soumnibot | a60b30fe8240bb2e381565555ad8104f919e5b1fa7eeca1654cb560a048b2721 | Triage

Sharing

General

Target

a60b30fe8240bb2e381565555ad8104f919e5b1fa7eeca1654cb560a048b2721.bin
Size

2.6MB
Sample

240521-1yhjnsbg7s
MD5

bea6ed0da7d5a75846a72ee35e8e2cff
SHA1

a4e4bf442764983540aff8a41f9f3b54be9445dd
SHA256

a60b30fe8240bb2e381565555ad8104f919e5b1fa7eeca1654cb560a048b2721
SHA512

8f43ec2d7295c61488c72d866c88d30a7629d68e80aaad659607cfa98bb043766a527367be8d15e906530923ad14340a0a64d4c7a50c9d82f18c5b66be09476a
SSDEEP

49152:XZxJDcHiuOVHCluqTpQ4GDjrB90EjBLX2sRQewO396bEGZT1y9K/bHqCdYDN4tz/:XZxlI5OVisDjrBmEj1X2seewO3961T1P

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  a60b30fe8240bb2e381565555ad8104f919e5b1fa7eeca1654cb560a048b2721.bin
- Size
  
  2.6MB
- MD5
  
  bea6ed0da7d5a75846a72ee35e8e2cff
- SHA1
  
  a4e4bf442764983540aff8a41f9f3b54be9445dd
- SHA256
  
  a60b30fe8240bb2e381565555ad8104f919e5b1fa7eeca1654cb560a048b2721
- SHA512
  
  8f43ec2d7295c61488c72d866c88d30a7629d68e80aaad659607cfa98bb043766a527367be8d15e906530923ad14340a0a64d4c7a50c9d82f18c5b66be09476a
- SSDEEP
  
  49152:XZxJDcHiuOVHCluqTpQ4GDjrB90EjBLX2sRQewO396bEGZT1y9K/bHqCdYDN4tz/:XZxlI5OVisDjrBmEj1X2seewO3961T1P
Score

7^/10

discovery evasion persistence
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence