General

  • Target

    954f3a76ab15b0f27d675e1698df5294_JaffaCakes118

  • Size

    23.7MB

  • Sample

    240604-sjxfaabb5t

  • MD5

    954f3a76ab15b0f27d675e1698df5294

  • SHA1

    9c43234d90fbe7390bd541f65d2a6d0c252f0e05

  • SHA256

    577fb3f44cb0cda537fa27ac8d78613d0b322e77edee57676e37089fc505b729

  • SHA512

    587fcf126aa2a26c31d7d9ff20b76eb2a003c20354054ee34db368c9fbf7eeacc672c86add991aae594d2cf5740b3a095a7d94ba861e846bbe3fe22858011f5d

  • SSDEEP

    393216:brRMolejxKv0rGRlCp1pnb2XghcmTtyFHIfP6HTQTlTdVcD/mjosGwvCMkhgVuC3:RMoEjI0QO1Rb2X1mhvSHTclTdVhdJvgo

Malware Config

Targets

    • Target

      954f3a76ab15b0f27d675e1698df5294_JaffaCakes118

    • Size

      23.7MB

    • MD5

      954f3a76ab15b0f27d675e1698df5294

    • SHA1

      9c43234d90fbe7390bd541f65d2a6d0c252f0e05

    • SHA256

      577fb3f44cb0cda537fa27ac8d78613d0b322e77edee57676e37089fc505b729

    • SHA512

      587fcf126aa2a26c31d7d9ff20b76eb2a003c20354054ee34db368c9fbf7eeacc672c86add991aae594d2cf5740b3a095a7d94ba861e846bbe3fe22858011f5d

    • SSDEEP

      393216:brRMolejxKv0rGRlCp1pnb2XghcmTtyFHIfP6HTQTlTdVcD/mjosGwvCMkhgVuC3:RMoEjI0QO1Rb2X1mhvSHTclTdVhdJvgo

    • Checks if the Android device is rooted.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

    • Checks the presence of a debugger

MITRE ATT&CK Mobile v15

Tasks