General

  • Target

    a94752b32fa6b91f086962cc2ef04e13_JaffaCakes118

  • Size

    7.7MB

  • Sample

    240614-mwq65s1dpn

  • MD5

    a94752b32fa6b91f086962cc2ef04e13

  • SHA1

    84cb7bf68d6625fe905e765c08188bb5fb3fd14b

  • SHA256

    5032ec077ecbd5d9d95eedfe235d2af0c38bd49e41a175a65eae588abe392e80

  • SHA512

    25ba0acfaadd5f1c7f6fc79c93a9bfdcb6f1c2f18a43cd22beac85ed8b67cf133823f9a60f7ee4e204ba86ec068ef09eb136021fc97424d448794d9bcea87346

  • SSDEEP

    196608:JNJl5iVsc5TPmW/YNEMMcHR8dpGb++75s:JNvGPzgbHR8fGbr75s

Malware Config

Targets

    • Target

      a94752b32fa6b91f086962cc2ef04e13_JaffaCakes118

    • Size

      7.7MB

    • MD5

      a94752b32fa6b91f086962cc2ef04e13

    • SHA1

      84cb7bf68d6625fe905e765c08188bb5fb3fd14b

    • SHA256

      5032ec077ecbd5d9d95eedfe235d2af0c38bd49e41a175a65eae588abe392e80

    • SHA512

      25ba0acfaadd5f1c7f6fc79c93a9bfdcb6f1c2f18a43cd22beac85ed8b67cf133823f9a60f7ee4e204ba86ec068ef09eb136021fc97424d448794d9bcea87346

    • SSDEEP

      196608:JNJl5iVsc5TPmW/YNEMMcHR8dpGb++75s:JNvGPzgbHR8fGbr75s

    • Checks if the Android device is rooted.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

    • Checks the presence of a debugger

MITRE ATT&CK Matrix

Tasks