soumnibot | b96a372560290cb0c1f4b0781fe1b7959c041cac8aed4aaeef7875f70213fd70 | Triage

Sharing

General

Target

b96a372560290cb0c1f4b0781fe1b7959c041cac8aed4aaeef7875f70213fd70.bin
Size

2.6MB
Sample

240521-1ydwgsbg95
MD5

4a93e1e62d0f13da696e7ad90aef2e5d
SHA1

1908fff3ff3fdbef3c7bc2ec22e68c72fbeb5633
SHA256

b96a372560290cb0c1f4b0781fe1b7959c041cac8aed4aaeef7875f70213fd70
SHA512

fc2ce883c431799603573b8296f1cdaad6e4d38e11a9f3ec585bf1ada5ef203f8d87215d734fc0e61ca9dd5b2d2b84be16f3a51bf85801ed98246f8106f81507
SSDEEP

49152:XZx/F5cHiuOVHClugTpQ4GDjrB90EjChXjvCTYXN920N7DsOOsS:XZxN5I5OVi6DjrBmEjChTCTYXb2rOc

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  b96a372560290cb0c1f4b0781fe1b7959c041cac8aed4aaeef7875f70213fd70.bin
- Size
  
  2.6MB
- MD5
  
  4a93e1e62d0f13da696e7ad90aef2e5d
- SHA1
  
  1908fff3ff3fdbef3c7bc2ec22e68c72fbeb5633
- SHA256
  
  b96a372560290cb0c1f4b0781fe1b7959c041cac8aed4aaeef7875f70213fd70
- SHA512
  
  fc2ce883c431799603573b8296f1cdaad6e4d38e11a9f3ec585bf1ada5ef203f8d87215d734fc0e61ca9dd5b2d2b84be16f3a51bf85801ed98246f8106f81507
- SSDEEP
  
  49152:XZx/F5cHiuOVHClugTpQ4GDjrB90EjChXjvCTYXN920N7DsOOsS:XZxN5I5OVi6DjrBmEjChTCTYXb2rOc
Score

7^/10

discovery evasion persistence
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence