soumnibot | 116e89a276ed2ea060146a0b737c90666d4a64a71cc4369bcc427ee5d86c39e8 | Triage

Submit
Reports

Overview

overview

Static

static

116e89a276...e8.apk

android-11-x64

Sharing

General

Target

116e89a276ed2ea060146a0b737c90666d4a64a71cc4369bcc427ee5d86c39e8.bin
Size

4.5MB
Sample

250403-123n1sxpv8
MD5

04fd1eea3da308190c90db6605e27f41
SHA1

a2d3244120aab2a12247d3930679ea45db16f80e
SHA256

116e89a276ed2ea060146a0b737c90666d4a64a71cc4369bcc427ee5d86c39e8
SHA512

c8e40b4b3a3c1a02c55de62f167a2c5e3b5197f3daf403158356ad6cb41510348b7e20777f3de110746ffcbe4b15aa2632f4d5f898467a0c05948d6a63a3a8d8
SSDEEP

49152:0JWu0kCiSbSjQC3G3FbERkk8EWo8Q3mXX:0c6S+QZERkktiX

Score

10^/10

soumnibot android banker defense_evasion evasion infostealer trojan

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

116e89a276ed2ea060146a0b737c90666d4a64a71cc4369bcc427ee5d86c39e8.apk

Resource

android-x64-arm64-20240910-en

soumnibot banker defense_evasion evasion infostealer trojan

android-11-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  116e89a276ed2ea060146a0b737c90666d4a64a71cc4369bcc427ee5d86c39e8.bin
- Size
  
  4.5MB
- MD5
  
  04fd1eea3da308190c90db6605e27f41
- SHA1
  
  a2d3244120aab2a12247d3930679ea45db16f80e
- SHA256
  
  116e89a276ed2ea060146a0b737c90666d4a64a71cc4369bcc427ee5d86c39e8
- SHA512
  
  c8e40b4b3a3c1a02c55de62f167a2c5e3b5197f3daf403158356ad6cb41510348b7e20777f3de110746ffcbe4b15aa2632f4d5f898467a0c05948d6a63a3a8d8
- SSDEEP
  
  49152:0JWu0kCiSbSjQC3G3FbERkk8EWo8Q3mXX:0c6S+QZERkktiX
Score

10^/10

soumnibot banker defense_evasion evasion infostealer trojan
- Android SoumniBot payload
- SoumniBot
  SoumniBot is an Android banking trojan first seen in April 2024.
  trojan infostealer banker soumnibot
- Soumnibot family
  soumnibot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  defense_evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

soumnibotbankerdefense_evasionevasioninfostealertrojan

© 2018-2025

Terms | Privacy