soumnibot | 428ff7f4bdf625e57358056ae2521f60b9ebe86ce73669bfc06d1d501f30846d | Triage

Sharing

General

Target

428ff7f4bdf625e57358056ae2521f60b9ebe86ce73669bfc06d1d501f30846d.bin
Size

2.6MB
Sample

241113-12hzls1ajn
MD5

c7da92f29fdcc837c30ff8d13171bdb1
SHA1

d4422ddf9147885c2a2fe7e3bff48f4cae741dc4
SHA256

428ff7f4bdf625e57358056ae2521f60b9ebe86ce73669bfc06d1d501f30846d
SHA512

57c4bb22a03795703ee5aa71895f564d533ab6afa4bcedbfb2086b390e7b8dc78673f84b06303dfdd926b95131249824895457589a255094b7ad03600dd4e796
SSDEEP

49152:XZxWrcHiuOVHClumTpQ4IDjrBh0Ejb1RwP7UJiZd20P9kWoZ9d6pX5k/yZV:XZxWrI5OVi+DjrBaEjb1C7ZI0P9kWoIH

Score

10^/10

soumnibot android discovery evasion persistence

Malware Config

Targets

- Target
  
  428ff7f4bdf625e57358056ae2521f60b9ebe86ce73669bfc06d1d501f30846d.bin
- Size
  
  2.6MB
- MD5
  
  c7da92f29fdcc837c30ff8d13171bdb1
- SHA1
  
  d4422ddf9147885c2a2fe7e3bff48f4cae741dc4
- SHA256
  
  428ff7f4bdf625e57358056ae2521f60b9ebe86ce73669bfc06d1d501f30846d
- SHA512
  
  57c4bb22a03795703ee5aa71895f564d533ab6afa4bcedbfb2086b390e7b8dc78673f84b06303dfdd926b95131249824895457589a255094b7ad03600dd4e796
- SSDEEP
  
  49152:XZxWrcHiuOVHClumTpQ4IDjrBh0Ejb1RwP7UJiZd20P9kWoZ9d6pX5k/yZV:XZxWrI5OVi+DjrBaEjb1C7ZI0P9kWoIH
Score

6^/10

discovery evasion persistence
- Acquires the wake lock
- Queries information about active data network
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence