soumnibot | 80e4e816e1b0236e8b431b6586768e0a2be741a45850435575f9f30925a1adc8 | Triage

Sharing

General

Target

80e4e816e1b0236e8b431b6586768e0a2be741a45850435575f9f30925a1adc8.bin
Size

4.0MB
Sample

241012-1x6j4sxhkn
MD5

e8eedd5a5377a2f4f59bdb586042c508
SHA1

b9a11a3ef9517e8670538a1cf036bbe020961f5a
SHA256

80e4e816e1b0236e8b431b6586768e0a2be741a45850435575f9f30925a1adc8
SHA512

1402fe6abe3d39fd961866a90bafa16de8765582039ddc50f19dd8a922bc4e7c859e85c1bd33886e930e7d7bf877f0179a440991d5c91034103c430c0b352a4e
SSDEEP

98304:2qYg6sA2kZye3PgcE39b2gQlmLDOLqSm3nEPF1ljrro:25nsnkQy3lmLDOLq92F1e

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  80e4e816e1b0236e8b431b6586768e0a2be741a45850435575f9f30925a1adc8.bin
- Size
  
  4.0MB
- MD5
  
  e8eedd5a5377a2f4f59bdb586042c508
- SHA1
  
  b9a11a3ef9517e8670538a1cf036bbe020961f5a
- SHA256
  
  80e4e816e1b0236e8b431b6586768e0a2be741a45850435575f9f30925a1adc8
- SHA512
  
  1402fe6abe3d39fd961866a90bafa16de8765582039ddc50f19dd8a922bc4e7c859e85c1bd33886e930e7d7bf877f0179a440991d5c91034103c430c0b352a4e
- SSDEEP
  
  98304:2qYg6sA2kZye3PgcE39b2gQlmLDOLqSm3nEPF1ljrro:25nsnkQy3lmLDOLq92F1e
Score

6^/10

discovery evasion persistence
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasion