General

  • Target

    aabab680f09ab629995ee9cc74ccf7e5_JaffaCakes118

  • Size

    19.3MB

  • Sample

    240614-t758rsydlc

  • MD5

    aabab680f09ab629995ee9cc74ccf7e5

  • SHA1

    f7d403e6ab687f96ce91403c30942c412a28f7b4

  • SHA256

    6b2d519bd16089da3a916253f565174d19ad9389a614a25f4c31012127849e75

  • SHA512

    173abaa1ffe657753bf52f97a5b5d6f78b769909e3a6f4d50f0fe3004a2375b9178f30b704f7b058ec9e7154d8e2f901aa4839e032426d67c51a2155e44c7241

  • SSDEEP

    393216:3Uwvb8MeBRjht7ViNqY1wKWwMUxwywMeTCJ3bC4+fzup8Djqf+32Y1Vj:3U4YFv1CNqMf3xEMemojqmj

Malware Config

Targets

    • Target

      aabab680f09ab629995ee9cc74ccf7e5_JaffaCakes118

    • Size

      19.3MB

    • MD5

      aabab680f09ab629995ee9cc74ccf7e5

    • SHA1

      f7d403e6ab687f96ce91403c30942c412a28f7b4

    • SHA256

      6b2d519bd16089da3a916253f565174d19ad9389a614a25f4c31012127849e75

    • SHA512

      173abaa1ffe657753bf52f97a5b5d6f78b769909e3a6f4d50f0fe3004a2375b9178f30b704f7b058ec9e7154d8e2f901aa4839e032426d67c51a2155e44c7241

    • SSDEEP

      393216:3Uwvb8MeBRjht7ViNqY1wKWwMUxwywMeTCJ3bC4+fzup8Djqf+32Y1Vj:3U4YFv1CNqMf3xEMemojqmj

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries the phone number (MSISDN for GSM devices)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks