General

  • Target

    98371ddaabc05b7c0d739469c645edc0_JaffaCakes118

  • Size

    14.7MB

  • Sample

    240605-p31p9sgf87

  • MD5

    98371ddaabc05b7c0d739469c645edc0

  • SHA1

    25eb448807521079ef5e9a047b235fe74ba02adf

  • SHA256

    c016d88d31e575a67042c8d7f0974f933ae1701fa5091aa2066ca34f2b895415

  • SHA512

    ec4bf0262fa03e244b134062202e22faec5728399b80d421d25b660d0e1297ba333788ecc5623d784be4116609c4367015ff895ef517f02fb66ae5a38bed1e5d

  • SSDEEP

    393216:6jNkcNsZ/gJ5jgy63fddrcWn6Ug9z3To3k/X1Gd:6jNktjnddYMAbTpvM

Malware Config

Targets

    • Target

      98371ddaabc05b7c0d739469c645edc0_JaffaCakes118

    • Size

      14.7MB

    • MD5

      98371ddaabc05b7c0d739469c645edc0

    • SHA1

      25eb448807521079ef5e9a047b235fe74ba02adf

    • SHA256

      c016d88d31e575a67042c8d7f0974f933ae1701fa5091aa2066ca34f2b895415

    • SHA512

      ec4bf0262fa03e244b134062202e22faec5728399b80d421d25b660d0e1297ba333788ecc5623d784be4116609c4367015ff895ef517f02fb66ae5a38bed1e5d

    • SSDEEP

      393216:6jNkcNsZ/gJ5jgy63fddrcWn6Ug9z3To3k/X1Gd:6jNktjnddYMAbTpvM

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

MITRE ATT&CK Mobile v15

Tasks