soumnibot | 652e821b52893d6f9ac0b01f9337738b85250c4dc2453f58d5f77e4e1d49ecf6 | Triage

Sharing

General

Target

652e821b52893d6f9ac0b01f9337738b85250c4dc2453f58d5f77e4e1d49ecf6.bin
Size

3.1MB
Sample

240718-11yzfasarc
MD5

748dfac75c6aac885e115672b0afb428
SHA1

6c1b99d1994e67bace362b5f3fdb6cb05e4ab0b2
SHA256

652e821b52893d6f9ac0b01f9337738b85250c4dc2453f58d5f77e4e1d49ecf6
SHA512

b55a0413bd99c512aaa8ca02b738a957679292687ffa25fa78279eefb863e2cd885c2dea8425ebc4e2af00b8c274561efb6c6bc985e88471db82ce8388fdae30
SSDEEP

49152:VE1EjME/JfaTpQ4hDjrBHtldrxl7r3+zYdq/eMJ41tpK10yDCBoAez1SlygKLy:gEjME/MDjrBxrxl7r3FU/eMJWpF6/vG

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  652e821b52893d6f9ac0b01f9337738b85250c4dc2453f58d5f77e4e1d49ecf6.bin
- Size
  
  3.1MB
- MD5
  
  748dfac75c6aac885e115672b0afb428
- SHA1
  
  6c1b99d1994e67bace362b5f3fdb6cb05e4ab0b2
- SHA256
  
  652e821b52893d6f9ac0b01f9337738b85250c4dc2453f58d5f77e4e1d49ecf6
- SHA512
  
  b55a0413bd99c512aaa8ca02b738a957679292687ffa25fa78279eefb863e2cd885c2dea8425ebc4e2af00b8c274561efb6c6bc985e88471db82ce8388fdae30
- SSDEEP
  
  49152:VE1EjME/JfaTpQ4hDjrBHtldrxl7r3+zYdq/eMJ41tpK10yDCBoAez1SlygKLy:gEjME/MDjrBxrxl7r3FU/eMJWpF6/vG
Score

6^/10

discovery evasion persistence
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence