soumnibot | 110fb6cfcd01ad553ce698874b80279535cdc8e43206b0acae1fa7220701d1f6 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

110fb6cfcd...f6.apk

android-13-x64

Sharing

General

Target

110fb6cfcd01ad553ce698874b80279535cdc8e43206b0acae1fa7220701d1f6.bin
Size

2.6MB
Sample

250327-14vq7ayxft
MD5

f531213b6b474cc31f69b79d5977d256
SHA1

3c309bbbdd063db965f1857b224d8427d18e4517
SHA256

110fb6cfcd01ad553ce698874b80279535cdc8e43206b0acae1fa7220701d1f6
SHA512

e376c878f9b0c950fd9db322d32e991c4004f750d88314cc229ab6b405d63d37cd49c144737070a67bfccbdc264ba334e87bb12b036440df3e3638a29ea5869c
SSDEEP

49152:ZJWu0Xlnx7DtVhwFPFRv6TkT1c8arVtDQgodvNAxCqq2:ZcXltDtVhwFPFRv6TkT1c8arVtQIq2

Score

10^/10

soumnibot android banker defense_evasion evasion infostealer trojan

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

110fb6cfcd01ad553ce698874b80279535cdc8e43206b0acae1fa7220701d1f6.apk

Resource

android-33-x64-arm64-20240910-en

soumnibot banker defense_evasion evasion infostealer trojan

android-13-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  110fb6cfcd01ad553ce698874b80279535cdc8e43206b0acae1fa7220701d1f6.bin
- Size
  
  2.6MB
- MD5
  
  f531213b6b474cc31f69b79d5977d256
- SHA1
  
  3c309bbbdd063db965f1857b224d8427d18e4517
- SHA256
  
  110fb6cfcd01ad553ce698874b80279535cdc8e43206b0acae1fa7220701d1f6
- SHA512
  
  e376c878f9b0c950fd9db322d32e991c4004f750d88314cc229ab6b405d63d37cd49c144737070a67bfccbdc264ba334e87bb12b036440df3e3638a29ea5869c
- SSDEEP
  
  49152:ZJWu0Xlnx7DtVhwFPFRv6TkT1c8arVtDQgodvNAxCqq2:ZcXltDtVhwFPFRv6TkT1c8arVtQIq2
Score

10^/10

soumnibot banker defense_evasion evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  defense_evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdefense_evasionevasioninfostealertrojan

© 2018-2025

Terms | Privacy