soumnibot | 5edd355faa5ca49ba85c28fba04a8b272acf96039e7326afec904545aac5f5a0 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

5edd355faa...a0.apk

android-13-x64

Sharing

General

Target

5edd355faa5ca49ba85c28fba04a8b272acf96039e7326afec904545aac5f5a0.bin
Size

2.6MB
Sample

250327-14wcqa1mt9
MD5

553d9e0cd270504c4468a4d370336d29
SHA1

c33bb43099d8960e633570be148a061a95433286
SHA256

5edd355faa5ca49ba85c28fba04a8b272acf96039e7326afec904545aac5f5a0
SHA512

5434e9fd9121bf0da2f3e6e6ff497618aabb2ccea806421f1bb7bd322965898aa61ddbddd92a6079e1609106b952bf135714b553fb9ab32f44f251e8e010ea49
SSDEEP

24576:m1b4m51+WtE0mbzIemQZ088sJcA470ieA45RqTbpOjPprmpT83Dyqdn0Ab3Xbi91:m6JWu0tQZL0Hs4pPGwCU7

Score

10^/10

soumnibot android banker defense_evasion evasion infostealer trojan

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

5edd355faa5ca49ba85c28fba04a8b272acf96039e7326afec904545aac5f5a0.apk

Resource

android-33-x64-arm64-20240910-en

soumnibot banker defense_evasion evasion infostealer trojan

android-13-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  5edd355faa5ca49ba85c28fba04a8b272acf96039e7326afec904545aac5f5a0.bin
- Size
  
  2.6MB
- MD5
  
  553d9e0cd270504c4468a4d370336d29
- SHA1
  
  c33bb43099d8960e633570be148a061a95433286
- SHA256
  
  5edd355faa5ca49ba85c28fba04a8b272acf96039e7326afec904545aac5f5a0
- SHA512
  
  5434e9fd9121bf0da2f3e6e6ff497618aabb2ccea806421f1bb7bd322965898aa61ddbddd92a6079e1609106b952bf135714b553fb9ab32f44f251e8e010ea49
- SSDEEP
  
  24576:m1b4m51+WtE0mbzIemQZ088sJcA470ieA45RqTbpOjPprmpT83Dyqdn0Ab3Xbi91:m6JWu0tQZL0Hs4pPGwCU7
Score

10^/10

soumnibot banker defense_evasion evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  defense_evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdefense_evasionevasioninfostealertrojan

© 2018-2025

Terms | Privacy