General

  • Target

    902e9b686a4db8d80e2972be78a8d351_JaffaCakes118

  • Size

    2.6MB

  • Sample

    240603-cba93sgd94

  • MD5

    902e9b686a4db8d80e2972be78a8d351

  • SHA1

    5f03068e39ddf01ccbac9c014aa1a40facd3b85a

  • SHA256

    19cd4a8a379dda8824ed8e1951a7c94fdfc387f7e6cc4da884478c83062df066

  • SHA512

    002e9a5d8b8104d6297c713ff17e7c687d28d0d82ed1e4e0408e3f142588bc289e0ae163b696804c864f6f9aea3090f904e09429d72886918211a1488162463a

  • SSDEEP

    49152:E74Zy6GXTwMqAp9aN1yuKYYSTzOBqPnsiWesUBwmT870zFOeO3JeMB1g/kc:E74Zy6GXN9aH3KVSjPnsiWesQgC11MQV

Malware Config

Targets

    • Target

      902e9b686a4db8d80e2972be78a8d351_JaffaCakes118

    • Size

      2.6MB

    • MD5

      902e9b686a4db8d80e2972be78a8d351

    • SHA1

      5f03068e39ddf01ccbac9c014aa1a40facd3b85a

    • SHA256

      19cd4a8a379dda8824ed8e1951a7c94fdfc387f7e6cc4da884478c83062df066

    • SHA512

      002e9a5d8b8104d6297c713ff17e7c687d28d0d82ed1e4e0408e3f142588bc289e0ae163b696804c864f6f9aea3090f904e09429d72886918211a1488162463a

    • SSDEEP

      49152:E74Zy6GXTwMqAp9aN1yuKYYSTzOBqPnsiWesUBwmT870zFOeO3JeMB1g/kc:E74Zy6GXN9aH3KVSjPnsiWesQgC11MQV

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks