General

  • Target

    a958cfe4e3ade05305ff11c3dcc92759_JaffaCakes118

  • Size

    11.0MB

  • Sample

    240614-m7e81s1hkm

  • MD5

    a958cfe4e3ade05305ff11c3dcc92759

  • SHA1

    db645ea768309ca762cb3ce5e3b08584134dcdd0

  • SHA256

    0ee5378489f067b0f0575d5f9450691c4ce855628ca1a93c3a4186234aa742a7

  • SHA512

    21530cd5e5f492590d3eb6a54de6e1abd12ad4f65ff49185bfe96570fcd41468364ce6979b495ad46a7229e5b354900a805074c1270877ab487f9091737ef734

  • SSDEEP

    196608:fE/uxVlEvuk8PumISgv4aP3BPX8Ny2acwFqsKJclsKLWue4jsO/TMX:fbbaldSQ4avBPX8NyudsuBgze4jsO/TQ

Malware Config

Targets

    • Target

      a958cfe4e3ade05305ff11c3dcc92759_JaffaCakes118

    • Size

      11.0MB

    • MD5

      a958cfe4e3ade05305ff11c3dcc92759

    • SHA1

      db645ea768309ca762cb3ce5e3b08584134dcdd0

    • SHA256

      0ee5378489f067b0f0575d5f9450691c4ce855628ca1a93c3a4186234aa742a7

    • SHA512

      21530cd5e5f492590d3eb6a54de6e1abd12ad4f65ff49185bfe96570fcd41468364ce6979b495ad46a7229e5b354900a805074c1270877ab487f9091737ef734

    • SSDEEP

      196608:fE/uxVlEvuk8PumISgv4aP3BPX8Ny2acwFqsKJclsKLWue4jsO/TMX:fbbaldSQ4avBPX8NyudsuBgze4jsO/TQ

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries the mobile country code (MCC)

MITRE ATT&CK Matrix

Tasks