soumnibot | f7f263df801aae9e10506bccbda155d911131382ba93e7925dc987eb204d7478 | Triage

Sharing

General

Target

f7f263df801aae9e10506bccbda155d911131382ba93e7925dc987eb204d7478.bin
Size

2.6MB
Sample

240811-169ccs1elp
MD5

b15308050b2268034db7b94f7a2500bc
SHA1

ce49d757ca2c49c2191620e7def8be85aba786f1
SHA256

f7f263df801aae9e10506bccbda155d911131382ba93e7925dc987eb204d7478
SHA512

887f6a95e98706a2eb580b95b940e440587122c9758b9b7efab23338ed2364ea64ce8c982bf5ead356576338d47e20a946eaae41b8df645ae2f67fc58fac5cc2
SSDEEP

49152:XZxncHiOVHCluyTpQ4/DjrBh0EjMMac8y78er4PZH8GaKW5qoziBP/fmD3+/MJ:XZxnIlViJDjrBaEjMMac8yJOZcoWhzKC

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  f7f263df801aae9e10506bccbda155d911131382ba93e7925dc987eb204d7478.bin
- Size
  
  2.6MB
- MD5
  
  b15308050b2268034db7b94f7a2500bc
- SHA1
  
  ce49d757ca2c49c2191620e7def8be85aba786f1
- SHA256
  
  f7f263df801aae9e10506bccbda155d911131382ba93e7925dc987eb204d7478
- SHA512
  
  887f6a95e98706a2eb580b95b940e440587122c9758b9b7efab23338ed2364ea64ce8c982bf5ead356576338d47e20a946eaae41b8df645ae2f67fc58fac5cc2
- SSDEEP
  
  49152:XZxncHiOVHCluyTpQ4/DjrBh0EjMMac8y78er4PZH8GaKW5qoziBP/fmD3+/MJ:XZxnIlViJDjrBaEjMMac8yJOZcoWhzKC
Score

6^/10

discovery evasion persistence
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence