General

  • Target

    a2c9295fde6f7d9440de7524294597f4_JaffaCakes118

  • Size

    12.6MB

  • Sample

    240612-2sh4paxerj

  • MD5

    a2c9295fde6f7d9440de7524294597f4

  • SHA1

    b6a83b93b60f8dd63f4cd1ede2214666f8ed8bb9

  • SHA256

    8ff5ca4f1d7f66597aa91d9beeaa70be8dc444b2a6b6b4f6258d5168224c33a3

  • SHA512

    8dfc39857e62b3c9734f1eeffdf38e91b8617979e629bc33099c1a47d43af7c8d082a080809ea9280a5f0c05c7fe239b1d9864ff357f61c1e07e8d4e4fd820fb

  • SSDEEP

    196608:jW+qlKAAKY8DnVyhWCb2OTKP8uRSXSee3RC4/bIGt92ALgTc8amD/9NBHF:jtqrAKnG3WP8tpCCGk09RYcxI/H

Malware Config

Targets

    • Target

      a2c9295fde6f7d9440de7524294597f4_JaffaCakes118

    • Size

      12.6MB

    • MD5

      a2c9295fde6f7d9440de7524294597f4

    • SHA1

      b6a83b93b60f8dd63f4cd1ede2214666f8ed8bb9

    • SHA256

      8ff5ca4f1d7f66597aa91d9beeaa70be8dc444b2a6b6b4f6258d5168224c33a3

    • SHA512

      8dfc39857e62b3c9734f1eeffdf38e91b8617979e629bc33099c1a47d43af7c8d082a080809ea9280a5f0c05c7fe239b1d9864ff357f61c1e07e8d4e4fd820fb

    • SSDEEP

      196608:jW+qlKAAKY8DnVyhWCb2OTKP8uRSXSee3RC4/bIGt92ALgTc8amD/9NBHF:jtqrAKnG3WP8tpCCGk09RYcxI/H

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks