General

  • Target

    99fbb17b37ca785f58d855472bf14441_JaffaCakes118

  • Size

    24.4MB

  • Sample

    240606-fd86nshg69

  • MD5

    99fbb17b37ca785f58d855472bf14441

  • SHA1

    f7c5f6c4df0f682ba635578a45340e464252ed03

  • SHA256

    785971bfe812f3abbf562824ab9aed04668cd529b386102518963f81bc166a48

  • SHA512

    bc734a5f3d236641a8012fabf92f9b97d15032ca209bb50bfc2ca3b6bea2467d32cf6c9c47399faaecdce5d68299b75a452aafd7ef06371d3dd444da8c11e7d6

  • SSDEEP

    393216:5Sl20pOZVu+EhkjB2FsXtsYlFTp6LMxPEcKWnxF37cJbcKucKj:5STOG+me2Fstblz6oMJ2

Malware Config

Targets

    • Target

      99fbb17b37ca785f58d855472bf14441_JaffaCakes118

    • Size

      24.4MB

    • MD5

      99fbb17b37ca785f58d855472bf14441

    • SHA1

      f7c5f6c4df0f682ba635578a45340e464252ed03

    • SHA256

      785971bfe812f3abbf562824ab9aed04668cd529b386102518963f81bc166a48

    • SHA512

      bc734a5f3d236641a8012fabf92f9b97d15032ca209bb50bfc2ca3b6bea2467d32cf6c9c47399faaecdce5d68299b75a452aafd7ef06371d3dd444da8c11e7d6

    • SSDEEP

      393216:5Sl20pOZVu+EhkjB2FsXtsYlFTp6LMxPEcKWnxF37cJbcKucKj:5STOG+me2Fstblz6oMJ2

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Acquires the wake lock

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks