9608cc361b5b46a51f315bacfc959d2e3b8b9290669e2627d28326c30ac27f30

General

Target

6e7d07d39d6cec8b94c1554612fe7348_JaffaCakes118
Size

26.1MB
Sample

240524-pfnr7aae7t
MD5

6e7d07d39d6cec8b94c1554612fe7348
SHA1

440d643a6230a6e4029d81273f88da7fcc4f45b9
SHA256

9608cc361b5b46a51f315bacfc959d2e3b8b9290669e2627d28326c30ac27f30
SHA512

35c1225f93718b5a179e2510fa8231a3ace4ec7715e106a522414a17aaf77d457eeae78fe76da6664dd3ac25f63baedf727bcc0a18177e1df45c153dc212c91b
SSDEEP

786432:55Jc6nsTFdASRMZk1qok6PAP5d5/wTX/iXqh:pcbdASRoh5d5wTV

Score

8^/10

Malware Config

Targets

- Target
  
  6e7d07d39d6cec8b94c1554612fe7348_JaffaCakes118
- Size
  
  26.1MB
- MD5
  
  6e7d07d39d6cec8b94c1554612fe7348
- SHA1
  
  440d643a6230a6e4029d81273f88da7fcc4f45b9
- SHA256
  
  9608cc361b5b46a51f315bacfc959d2e3b8b9290669e2627d28326c30ac27f30
- SHA512
  
  35c1225f93718b5a179e2510fa8231a3ace4ec7715e106a522414a17aaf77d457eeae78fe76da6664dd3ac25f63baedf727bcc0a18177e1df45c153dc212c91b
- SSDEEP
  
  786432:55Jc6nsTFdASRMZk1qok6PAP5d5/wTX/iXqh:pcbdASRoh5d5wTV
Score

8^/10

collection discovery evasion impact persistence
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2
- Target
  
  autonavi_Resource1_1_0.png
- Size
  
  318KB
- MD5
  
  ba63c2effb3dc142c4741a94b11a0b8e
- SHA1
  
  836c9a2ea7113003fd4bcc9af3bfb1f77b36a568
- SHA256
  
  1ddc70654b3299ccd2d59a7b9d0b687eb59d3c3db524a4b7ba5f7e572ef56377
- SHA512
  
  c633c9e0fcad129ba2aa5279e4cff96a6520f51b6f5240ab6a06f9b8ef85541746cabce4836ed57cfa43b1d0412b6d099fa9a75904157de4225bed7f661ec5c0
- SSDEEP
  
  6144:RpoNJGrdQSHWEGSLHBRzu6qCpLWb0P2tC78/DYDGyXGMlXY4Q6w0:RpoNJGhvhlzu6qIP2tyzGyXGMlo4Q6w0
Score

1^/10
behavioral3 behavioral4 behavioral5

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Requests cell location

Checks CPU information

Queries information about the current Wi-Fi connection

Queries information about the current nearby Wi-Fi networks

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5