General

  • Target

    a2a266ffb5a880220d12f922e8ce4cb8_JaffaCakes118

  • Size

    854KB

  • Sample

    240612-14e1qssekh

  • MD5

    a2a266ffb5a880220d12f922e8ce4cb8

  • SHA1

    f778baf46d378b179f1d0117701484968a041772

  • SHA256

    01b4bb2cbc8ba422a630d49eee805a145688fec037cacb6bae66d633df52cc91

  • SHA512

    309f0b80bae415f4f01cce89b3507993a4af4b01c5a734b54a713c736c971ce283e89e7050efad01ed5b2648f6368f7afc457f3879d15f250eb8affbb00c5d79

  • SSDEEP

    12288:viECyuMTlBHvnQ0N0iSAiLh/aHMtWWi2pY3KMYP4pzS0kv7sdzNQx0HDnFgLLl2X:v5CojnVFxw9a92YqyzSvv7SzLDnFg3sX

Malware Config

Targets

    • Target

      a2a266ffb5a880220d12f922e8ce4cb8_JaffaCakes118

    • Size

      854KB

    • MD5

      a2a266ffb5a880220d12f922e8ce4cb8

    • SHA1

      f778baf46d378b179f1d0117701484968a041772

    • SHA256

      01b4bb2cbc8ba422a630d49eee805a145688fec037cacb6bae66d633df52cc91

    • SHA512

      309f0b80bae415f4f01cce89b3507993a4af4b01c5a734b54a713c736c971ce283e89e7050efad01ed5b2648f6368f7afc457f3879d15f250eb8affbb00c5d79

    • SSDEEP

      12288:viECyuMTlBHvnQ0N0iSAiLh/aHMtWWi2pY3KMYP4pzS0kv7sdzNQx0HDnFgLLl2X:v5CojnVFxw9a92YqyzSvv7SzLDnFg3sX

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries the phone number (MSISDN for GSM devices)

    • Reads the content of SMS inbox messages.

    • Reads the content of the SMS messages.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

MITRE ATT&CK Matrix

Tasks