General
-
Target
9af4b4a1816ee8f9e39a217527637b6b_JaffaCakes118
-
Size
1.3MB
-
Sample
240610-rmn3mszbkq
-
MD5
9af4b4a1816ee8f9e39a217527637b6b
-
SHA1
e68c0c92694361532b5ed5e02f75dbc137821bc8
-
SHA256
e2fc76d0382a2dec03454d425b5848e1111a554273757f207efedd5137a92d62
-
SHA512
7c09989904e059c81baba1028d583a10a7bc0e20e8bd9dbad668f2d13053038d0ad010c08bdbb7bb670706710f24f9b80d0bb8472ce064f80c218e884877c6b5
-
SSDEEP
24576:foL0otaYtXMZMdc7T61VaxP5PFA1rypz/o+soj0fAq/13tdHbZKm51Ob83R:gQ7YtZcX61icdyZDZj0fAq/1XHNKmjbh
Malware Config
Targets
-
-
Target
9af4b4a1816ee8f9e39a217527637b6b_JaffaCakes118
-
Size
1.3MB
-
MD5
9af4b4a1816ee8f9e39a217527637b6b
-
SHA1
e68c0c92694361532b5ed5e02f75dbc137821bc8
-
SHA256
e2fc76d0382a2dec03454d425b5848e1111a554273757f207efedd5137a92d62
-
SHA512
7c09989904e059c81baba1028d583a10a7bc0e20e8bd9dbad668f2d13053038d0ad010c08bdbb7bb670706710f24f9b80d0bb8472ce064f80c218e884877c6b5
-
SSDEEP
24576:foL0otaYtXMZMdc7T61VaxP5PFA1rypz/o+soj0fAq/13tdHbZKm51Ob83R:gQ7YtZcX61icdyZDZj0fAq/1XHNKmjbh
Score8/10-
Removes its main activity from the application launcher
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-