7651c5ab6864ab4357926f207455af713d38227da512b06a47bd50ea3da6e1b2

General

Target

6d70fe50070dc1f08415b602c80a0068_JaffaCakes118
Size

21.2MB
Sample

240524-fxa3zseg6y
MD5

6d70fe50070dc1f08415b602c80a0068
SHA1

baea5bea537683fe1a4520faac8feda156066ddc
SHA256

7651c5ab6864ab4357926f207455af713d38227da512b06a47bd50ea3da6e1b2
SHA512

b1f64d02e7ec1dac477f864c16cf378e1551c1ad73b9b25556c856edfeb081a88bf1e27d0b0adb93998273515a259e0a6bd0a1d9686fa78bef37c161383cc065
SSDEEP

393216:ecqxG/A6qlDeL15HKxepsidzd/7QBDnBMdxYbJMHlRJbbXz9+GYitK9LZ7gftYMM:eL4/lqlCLbHKyZlQnBMdx3SitKtZUFpM

Score

8^/10

Malware Config

Targets

- Target
  
  6d70fe50070dc1f08415b602c80a0068_JaffaCakes118
- Size
  
  21.2MB
- MD5
  
  6d70fe50070dc1f08415b602c80a0068
- SHA1
  
  baea5bea537683fe1a4520faac8feda156066ddc
- SHA256
  
  7651c5ab6864ab4357926f207455af713d38227da512b06a47bd50ea3da6e1b2
- SHA512
  
  b1f64d02e7ec1dac477f864c16cf378e1551c1ad73b9b25556c856edfeb081a88bf1e27d0b0adb93998273515a259e0a6bd0a1d9686fa78bef37c161383cc065
- SSDEEP
  
  393216:ecqxG/A6qlDeL15HKxepsidzd/7QBDnBMdxYbJMHlRJbbXz9+GYitK9LZ7gftYMM:eL4/lqlCLbHKyZlQnBMdx3SitKtZUFpM
Score

8^/10

collection discovery evasion persistence
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
- Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
- Reads information about phone network operator.
  discovery
behavioral1
- Target
  
  TenpayService.apk
- Size
  
  399KB
- MD5
  
  10b4d789022126e4589dd34b7fe11a67
- SHA1
  
  a0bedf14d71fc816499430dfa79db031be08eb39
- SHA256
  
  7ef6e3a5e031c1aead31bbf9894dcb60b2e933f70e4bd4a64bb4d21276124dd5
- SHA512
  
  fe9ba10edecd7513ad61b7083fd3fb416f1e6bf3c8e6e1a7eec6732b50511fefa2d98c453dd1ca09b93df0137f0c45afc08aff58596e917b9525f65a1dc600f1
- SSDEEP
  
  6144:prPstiZvbtrEsy7vpESAZEXoGaSp9HYFGD0Wk6fc6cnCvsrVnEvSM6Y6:NPstiFVEs+vtGE4kp9rYR6hmwWVQ67
Score

1^/10
behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Requests cell location

Checks CPU information

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Registers a broadcast receiver at runtime (usually for listening for system events)

Acquires the wake lock

Checks if the internet connection is available

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2