soumnibot | 09b1e81ad99ebd62dbab27ddb11bf06e2fa6171e7fc843045b5519f1ca6c90a7 | Triage

Sharing

General

Target

09b1e81ad99ebd62dbab27ddb11bf06e2fa6171e7fc843045b5519f1ca6c90a7.bin
Size

2.6MB
Sample

240521-1ykzssbg7v
MD5

50e908b4ca350294cbd5755042d3c8d1
SHA1

7e262e90203852cc0b4564816f5f3a26198a4472
SHA256

09b1e81ad99ebd62dbab27ddb11bf06e2fa6171e7fc843045b5519f1ca6c90a7
SHA512

e12fc739cc68fbb7aec03481f511e20a3a403cc5432f59d3590d69a06e105a99160d92f08da4af02d7fcf4d3e5063922cbd1f881c920125fa8e00fbe8df2c0f5
SSDEEP

49152:XZxl7QcHiuOVHCluSTpQ4qDjrBh0Ej3+wqpITZtPzVJ2awEZh:XZxqI5OVikDjrBaEj3HqpaZRb

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  09b1e81ad99ebd62dbab27ddb11bf06e2fa6171e7fc843045b5519f1ca6c90a7.bin
- Size
  
  2.6MB
- MD5
  
  50e908b4ca350294cbd5755042d3c8d1
- SHA1
  
  7e262e90203852cc0b4564816f5f3a26198a4472
- SHA256
  
  09b1e81ad99ebd62dbab27ddb11bf06e2fa6171e7fc843045b5519f1ca6c90a7
- SHA512
  
  e12fc739cc68fbb7aec03481f511e20a3a403cc5432f59d3590d69a06e105a99160d92f08da4af02d7fcf4d3e5063922cbd1f881c920125fa8e00fbe8df2c0f5
- SSDEEP
  
  49152:XZxl7QcHiuOVHCluSTpQ4qDjrBh0Ej3+wqpITZtPzVJ2awEZh:XZxqI5OVikDjrBaEj3HqpaZRb
Score

7^/10

discovery evasion persistence
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence