General

  • Target

    aa14da220e29cf40e7abe5dedaac318b_JaffaCakes118

  • Size

    24.1MB

  • Sample

    240614-rdgl7sxdrp

  • MD5

    aa14da220e29cf40e7abe5dedaac318b

  • SHA1

    484c2eea01d42765f28a9553b713c5f9ab97d247

  • SHA256

    65f41e90ab4d55aabdb94415a69d45de5e5c7ac4e252d9dce758caa18356590a

  • SHA512

    2112e3ec3869958a989f2f7bff494beea55b9603c3eedd815a70f280163da5e31e54cbc672071926ba18d2217f908b6c3c7b770316c3fa5b6c8e393b8af34e59

  • SSDEEP

    786432:gMzfnpsIoOzigwOFKyVBWXpsxI/V+UuT5U:gMz68WgnFKyVMpPNDuTC

Malware Config

Targets

    • Target

      aa14da220e29cf40e7abe5dedaac318b_JaffaCakes118

    • Size

      24.1MB

    • MD5

      aa14da220e29cf40e7abe5dedaac318b

    • SHA1

      484c2eea01d42765f28a9553b713c5f9ab97d247

    • SHA256

      65f41e90ab4d55aabdb94415a69d45de5e5c7ac4e252d9dce758caa18356590a

    • SHA512

      2112e3ec3869958a989f2f7bff494beea55b9603c3eedd815a70f280163da5e31e54cbc672071926ba18d2217f908b6c3c7b770316c3fa5b6c8e393b8af34e59

    • SSDEEP

      786432:gMzfnpsIoOzigwOFKyVBWXpsxI/V+UuT5U:gMz68WgnFKyVMpPNDuTC

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks