soumnibot | b40677960a502ad6fd49c80a32af068e1cd99a0b64cbc7eab30ad80466ea3821 | Triage

Sharing

General

Target

b40677960a502ad6fd49c80a32af068e1cd99a0b64cbc7eab30ad80466ea3821.bin
Size

2.2MB
Sample

240521-1xdjbsbg3s
MD5

ba10592d0221435596912c97f6947ca4
SHA1

10a63661ad743a25e5dce2e0a8549abbca2615fc
SHA256

b40677960a502ad6fd49c80a32af068e1cd99a0b64cbc7eab30ad80466ea3821
SHA512

4ea2f322513a8c902919df5b9b650d78b0faf80a7af4defe1f85c848ffb6cf143ed637293252a2e3a28383011526db1c44e5e7da06c162a06a84de2ea0e4897a
SSDEEP

49152:O8xPNZB8O1Qpw5BrDXj071d12Hdaf1sQNGgXBHjrrmoZfD:FxPN731YwLj0Zb2Yf1ljrrm2L

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  b40677960a502ad6fd49c80a32af068e1cd99a0b64cbc7eab30ad80466ea3821.bin
- Size
  
  2.2MB
- MD5
  
  ba10592d0221435596912c97f6947ca4
- SHA1
  
  10a63661ad743a25e5dce2e0a8549abbca2615fc
- SHA256
  
  b40677960a502ad6fd49c80a32af068e1cd99a0b64cbc7eab30ad80466ea3821
- SHA512
  
  4ea2f322513a8c902919df5b9b650d78b0faf80a7af4defe1f85c848ffb6cf143ed637293252a2e3a28383011526db1c44e5e7da06c162a06a84de2ea0e4897a
- SSDEEP
  
  49152:O8xPNZB8O1Qpw5BrDXj071d12Hdaf1sQNGgXBHjrrmoZfD:FxPN731YwLj0Zb2Yf1ljrrm2L
Score

7^/10

discovery evasion persistence
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence