soumnibot | 8e9dbd69a862ccd2cf748e010f7f87a906ec0fa31968a6c69f2e57c1229db74c | Triage

Sharing

General

Target

8e9dbd69a862ccd2cf748e010f7f87a906ec0fa31968a6c69f2e57c1229db74c.bin
Size

2.6MB
Sample

240909-1ywrasvbld
MD5

01c26723742847518cea95f040c69bf7
SHA1

b210590b58aed1950bcfd5e66673c3690ac9620f
SHA256

8e9dbd69a862ccd2cf748e010f7f87a906ec0fa31968a6c69f2e57c1229db74c
SHA512

ee2a08c2107e68b11204eeebc9612894cec008f36408c49aedbc52149b29f5a9178f88f5fbde4e98530e83ea865912aa6981a7c1522c7bed011a278b84283f95
SSDEEP

49152:XZxdEcYcHiOVHCluLTpQ4CDjrB90EjL/heLeyU+FA/s+CPJ6qO7fR:XZxKcYIlVilDjrBmEjL/MLVvA/7u2

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  8e9dbd69a862ccd2cf748e010f7f87a906ec0fa31968a6c69f2e57c1229db74c.bin
- Size
  
  2.6MB
- MD5
  
  01c26723742847518cea95f040c69bf7
- SHA1
  
  b210590b58aed1950bcfd5e66673c3690ac9620f
- SHA256
  
  8e9dbd69a862ccd2cf748e010f7f87a906ec0fa31968a6c69f2e57c1229db74c
- SHA512
  
  ee2a08c2107e68b11204eeebc9612894cec008f36408c49aedbc52149b29f5a9178f88f5fbde4e98530e83ea865912aa6981a7c1522c7bed011a278b84283f95
- SSDEEP
  
  49152:XZxdEcYcHiOVHCluLTpQ4CDjrB90EjL/heLeyU+FA/s+CPJ6qO7fR:XZxKcYIlVilDjrBmEjL/MLVvA/7u2
Score

6^/10

discovery evasion persistence
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence