General

  • Target

    98123632453a06fdf5418df143ad8642_JaffaCakes118

  • Size

    13.6MB

  • Sample

    240605-nzf11sef31

  • MD5

    98123632453a06fdf5418df143ad8642

  • SHA1

    fded4c1873c24f29c9180847ed94dcab3f6afd4c

  • SHA256

    a36f7a3028a54e3edd5f670beb0835b36ed079240de2556a0bd11d8576f304c4

  • SHA512

    7507af18dd4cfbbf33328f03ecaefd752037fcd6fd98b8156640267794562dd69252192455d54c293490c63ce3cb09ffe220758f5b0d17243933542cffd29bf5

  • SSDEEP

    393216:DjuRKDhBE9lnXgkt0E3ApvHFl/i1F+CNGsvU:Djg8hO9lnXgk22AdHFlG5vU

Malware Config

Targets

    • Target

      98123632453a06fdf5418df143ad8642_JaffaCakes118

    • Size

      13.6MB

    • MD5

      98123632453a06fdf5418df143ad8642

    • SHA1

      fded4c1873c24f29c9180847ed94dcab3f6afd4c

    • SHA256

      a36f7a3028a54e3edd5f670beb0835b36ed079240de2556a0bd11d8576f304c4

    • SHA512

      7507af18dd4cfbbf33328f03ecaefd752037fcd6fd98b8156640267794562dd69252192455d54c293490c63ce3cb09ffe220758f5b0d17243933542cffd29bf5

    • SSDEEP

      393216:DjuRKDhBE9lnXgkt0E3ApvHFl/i1F+CNGsvU:Djg8hO9lnXgk22AdHFlG5vU

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks