soumnibot | 1b7ac6418b44cf8c0f7ab905052671bb1113ac233caf93467a9e2021f364010f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1b7ac6418b...0f.apk

android-13-x64

Sharing

General

Target

1b7ac6418b44cf8c0f7ab905052671bb1113ac233caf93467a9e2021f364010f.bin
Size

2.6MB
Sample

250327-1489ksyxhv
MD5

4a96e561fb2153c8b57c7d63e927fde1
SHA1

9c8540032f1512bcd6137e7a19eaa5d08f1cbc08
SHA256

1b7ac6418b44cf8c0f7ab905052671bb1113ac233caf93467a9e2021f364010f
SHA512

911bd34b18168eece41971b9a8c2620168f96f4b665bd1e2d5a4f2170f61022986c3107909f1520bd0d1060bb72dcff5697f838758311c3572332e051d19a7aa
SSDEEP

49152:ZJWu0Xlnx7DtVhwFPFRv6TkT1c8arVtDQgodvNAxCYf:ZcXltDtVhwFPFRv6TkT1c8arVtQuf

Score

10^/10

soumnibot android banker defense_evasion evasion infostealer trojan

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

1b7ac6418b44cf8c0f7ab905052671bb1113ac233caf93467a9e2021f364010f.apk

Resource

android-33-x64-arm64-20240910-en

soumnibot banker defense_evasion evasion infostealer trojan

android-13-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  1b7ac6418b44cf8c0f7ab905052671bb1113ac233caf93467a9e2021f364010f.bin
- Size
  
  2.6MB
- MD5
  
  4a96e561fb2153c8b57c7d63e927fde1
- SHA1
  
  9c8540032f1512bcd6137e7a19eaa5d08f1cbc08
- SHA256
  
  1b7ac6418b44cf8c0f7ab905052671bb1113ac233caf93467a9e2021f364010f
- SHA512
  
  911bd34b18168eece41971b9a8c2620168f96f4b665bd1e2d5a4f2170f61022986c3107909f1520bd0d1060bb72dcff5697f838758311c3572332e051d19a7aa
- SSDEEP
  
  49152:ZJWu0Xlnx7DtVhwFPFRv6TkT1c8arVtDQgodvNAxCYf:ZcXltDtVhwFPFRv6TkT1c8arVtQuf
Score

10^/10

soumnibot banker defense_evasion evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  defense_evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdefense_evasionevasioninfostealertrojan

© 2018-2025

Terms | Privacy