soumnibot | 8c1896d5cae8e34531ec1b6131d3d1b47c627c9f8cb44c23e5084cce32a182ae | Triage

Sharing

General

Target

8c1896d5cae8e34531ec1b6131d3d1b47c627c9f8cb44c23e5084cce32a182ae.bin
Size

4.2MB
Sample

240619-bg6gqsvfjn
MD5

6bd255cbbb21f0aa3427e21f936ba94c
SHA1

87e8437845c87c5ee376b61c0a68cf2d8951bbfa
SHA256

8c1896d5cae8e34531ec1b6131d3d1b47c627c9f8cb44c23e5084cce32a182ae
SHA512

f64f477293619e5c101e03dd65d8f176860d55c83b01fe3fd6eb189e6bbfed724bcd546c7d477d8f03601ca1e9e3d2b6997e4eeefa954e2eb703656660415528
SSDEEP

98304:g3HUeQpXlJPDYs9ctiCnE0BHTPxeSim5uen1+7b2kHm6OD:geDssStiuE0ZNHian1+qh

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  8c1896d5cae8e34531ec1b6131d3d1b47c627c9f8cb44c23e5084cce32a182ae.bin
- Size
  
  4.2MB
- MD5
  
  6bd255cbbb21f0aa3427e21f936ba94c
- SHA1
  
  87e8437845c87c5ee376b61c0a68cf2d8951bbfa
- SHA256
  
  8c1896d5cae8e34531ec1b6131d3d1b47c627c9f8cb44c23e5084cce32a182ae
- SHA512
  
  f64f477293619e5c101e03dd65d8f176860d55c83b01fe3fd6eb189e6bbfed724bcd546c7d477d8f03601ca1e9e3d2b6997e4eeefa954e2eb703656660415528
- SSDEEP
  
  98304:g3HUeQpXlJPDYs9ctiCnE0BHTPxeSim5uen1+7b2kHm6OD:geDssStiuE0ZNHian1+qh
Score

8^/10

discovery evasion persistence
- Checks if the Android device is rooted.
  evasion
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence