General

  • Target

    aaf691ed61f6265c9d3a0ffc794af7d4_JaffaCakes118

  • Size

    5.6MB

  • Sample

    240614-wagj9atgnr

  • MD5

    aaf691ed61f6265c9d3a0ffc794af7d4

  • SHA1

    cb5e2190c7fd02bfab4870eca84bcd037adc31a0

  • SHA256

    acd3a993fa736d9ca18f60fb8b6e190dcc1d9623c4160b773dce005852a2c043

  • SHA512

    8c3b6b9808b6b3682a999c2bfdc82ada330b075243f8ab8bfc3de8d2b38b35f9c3ccae5c69684c3c988b94eeb569c039cc358d1a452a958f4fafc22d3af7e642

  • SSDEEP

    98304:tyd2PTIucd7IuD3qWt6CnGAutOAZj49r2k3zreM1QPye1BnckUAHxLn2rmJk3WRe:UEPypIurq46y6Rj4l2k3z2PZBcYhTk33

Malware Config

Targets

    • Target

      aaf691ed61f6265c9d3a0ffc794af7d4_JaffaCakes118

    • Size

      5.6MB

    • MD5

      aaf691ed61f6265c9d3a0ffc794af7d4

    • SHA1

      cb5e2190c7fd02bfab4870eca84bcd037adc31a0

    • SHA256

      acd3a993fa736d9ca18f60fb8b6e190dcc1d9623c4160b773dce005852a2c043

    • SHA512

      8c3b6b9808b6b3682a999c2bfdc82ada330b075243f8ab8bfc3de8d2b38b35f9c3ccae5c69684c3c988b94eeb569c039cc358d1a452a958f4fafc22d3af7e642

    • SSDEEP

      98304:tyd2PTIucd7IuD3qWt6CnGAutOAZj49r2k3zreM1QPye1BnckUAHxLn2rmJk3WRe:UEPypIurq46y6Rj4l2k3z2PZBcYhTk33

    • Checks if the Android device is rooted.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

MITRE ATT&CK Mobile v15

Tasks