General
-
Target
ac06ac51bd1bfd4f5f8ca222de472eaa_JaffaCakes118
-
Size
13.1MB
-
Sample
240614-3lnw2a1bph
-
MD5
ac06ac51bd1bfd4f5f8ca222de472eaa
-
SHA1
96e7473e851ea6f1f14a8e3d94ecf19a21b722f9
-
SHA256
ef14515a680274a93777d2477e60a5672e827fcfb61327ab0eefdc655549172f
-
SHA512
f0848234af90aa059dad79f76828c95cd090c6b01311c4f38f877f08c5e01eef2e599fb623b38ddb5c984baff13cdd67f73dfbbc3ff006e00a4e2aa66f676e59
-
SSDEEP
196608:+HT20WCCSaccLiV4JO+erAlfMgTZbXaFyxpUtVUnoI/vo8iLVn1QCPMcJHObOYnb:WBWiavGV4wXh+ZbqFyvUI148kVNpuhb
Malware Config
Targets
-
-
Target
ac06ac51bd1bfd4f5f8ca222de472eaa_JaffaCakes118
-
Size
13.1MB
-
MD5
ac06ac51bd1bfd4f5f8ca222de472eaa
-
SHA1
96e7473e851ea6f1f14a8e3d94ecf19a21b722f9
-
SHA256
ef14515a680274a93777d2477e60a5672e827fcfb61327ab0eefdc655549172f
-
SHA512
f0848234af90aa059dad79f76828c95cd090c6b01311c4f38f877f08c5e01eef2e599fb623b38ddb5c984baff13cdd67f73dfbbc3ff006e00a4e2aa66f676e59
-
SSDEEP
196608:+HT20WCCSaccLiV4JO+erAlfMgTZbXaFyxpUtVUnoI/vo8iLVn1QCPMcJHObOYnb:WBWiavGV4wXh+ZbqFyvUI148kVNpuhb
Score7/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
MITRE ATT&CK Mobile v15
Defense Evasion
Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
1System Checks
1