General
-
Target
8f26478b0be3bff11b0044eb3972ff56_JaffaCakes118
-
Size
13.7MB
-
Sample
240602-x39beacc2z
-
MD5
8f26478b0be3bff11b0044eb3972ff56
-
SHA1
8a728e061434a50bb59388fcfef8784caea0d744
-
SHA256
2fd8269ddb71c8c748926d83cee1a0a63bb01a76af63915430a73711dc8f78cc
-
SHA512
c1d78c0173dcaaae0ca1e3dfe2018454b6bfb1fadbf5e0b56bf7fdebfccb6a44613e2a03eba3919649d67a59091f2127d4d75f0f9c17750fbae8659d1433fe3c
-
SSDEEP
393216:AzQheW3kNd2VDIxIPmFFTJ2FfIviHI+WIviHBJPnSyYM:aQheW3k8DpAF0GUI+3ULSxM
Malware Config
Targets
-
-
Target
8f26478b0be3bff11b0044eb3972ff56_JaffaCakes118
-
Size
13.7MB
-
MD5
8f26478b0be3bff11b0044eb3972ff56
-
SHA1
8a728e061434a50bb59388fcfef8784caea0d744
-
SHA256
2fd8269ddb71c8c748926d83cee1a0a63bb01a76af63915430a73711dc8f78cc
-
SHA512
c1d78c0173dcaaae0ca1e3dfe2018454b6bfb1fadbf5e0b56bf7fdebfccb6a44613e2a03eba3919649d67a59091f2127d4d75f0f9c17750fbae8659d1433fe3c
-
SSDEEP
393216:AzQheW3kNd2VDIxIPmFFTJ2FfIviHI+WIviHBJPnSyYM:aQheW3k8DpAF0GUI+3ULSxM
Score8/10-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
1System Checks
1