General
-
Target
a4cf186b366af1716ecb5047469fba7c_JaffaCakes118
-
Size
6.6MB
-
Sample
240613-k8621swflr
-
MD5
a4cf186b366af1716ecb5047469fba7c
-
SHA1
595109604ee60ae30879c8b8ae557a7ebe2ae7d4
-
SHA256
87ba1ec9955a6593cc6967cee43a8fabd0f5b6ea1f2e2565a29a1fdce8a18311
-
SHA512
5b33fa04f47b2770d64ae9e93edc636f79a666f55a997bf29c755b4f14883952c37a17ca8a92834b9fefbf778e4759ed9bfe77e3856f5ed12c7774d0c568c0dc
-
SSDEEP
196608:vhKCBUtBtNYnrBI9xLycO5kfMsdr+MuFNJG:Va4ri9xLTO5kfMGrbaJG
Malware Config
Targets
-
-
Target
a4cf186b366af1716ecb5047469fba7c_JaffaCakes118
-
Size
6.6MB
-
MD5
a4cf186b366af1716ecb5047469fba7c
-
SHA1
595109604ee60ae30879c8b8ae557a7ebe2ae7d4
-
SHA256
87ba1ec9955a6593cc6967cee43a8fabd0f5b6ea1f2e2565a29a1fdce8a18311
-
SHA512
5b33fa04f47b2770d64ae9e93edc636f79a666f55a997bf29c755b4f14883952c37a17ca8a92834b9fefbf778e4759ed9bfe77e3856f5ed12c7774d0c568c0dc
-
SSDEEP
196608:vhKCBUtBtNYnrBI9xLycO5kfMsdr+MuFNJG:Va4ri9xLTO5kfMGrbaJG
Score8/10-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Acquires the wake lock
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2