General

  • Target

    a990a5ff3ddddfa549fd6ecdb100b4da_JaffaCakes118

  • Size

    8.9MB

  • Sample

    240614-n53rzazdjb

  • MD5

    a990a5ff3ddddfa549fd6ecdb100b4da

  • SHA1

    f518e412a7a4638d39e165160f9c7c1b501bde2f

  • SHA256

    7ea73b1992e2ed857fbf36b50fef1cbabd68747632c6f25b614f81f82ed93357

  • SHA512

    c77fe9591774667f0db860f0a212ef32d5918c599d2a4f762366181e9c6c52eb7fb03946164095fc9ddc3771f340a753a858d8942fbdc68fa552daf0548a30e1

  • SSDEEP

    196608:sEf+6XrKkSqjaAlYR4kThs6Ps6ap89HVr+Bla21au9+WOqTzYSUQ5NLA:s+S4rWS6k6T9U9azdRSb8

Malware Config

Targets

    • Target

      a990a5ff3ddddfa549fd6ecdb100b4da_JaffaCakes118

    • Size

      8.9MB

    • MD5

      a990a5ff3ddddfa549fd6ecdb100b4da

    • SHA1

      f518e412a7a4638d39e165160f9c7c1b501bde2f

    • SHA256

      7ea73b1992e2ed857fbf36b50fef1cbabd68747632c6f25b614f81f82ed93357

    • SHA512

      c77fe9591774667f0db860f0a212ef32d5918c599d2a4f762366181e9c6c52eb7fb03946164095fc9ddc3771f340a753a858d8942fbdc68fa552daf0548a30e1

    • SSDEEP

      196608:sEf+6XrKkSqjaAlYR4kThs6Ps6ap89HVr+Bla21au9+WOqTzYSUQ5NLA:s+S4rWS6k6T9U9azdRSb8

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Target

      GameBox.jpg

    • Size

      2.9MB

    • MD5

      f56814a880accf06829ad074b9584195

    • SHA1

      b94071dcb7526e240f92d39913ea5c28977aac75

    • SHA256

      9c0424fd2e81bc8661d2ded8c15f6f346b729e0d203b9df879299704fad31e2e

    • SHA512

      51c6484fda6111306df1b73c86efd01b309a9683ac343eeaa83d7ca5d99a2441b9fcb268a14e8354f09ea773b9f929a29009145f3a9b80a475e43141554a2ff9

    • SSDEEP

      49152:PEHwm+BJCRFrKkSmB7KwG3hxmgTlAG6YiAhQKK504KFuK3DeI:PEH/+6XrKkSq7PyxmgTlAG6YVQKx4KpV

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks