soumnibot | 9fcc3e1b081443d078b86e55b2efe23a5d3d4277e36334216f2f7eb92c3dada0 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

9fcc3e1b08...a0.apk

android-13-x64

Sharing

General

Target

9fcc3e1b081443d078b86e55b2efe23a5d3d4277e36334216f2f7eb92c3dada0.bin
Size

2.6MB
Sample

250327-15b1gayxhx
MD5

b84cf63ea461c97048c85b2fc6b7e49a
SHA1

66c146e7b833d7b564de1fe5410e75e5ab23ef8a
SHA256

9fcc3e1b081443d078b86e55b2efe23a5d3d4277e36334216f2f7eb92c3dada0
SHA512

f0a8013b8df44f87496a3eea24b9a99583f7dedbf82bcff627cca59282c4af6b612d275096d17c4d94b4a8b6be1ae498532600bcdd882ee563dfcbec0a7f6f45
SSDEEP

24576:St4m51+WtE0dLPYfK8auztf28P6MjFd5TPa4PkCRWI2yrlpBsj4y+QQOQ3A7O6Nw:zJWu0aTP6CNa9v/gRC5Y

Score

10^/10

soumnibot android banker defense_evasion evasion infostealer trojan

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

9fcc3e1b081443d078b86e55b2efe23a5d3d4277e36334216f2f7eb92c3dada0.apk

Resource

android-33-x64-arm64-20240910-en

soumnibot banker defense_evasion evasion infostealer trojan

android-13-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  9fcc3e1b081443d078b86e55b2efe23a5d3d4277e36334216f2f7eb92c3dada0.bin
- Size
  
  2.6MB
- MD5
  
  b84cf63ea461c97048c85b2fc6b7e49a
- SHA1
  
  66c146e7b833d7b564de1fe5410e75e5ab23ef8a
- SHA256
  
  9fcc3e1b081443d078b86e55b2efe23a5d3d4277e36334216f2f7eb92c3dada0
- SHA512
  
  f0a8013b8df44f87496a3eea24b9a99583f7dedbf82bcff627cca59282c4af6b612d275096d17c4d94b4a8b6be1ae498532600bcdd882ee563dfcbec0a7f6f45
- SSDEEP
  
  24576:St4m51+WtE0dLPYfK8auztf28P6MjFd5TPa4PkCRWI2yrlpBsj4y+QQOQ3A7O6Nw:zJWu0aTP6CNa9v/gRC5Y
Score

10^/10

soumnibot banker defense_evasion evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  defense_evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdefense_evasionevasioninfostealertrojan

© 2018-2025

Terms | Privacy