soumnibot | 4fdf972e47f1fabbcbc87d073d7be70b7bd27136b7507ea20bd1050a5ae5394b | Triage

Sharing

General

Target

4fdf972e47f1fabbcbc87d073d7be70b7bd27136b7507ea20bd1050a5ae5394b.bin
Size

2.8MB
Sample

240906-1w89lszepj
MD5

7cb5ca3ae469a33d72209bdae69cf7d4
SHA1

9d47b6f38273e7c02f5dbc281a30979f353c84a9
SHA256

4fdf972e47f1fabbcbc87d073d7be70b7bd27136b7507ea20bd1050a5ae5394b
SHA512

8b978bdfa63efec9b586ccb5224c249cfaabd033c43d1cb9cfd560ff7d697375153bed168b6bf4d8a9158b7ed446f1f5be59c6e029e22a992f6a5a409fee89ce
SSDEEP

49152:XZxvcHiKBfQG0UTpQ4rUjrB/0Ej/AZM7TayG12XFZDZS/tyCJYIiEjER9hH42rpU:XZxvIFBIcUjrBcEjFuT12XFrS/QC6Iie

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  4fdf972e47f1fabbcbc87d073d7be70b7bd27136b7507ea20bd1050a5ae5394b.bin
- Size
  
  2.8MB
- MD5
  
  7cb5ca3ae469a33d72209bdae69cf7d4
- SHA1
  
  9d47b6f38273e7c02f5dbc281a30979f353c84a9
- SHA256
  
  4fdf972e47f1fabbcbc87d073d7be70b7bd27136b7507ea20bd1050a5ae5394b
- SHA512
  
  8b978bdfa63efec9b586ccb5224c249cfaabd033c43d1cb9cfd560ff7d697375153bed168b6bf4d8a9158b7ed446f1f5be59c6e029e22a992f6a5a409fee89ce
- SSDEEP
  
  49152:XZxvcHiKBfQG0UTpQ4rUjrB/0Ej/AZM7TayG12XFZDZS/tyCJYIiEjER9hH42rpU:XZxvIFBIcUjrBcEjFuT12XFrS/QC6Iie
Score

6^/10

discovery evasion persistence
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence