General

  • Target

    994baec2cfe0477cd7ca8a1a1c2c4817_JaffaCakes118

  • Size

    11.4MB

  • Sample

    240605-z9343sag25

  • MD5

    994baec2cfe0477cd7ca8a1a1c2c4817

  • SHA1

    1c59a2945e50f1485d2d79fb720699565e991044

  • SHA256

    4ec28e96b91666c9621996f7a3534c2b8b505b834189468142f1638f96678210

  • SHA512

    2a3a8460e4e52e7fe74b73563af64aa55cf9c94094215a78a4d8860c5f1008bda3150d5feab64af7e305db20d501370bd55d0015a0e848bebe0a11ed38f9f80c

  • SSDEEP

    196608:geAvHX00VxsCjq+pkFWoG6S5uqNPBB8nzNfjvd/qemTo8z8QmXaK8K+W3og7ZZE3:geEoGjuqNgnVvp8WXau4+jE3

Malware Config

Targets

    • Target

      994baec2cfe0477cd7ca8a1a1c2c4817_JaffaCakes118

    • Size

      11.4MB

    • MD5

      994baec2cfe0477cd7ca8a1a1c2c4817

    • SHA1

      1c59a2945e50f1485d2d79fb720699565e991044

    • SHA256

      4ec28e96b91666c9621996f7a3534c2b8b505b834189468142f1638f96678210

    • SHA512

      2a3a8460e4e52e7fe74b73563af64aa55cf9c94094215a78a4d8860c5f1008bda3150d5feab64af7e305db20d501370bd55d0015a0e848bebe0a11ed38f9f80c

    • SSDEEP

      196608:geAvHX00VxsCjq+pkFWoG6S5uqNPBB8nzNfjvd/qemTo8z8QmXaK8K+W3og7ZZE3:geEoGjuqNgnVvp8WXau4+jE3

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

MITRE ATT&CK Mobile v15

Tasks