General

  • Target

    a8861f86a1391623596957e2219dd4e5_JaffaCakes118

  • Size

    24.8MB

  • Sample

    240614-jaflqstern

  • MD5

    a8861f86a1391623596957e2219dd4e5

  • SHA1

    06c4a1d0bf492ee071538693def3838865143355

  • SHA256

    9adb41e9efb686bd5fabe8958cbc5c58b94912472cb2c40e35f19b025b6b15a0

  • SHA512

    60432649f349be6d9accd108a184ab72cf722244111199e7339377d85662c39e6d479114dfee1b0812e93aae71139fed80c832fd9f607cf85415ae5620b03920

  • SSDEEP

    786432:ccNc9UNEPQ/ap24rWkr9msyCs7RMwb/jpq7IvMoNz:c+QKapnS2KCIZbFq7Ib

Malware Config

Targets

    • Target

      a8861f86a1391623596957e2219dd4e5_JaffaCakes118

    • Size

      24.8MB

    • MD5

      a8861f86a1391623596957e2219dd4e5

    • SHA1

      06c4a1d0bf492ee071538693def3838865143355

    • SHA256

      9adb41e9efb686bd5fabe8958cbc5c58b94912472cb2c40e35f19b025b6b15a0

    • SHA512

      60432649f349be6d9accd108a184ab72cf722244111199e7339377d85662c39e6d479114dfee1b0812e93aae71139fed80c832fd9f607cf85415ae5620b03920

    • SSDEEP

      786432:ccNc9UNEPQ/ap24rWkr9msyCs7RMwb/jpq7IvMoNz:c+QKapnS2KCIZbFq7Ib

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks