soumnibot | 715110b4e3b9c94c778add99b7e83ce43cc98ea98fe3c08f88fb3550352e40b8 | Triage

Sharing

General

Target

715110b4e3b9c94c778add99b7e83ce43cc98ea98fe3c08f88fb3550352e40b8.bin
Size

2.6MB
Sample

240614-a92tksycpd
MD5

8fb643cec025486e16b152936136f0f8
SHA1

3631351169178ab10f8f54e42bc34f7b26fa78d3
SHA256

715110b4e3b9c94c778add99b7e83ce43cc98ea98fe3c08f88fb3550352e40b8
SHA512

e14ab8f3a8f9ae1cb32c0d9cee6c3bed7e1ecf82c06aaa4916076d7a6546f7e89ea70766a833774e250c1cbc8b655de5013e2283a1e6604a392b750fc46552c9
SSDEEP

49152:XZxXcHiOVHClutTpQ4GDjrBh0EjUANcb8KEpQbSaqkj9LukQfUZNZeVDlzSWITbX:XZxXIlVinDjrBaEjUqcb8pQbSadukQfC

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  715110b4e3b9c94c778add99b7e83ce43cc98ea98fe3c08f88fb3550352e40b8.bin
- Size
  
  2.6MB
- MD5
  
  8fb643cec025486e16b152936136f0f8
- SHA1
  
  3631351169178ab10f8f54e42bc34f7b26fa78d3
- SHA256
  
  715110b4e3b9c94c778add99b7e83ce43cc98ea98fe3c08f88fb3550352e40b8
- SHA512
  
  e14ab8f3a8f9ae1cb32c0d9cee6c3bed7e1ecf82c06aaa4916076d7a6546f7e89ea70766a833774e250c1cbc8b655de5013e2283a1e6604a392b750fc46552c9
- SSDEEP
  
  49152:XZxXcHiOVHClutTpQ4GDjrBh0EjUANcb8KEpQbSaqkj9LukQfUZNZeVDlzSWITbX:XZxXIlVinDjrBaEjUqcb8pQbSadukQfC
Score

6^/10

discovery evasion persistence
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence