soumnibot | ae1e42d7d5c0f691e8817063c21bdcae6b532438baf7d319b6fd184c144b9977 | Triage

Sharing

General

Target

ae1e42d7d5c0f691e8817063c21bdcae6b532438baf7d319b6fd184c144b9977.bin
Size

2.6MB
Sample

240912-11774syarc
MD5

86cc1db7566117ff9920c17113a70f5b
SHA1

a7fda01e742159a1c96ad7835e5c00bac8664536
SHA256

ae1e42d7d5c0f691e8817063c21bdcae6b532438baf7d319b6fd184c144b9977
SHA512

a01cee7ee1a78270b56cb3f5d79862a72218f4069863f35461540aa638640ef655d6a6ab18de5554c2781a2673cffb3e9a482d4318807e3df92ccee26b8fe2ff
SSDEEP

49152:XZxPo+cHiuOVHCluVTpQ4NDjrBh0EjQfuKLyBcrr9TMPuNmDiWimUXMUywZF:XZxPo+I5OVisDjrBaEjQWeyBCTM2NmDK

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  ae1e42d7d5c0f691e8817063c21bdcae6b532438baf7d319b6fd184c144b9977.bin
- Size
  
  2.6MB
- MD5
  
  86cc1db7566117ff9920c17113a70f5b
- SHA1
  
  a7fda01e742159a1c96ad7835e5c00bac8664536
- SHA256
  
  ae1e42d7d5c0f691e8817063c21bdcae6b532438baf7d319b6fd184c144b9977
- SHA512
  
  a01cee7ee1a78270b56cb3f5d79862a72218f4069863f35461540aa638640ef655d6a6ab18de5554c2781a2673cffb3e9a482d4318807e3df92ccee26b8fe2ff
- SSDEEP
  
  49152:XZxPo+cHiuOVHCluVTpQ4NDjrBh0EjQfuKLyBcrr9TMPuNmDiWimUXMUywZF:XZxPo+I5OVisDjrBaEjQWeyBCTM2NmDK
Score

6^/10

discovery evasion persistence
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence