General
-
Target
6fb830bd4002ffda8461b4940692e412_JaffaCakes118
-
Size
17.7MB
-
Sample
240524-y2qncaaa55
-
MD5
6fb830bd4002ffda8461b4940692e412
-
SHA1
d928505ce3ff0417b497ceca446a7dee73a163c4
-
SHA256
35a4285fac00fd354674e12fd98380ec4cd9a23b15919185d00d1ca86c6cc558
-
SHA512
6c9b5a3d1442d8cf78d5ee0f44d759a2ab3435e6c2dd192d780b0d793e4e71441bb1dbda1b0e0ff1a162aa1831be7134ec304e5b4fc170a83a1f3402e0b2c5d0
-
SSDEEP
393216:pMx+TCmbI9+6r9eso9e53J9N/4kHM0k/R0nmP8UYccv1LYz87nb:pqhmbSjlo923J9N/VNo0mPPcvuz87nb
Malware Config
Targets
-
-
Target
6fb830bd4002ffda8461b4940692e412_JaffaCakes118
-
Size
17.7MB
-
MD5
6fb830bd4002ffda8461b4940692e412
-
SHA1
d928505ce3ff0417b497ceca446a7dee73a163c4
-
SHA256
35a4285fac00fd354674e12fd98380ec4cd9a23b15919185d00d1ca86c6cc558
-
SHA512
6c9b5a3d1442d8cf78d5ee0f44d759a2ab3435e6c2dd192d780b0d793e4e71441bb1dbda1b0e0ff1a162aa1831be7134ec304e5b4fc170a83a1f3402e0b2c5d0
-
SSDEEP
393216:pMx+TCmbI9+6r9eso9e53J9N/4kHM0k/R0nmP8UYccv1LYz87nb:pqhmbSjlo923J9N/VNo0mPPcvuz87nb
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Reads information about phone network operator.
-