soumnibot | d2511a80ee7ff4d1427bf18c9709e977be64162d66a4f4018ad2cbb7820d3f1f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

d2511a80ee...1f.apk

android-13-x64

Sharing

General

Target

d2511a80ee7ff4d1427bf18c9709e977be64162d66a4f4018ad2cbb7820d3f1f.bin
Size

2.6MB
Sample

250327-15gkys1mx4
MD5

d7628e9146c4061f919e3c4fba167cb1
SHA1

e5f656a217af2fd07c6599e80f7216eaa2319364
SHA256

d2511a80ee7ff4d1427bf18c9709e977be64162d66a4f4018ad2cbb7820d3f1f
SHA512

6b893475acfcdad42a36eb85d00144b0fe2ef784fc26aede7bb5a628f67252bd38117380ce444415c5999f2942eb37162251d2f1c96733cf5fe8ffaa6af07ab5
SSDEEP

24576:r6lk4m51+WtE0P057IPeK1lhFdzlt7vGgOwvoqWFwRGer0GuMokDnuApvgkCua/n:mJWu0EQ1vJ4Ao8Cj

Score

10^/10

soumnibot android banker defense_evasion evasion infostealer trojan

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

d2511a80ee7ff4d1427bf18c9709e977be64162d66a4f4018ad2cbb7820d3f1f.apk

Resource

android-33-x64-arm64-20240910-en

soumnibot banker defense_evasion evasion infostealer trojan

android-13-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  d2511a80ee7ff4d1427bf18c9709e977be64162d66a4f4018ad2cbb7820d3f1f.bin
- Size
  
  2.6MB
- MD5
  
  d7628e9146c4061f919e3c4fba167cb1
- SHA1
  
  e5f656a217af2fd07c6599e80f7216eaa2319364
- SHA256
  
  d2511a80ee7ff4d1427bf18c9709e977be64162d66a4f4018ad2cbb7820d3f1f
- SHA512
  
  6b893475acfcdad42a36eb85d00144b0fe2ef784fc26aede7bb5a628f67252bd38117380ce444415c5999f2942eb37162251d2f1c96733cf5fe8ffaa6af07ab5
- SSDEEP
  
  24576:r6lk4m51+WtE0P057IPeK1lhFdzlt7vGgOwvoqWFwRGer0GuMokDnuApvgkCua/n:mJWu0EQ1vJ4Ao8Cj
Score

10^/10

soumnibot banker defense_evasion evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  defense_evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdefense_evasionevasioninfostealertrojan

© 2018-2025

Terms | Privacy