soumnibot | d261717413e4674c65ae7e9176757c2d2a5264da8017f10adcfb7f090bde53ca | Triage

Sharing

General

Target

d261717413e4674c65ae7e9176757c2d2a5264da8017f10adcfb7f090bde53ca.bin
Size

2.6MB
Sample

240621-ah38bstapg
MD5

9bd3c26f5acd942822985b71b013eb5b
SHA1

97a872ef553bef20f1ac5953c983e6650a9e6bd6
SHA256

d261717413e4674c65ae7e9176757c2d2a5264da8017f10adcfb7f090bde53ca
SHA512

dcd7acc837432cbccaadda57165df1ebf0416fa3df64d79389c6e9938977b3ddf39fd416044725db2bab9701e12e557a16d16fd002b2f8f4a5e072c7d6e3d95c
SSDEEP

49152:XZxQvcHiuOVHCluwTpQ4YDjrBh0EjAKjyZp3En19X7tp/cM2ob/p4QSOjccmo0xO:XZxQvI5OVicDjrBaEjgEnjX7rcM7SQSS

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  d261717413e4674c65ae7e9176757c2d2a5264da8017f10adcfb7f090bde53ca.bin
- Size
  
  2.6MB
- MD5
  
  9bd3c26f5acd942822985b71b013eb5b
- SHA1
  
  97a872ef553bef20f1ac5953c983e6650a9e6bd6
- SHA256
  
  d261717413e4674c65ae7e9176757c2d2a5264da8017f10adcfb7f090bde53ca
- SHA512
  
  dcd7acc837432cbccaadda57165df1ebf0416fa3df64d79389c6e9938977b3ddf39fd416044725db2bab9701e12e557a16d16fd002b2f8f4a5e072c7d6e3d95c
- SSDEEP
  
  49152:XZxQvcHiuOVHCluwTpQ4YDjrBh0EjAKjyZp3En19X7tp/cM2ob/p4QSOjccmo0xO:XZxQvI5OVicDjrBaEjgEnjX7rcM7SQSS
Score

6^/10

discovery evasion persistence
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence