General

  • Target

    ac2dd9ef8b63dfebdefa41736ca58ba7_JaffaCakes118

  • Size

    11.2MB

  • Sample

    240615-ahx2basbra

  • MD5

    ac2dd9ef8b63dfebdefa41736ca58ba7

  • SHA1

    f022b64cced9c04ad81b31dc61b82148b439a08b

  • SHA256

    ea40f6a8045c093d95dc589431da03543b7a939007b48e3da5391935446f741a

  • SHA512

    93baec7e07af2871b1891c69b4c79b00d88b56ca6ced8a635e2822b37608a63db997c749af9ea77b63732af99581138122325179aa6914561c0d2c959f234203

  • SSDEEP

    196608:YJe9BtJq/HJJwczt/iwXTTRt0jZRvTCOVb5j2p:hcJwclZRtcRvTCOV16p

Malware Config

Targets

    • Target

      ac2dd9ef8b63dfebdefa41736ca58ba7_JaffaCakes118

    • Size

      11.2MB

    • MD5

      ac2dd9ef8b63dfebdefa41736ca58ba7

    • SHA1

      f022b64cced9c04ad81b31dc61b82148b439a08b

    • SHA256

      ea40f6a8045c093d95dc589431da03543b7a939007b48e3da5391935446f741a

    • SHA512

      93baec7e07af2871b1891c69b4c79b00d88b56ca6ced8a635e2822b37608a63db997c749af9ea77b63732af99581138122325179aa6914561c0d2c959f234203

    • SSDEEP

      196608:YJe9BtJq/HJJwczt/iwXTTRt0jZRvTCOVb5j2p:hcJwclZRtcRvTCOV16p

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Reads the contacts stored on the device.

    • Reads the content of the call log.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks