soumnibot | d8c1d0bcd06944aeaed495def021f601fe139cc6d4e7fadac141bb2eb0bd4ef8 | Triage

Sharing

General

Target

d8c1d0bcd06944aeaed495def021f601fe139cc6d4e7fadac141bb2eb0bd4ef8.bin
Size

3.1MB
Sample

240523-1xyjhaae7s
MD5

aca35af037467781a1f784bf67bef6c5
SHA1

4bcc1fcecaccf6add1134affab5be3cd19b6fb65
SHA256

d8c1d0bcd06944aeaed495def021f601fe139cc6d4e7fadac141bb2eb0bd4ef8
SHA512

402e4c36215018c5686b3ae5bc0eff5e893528fc057a5220650ebba2ba9d52a9733adc420aa7187aeda7f8e652a849bc8ce38d8380423c460c8fb14e86d72c34
SSDEEP

49152:VeHdrN1EjME/JfUTpQ4rDjrBH7L7r3+zYdq/eMJ41tpK10yDCBoAez1SlygKLc:49rPEjME/mDjrBX7r3FU/eMJWpF6/vA

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  d8c1d0bcd06944aeaed495def021f601fe139cc6d4e7fadac141bb2eb0bd4ef8.bin
- Size
  
  3.1MB
- MD5
  
  aca35af037467781a1f784bf67bef6c5
- SHA1
  
  4bcc1fcecaccf6add1134affab5be3cd19b6fb65
- SHA256
  
  d8c1d0bcd06944aeaed495def021f601fe139cc6d4e7fadac141bb2eb0bd4ef8
- SHA512
  
  402e4c36215018c5686b3ae5bc0eff5e893528fc057a5220650ebba2ba9d52a9733adc420aa7187aeda7f8e652a849bc8ce38d8380423c460c8fb14e86d72c34
- SSDEEP
  
  49152:VeHdrN1EjME/JfUTpQ4rDjrBH7L7r3+zYdq/eMJ41tpK10yDCBoAez1SlygKLc:49rPEjME/mDjrBX7r3FU/eMJWpF6/vA
Score

7^/10

discovery evasion persistence
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence