soumnibot | 8d630b9996c7dfb57b0cfc2b6933d154e5c82bf0e360e3709689cb4fcd5e98d0 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

8d630b9996...d0.apk

android-13-x64

Sharing

General

Target

8d630b9996c7dfb57b0cfc2b6933d154e5c82bf0e360e3709689cb4fcd5e98d0.bin
Size

2.6MB
Sample

250327-14aq1syxev
MD5

bc6d2ae446d121304ed8e9b2c366a9f1
SHA1

d2f1be7fe4d4b31067d24ddc9b9d203241381aa7
SHA256

8d630b9996c7dfb57b0cfc2b6933d154e5c82bf0e360e3709689cb4fcd5e98d0
SHA512

697ab5d071f4df299acb2d105f091214b8cff1b251fedcaec1313da4735c120879dd8eb011a316ac101773d827c3a445a24214cc31902f4ca100f13f8412737d
SSDEEP

24576:Cj4m51+WtE0qCq4SNB+JxxuOt/+ZL6lLAXU9oOLc6+O5aW1YrSCBeZa15:XJWu0qCN+MxfA6+OsWut

Score

10^/10

soumnibot android banker defense_evasion evasion infostealer trojan

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

8d630b9996c7dfb57b0cfc2b6933d154e5c82bf0e360e3709689cb4fcd5e98d0.apk

Resource

android-33-x64-arm64-20240910-en

soumnibot banker defense_evasion evasion infostealer trojan

android-13-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  8d630b9996c7dfb57b0cfc2b6933d154e5c82bf0e360e3709689cb4fcd5e98d0.bin
- Size
  
  2.6MB
- MD5
  
  bc6d2ae446d121304ed8e9b2c366a9f1
- SHA1
  
  d2f1be7fe4d4b31067d24ddc9b9d203241381aa7
- SHA256
  
  8d630b9996c7dfb57b0cfc2b6933d154e5c82bf0e360e3709689cb4fcd5e98d0
- SHA512
  
  697ab5d071f4df299acb2d105f091214b8cff1b251fedcaec1313da4735c120879dd8eb011a316ac101773d827c3a445a24214cc31902f4ca100f13f8412737d
- SSDEEP
  
  24576:Cj4m51+WtE0qCq4SNB+JxxuOt/+ZL6lLAXU9oOLc6+O5aW1YrSCBeZa15:XJWu0qCN+MxfA6+OsWut
Score

10^/10

soumnibot banker defense_evasion evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  defense_evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdefense_evasionevasioninfostealertrojan

© 2018-2025

Terms | Privacy