soumnibot | 49862484acfecb504b2f59bbf307e0371bb8b74a976aa8fc63532f12fe537ad7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

49862484ac...d7.apk

android-13-x64

Sharing

General

Target

49862484acfecb504b2f59bbf307e0371bb8b74a976aa8fc63532f12fe537ad7.bin
Size

4.6MB
Sample

250327-13znra1l19
MD5

77fef0ab5f02e79366e1beb02beb66f1
SHA1

ab335423d7fdee6cb075145f8e6f253f5714aabb
SHA256

49862484acfecb504b2f59bbf307e0371bb8b74a976aa8fc63532f12fe537ad7
SHA512

1134f37ee881125ba7f08e19207d29befb288f1298f5e066f53ae5adf63a62c1b60c9a7de5f72e1fa64238bc19761f4fe6a3c54b23c8d515f57d5e7a5401bfc5
SSDEEP

49152:JJWu0JGQRxTV3AnRpJM34m2CaMcf+9rusvQW4zFI:JcJGS+Xccf+9p7

Score

10^/10

soumnibot android banker defense_evasion evasion infostealer trojan

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

49862484acfecb504b2f59bbf307e0371bb8b74a976aa8fc63532f12fe537ad7.apk

Resource

android-33-x64-arm64-20240910-en

soumnibot banker defense_evasion evasion infostealer trojan

android-13-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  49862484acfecb504b2f59bbf307e0371bb8b74a976aa8fc63532f12fe537ad7.bin
- Size
  
  4.6MB
- MD5
  
  77fef0ab5f02e79366e1beb02beb66f1
- SHA1
  
  ab335423d7fdee6cb075145f8e6f253f5714aabb
- SHA256
  
  49862484acfecb504b2f59bbf307e0371bb8b74a976aa8fc63532f12fe537ad7
- SHA512
  
  1134f37ee881125ba7f08e19207d29befb288f1298f5e066f53ae5adf63a62c1b60c9a7de5f72e1fa64238bc19761f4fe6a3c54b23c8d515f57d5e7a5401bfc5
- SSDEEP
  
  49152:JJWu0JGQRxTV3AnRpJM34m2CaMcf+9rusvQW4zFI:JcJGS+Xccf+9p7
Score

10^/10

soumnibot banker defense_evasion evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  defense_evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdefense_evasionevasioninfostealertrojan

© 2018-2025

Terms | Privacy