense_evasion evasion infostealer trojan

android-13-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  95e22f086037fe1ce1379c7b1b009daca8513dd43b78704a20b2dbc7ff2d08ba.bin
- Size
  
  2.6MB
- MD5
  
  42f694fe0dbfdca6fda98db4eac5fbcd
- SHA1
  
  d8212615a08707b38055e20822386cd2a45426b7
- SHA256
  
  95e22f086037fe1ce1379c7b1b009daca8513dd43b78704a20b2dbc7ff2d08ba
- SHA512
  
  0588da1b1a4ee1359019f8654b2814ca5a4a11e5e20fbe2eb613b9d855f7ce2f72dfb43a910379a0d7d14c93f71d1b17454bdaefce2db7cd93dec8b20e37300e
- SSDEEP
  
  24576:jjl4m51+WtE0ticNv0jkkwxXajC2mXcvUaBBkMiApUSyHljgmeFyU9YOfnT6xU0q:OJWu0iBFB0gY6C3H4
Score

10^/10

soumnibot banker defense_evasion evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  defense_evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdefense_evasionevasioninfostealertrojan

© 2018-2025

Terms | Privacy