soumnibot | e1d70c21d0371a2ea33e76d0f8ad29b33b28583950b92e9be99b80ece4fe1eb6[.]bin

General

Target

e1d70c21d0371a2ea33e76d0f8ad29b33b28583950b92e9be99b80ece4fe1eb6.bin
Size

2.5MB
MD5

09a3cd65189b7ab4efce63bb626f6da3
SHA1

181b84a754fd545fc4ea15920f8027198fe17187
SHA256

e1d70c21d0371a2ea33e76d0f8ad29b33b28583950b92e9be99b80ece4fe1eb6
SHA512

5d43351a756022b0963962dfbe705b0037b17a1d24b075856d0896186036f8d27e4e7c283d74247afbc5954caec7d666565cabbc132eb6487ebaf2c584d76fb9
SSDEEP

49152:6JWu0iLqnzJgX3gP7yCCnt/2MZnz1HIaGQdEeF8ZruaFDABfHZgZ:6c5zVzyxt/2snz2pQdpKZIH+Z

Score

10^/10

soumnibot

Malware Config

Signatures

Android SoumniBot payload 1 IoCs

resource	yara_rule
sample	family_soumnibot

Soumnibot family
soumnibot

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows applications to use exact alarm APIs.	android.permission.SCHEDULE_EXACT_ALARM

Files

e1d70c21d0371a2ea33e76d0f8ad29b33b28583950b92e9be99b80ece4fe1eb6.bin
.apk android arch:arm64

com.kero.slimming

com.kero.slimming.ui.SplashActivity

Activities

com.kero.slimming.ui.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.READ_CONTACTS
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.FOREGROUND_SERVICE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.ACCESS_NOTIFICATION_POLICY
android.permission.QUERY_ALL_PACKAGES
android.permission.SCHEDULE_EXACT_ALARM

Receivers

com.kero.slimming.receiver.BootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.PACKAGE_ADDED

com.kero.slimming.receiver.AlarmReceiver

android.intent.action.MAIN

Services

Android Permissions

e1d70c21d0371a2ea33e76d0f8ad29b33b28583950b92e9be99b80ece4fe1eb6.bin

Permissions

android.permission.READ_SMS

android.permission.SEND_SMS

android.permission.READ_CONTACTS

android.permission.READ_PHONE_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.FOREGROUND_SERVICE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WAKE_LOCK

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.ACCESS_NOTIFICATION_POLICY

android.permission.QUERY_ALL_PACKAGES

android.permission.SCHEDULE_EXACT_ALARM

Sharing

General

Malware Config

Signatures

Files

com.kero.slimming

com.kero.slimming.ui.SplashActivity

Activities

com.kero.slimming.ui.SplashActivity

Permissions

Receivers

com.kero.slimming.receiver.BootReceiver

com.kero.slimming.receiver.AlarmReceiver

Services

Android Permissions

e1d70c21d0371a2ea33e76d0f8ad29b33b28583950b92e9be99b80ece4fe1eb6.bin

We care about your privacy.