soumnibot | fa2b9a5ffb90f0ef7dba72bde9c97a85b34f99a8875387483d8b9dc4a768df46 | Triage

Sharing

General

Target

fa2b9a5ffb90f0ef7dba72bde9c97a85b34f99a8875387483d8b9dc4a768df46.bin
Size

4.8MB
Sample

240801-12ft9aydlm
MD5

263282ae6bb9e3f5a0202b896f231506
SHA1

ce953a6cb0baf40454be94257e5f61ff8935c5fb
SHA256

fa2b9a5ffb90f0ef7dba72bde9c97a85b34f99a8875387483d8b9dc4a768df46
SHA512

0776e5672b97f87a707952cc56008f6ad78888b45e30a542b9332b24076bebb402492924bfe1227629c73248b167449e7a9a8e5069a6621242b9ef54a54b459c
SSDEEP

98304:10YlVjrBbQMO8O2KGUJEeVa5loxWL6NCQ7Srlb28E2IH:aYlkn2sVFxOQ2NE2IH

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  fa2b9a5ffb90f0ef7dba72bde9c97a85b34f99a8875387483d8b9dc4a768df46.bin
- Size
  
  4.8MB
- MD5
  
  263282ae6bb9e3f5a0202b896f231506
- SHA1
  
  ce953a6cb0baf40454be94257e5f61ff8935c5fb
- SHA256
  
  fa2b9a5ffb90f0ef7dba72bde9c97a85b34f99a8875387483d8b9dc4a768df46
- SHA512
  
  0776e5672b97f87a707952cc56008f6ad78888b45e30a542b9332b24076bebb402492924bfe1227629c73248b167449e7a9a8e5069a6621242b9ef54a54b459c
- SSDEEP
  
  98304:10YlVjrBbQMO8O2KGUJEeVa5loxWL6NCQ7Srlb28E2IH:aYlkn2sVFxOQ2NE2IH
Score

6^/10

discovery evasion persistence
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence