soumnibot | d5f2e9d300cb449206ff82ac1f50a8ccff9778c87d9b8354c703b966ed2aaef0 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

d5f2e9d300...f0.apk

android-11-x64

Sharing

General

Target

d5f2e9d300cb449206ff82ac1f50a8ccff9778c87d9b8354c703b966ed2aaef0.bin
Size

2.6MB
Sample

250327-15l6fayyat
MD5

2fd9fefa92b0f0b0d1dcac7beb4374b7
SHA1

bd1756a2a2bf4c13e5800b4de157eacfdf538fc1
SHA256

d5f2e9d300cb449206ff82ac1f50a8ccff9778c87d9b8354c703b966ed2aaef0
SHA512

187ce8ad2fe78202e47dd10e36eb7d42df15ff36e7f0bbadb7915be7f0b4bda10cc0d7cbfb741a1bf33cae22c18c00c20d085b563219c074e5dd082f12375e6a
SSDEEP

24576:d4m51+WtE0Tmv8iZ32NNl4jo29SD/mzONPJrpjhDpvVq5rKKPqXbl9FpGPg69nf7:+JWu0To2NI9SDjPHj3ONCjO

Score

10^/10

soumnibot android banker defense_evasion evasion infostealer trojan

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

d5f2e9d300cb449206ff82ac1f50a8ccff9778c87d9b8354c703b966ed2aaef0.apk

Resource

android-x64-arm64-20240910-en

soumnibot banker defense_evasion evasion infostealer trojan

android-11-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  d5f2e9d300cb449206ff82ac1f50a8ccff9778c87d9b8354c703b966ed2aaef0.bin
- Size
  
  2.6MB
- MD5
  
  2fd9fefa92b0f0b0d1dcac7beb4374b7
- SHA1
  
  bd1756a2a2bf4c13e5800b4de157eacfdf538fc1
- SHA256
  
  d5f2e9d300cb449206ff82ac1f50a8ccff9778c87d9b8354c703b966ed2aaef0
- SHA512
  
  187ce8ad2fe78202e47dd10e36eb7d42df15ff36e7f0bbadb7915be7f0b4bda10cc0d7cbfb741a1bf33cae22c18c00c20d085b563219c074e5dd082f12375e6a
- SSDEEP
  
  24576:d4m51+WtE0Tmv8iZ32NNl4jo29SD/mzONPJrpjhDpvVq5rKKPqXbl9FpGPg69nf7:+JWu0To2NI9SDjPHj3ONCjO
Score

10^/10

soumnibot banker defense_evasion evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  defense_evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdefense_evasionevasioninfostealertrojan

© 2018-2025

Terms | Privacy