General

  • Target

    a8520b91aa217b6a908a6fffd15a37c1_JaffaCakes118

  • Size

    19.5MB

  • Sample

    240614-g6mc2sybrc

  • MD5

    a8520b91aa217b6a908a6fffd15a37c1

  • SHA1

    2f179ef6c3457930c609a538edb14668e6f91774

  • SHA256

    88243d4133dd54c20da4e390f6f03f2290c6d68c360b1bff6da244ecdfbb18d9

  • SHA512

    fee848a0830c7c02865a13fbedc18ed32bbd905465f8c61901e7b19b4d5093e744432ba934f947d57f7d4724de545764672a8b0d634987010aae91f2dbd6c3a3

  • SSDEEP

    393216:4Hlh0hyHHHLz8H7XNitPFuPxCU14v4JT7OJAEO2hUY4+6DXhJOz+uyscfg:4F6hcHH8bdittOks4v4J/OJAEthr4zDY

Malware Config

Targets

    • Target

      a8520b91aa217b6a908a6fffd15a37c1_JaffaCakes118

    • Size

      19.5MB

    • MD5

      a8520b91aa217b6a908a6fffd15a37c1

    • SHA1

      2f179ef6c3457930c609a538edb14668e6f91774

    • SHA256

      88243d4133dd54c20da4e390f6f03f2290c6d68c360b1bff6da244ecdfbb18d9

    • SHA512

      fee848a0830c7c02865a13fbedc18ed32bbd905465f8c61901e7b19b4d5093e744432ba934f947d57f7d4724de545764672a8b0d634987010aae91f2dbd6c3a3

    • SSDEEP

      393216:4Hlh0hyHHHLz8H7XNitPFuPxCU14v4JT7OJAEO2hUY4+6DXhJOz+uyscfg:4F6hcHH8bdittOks4v4J/OJAEthr4zDY

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks