051d1f874f42ea0530e89289721d60ebbe3c7ab877f10f221c95d992d69598f1 | Triage

Sharing

General

Target

a7354601ba0cdfa1f3e073bcb46623cb_JaffaCakes118
Size

4.4MB
Sample

240613-3z2eaawfpc
MD5

a7354601ba0cdfa1f3e073bcb46623cb
SHA1

e69830bca43b3a739bf8bdb29a024521d511f46b
SHA256

051d1f874f42ea0530e89289721d60ebbe3c7ab877f10f221c95d992d69598f1
SHA512

ba20c13d38dff6f142e0072faf737b32c21c7ee4941a2f3c8e3f985bc68f9f51ce9af18e3edcf02b7bcc133d2167e8af9cbb19b9da1b0123d0e14b73ef7f8af7
SSDEEP

98304:RTNcmlyr5Bh29RDLxKzFcPWY2DncsQ15zPjlUctVPY:5Ncmlyr5BhERDoBvosQ1ZP5vY

Score

6^/10

android discovery

Malware Config

Targets

- Target
  
  a7354601ba0cdfa1f3e073bcb46623cb_JaffaCakes118
- Size
  
  4.4MB
- MD5
  
  a7354601ba0cdfa1f3e073bcb46623cb
- SHA1
  
  e69830bca43b3a739bf8bdb29a024521d511f46b
- SHA256
  
  051d1f874f42ea0530e89289721d60ebbe3c7ab877f10f221c95d992d69598f1
- SHA512
  
  ba20c13d38dff6f142e0072faf737b32c21c7ee4941a2f3c8e3f985bc68f9f51ce9af18e3edcf02b7bcc133d2167e8af9cbb19b9da1b0123d0e14b73ef7f8af7
- SSDEEP
  
  98304:RTNcmlyr5Bh29RDLxKzFcPWY2DncsQ15zPjlUctVPY:5Ncmlyr5BhERDoBvosQ1ZP5vY
Score

6^/10

discovery
- Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2