General

  • Target

    ad378698236ea2818ceae5efbe43fbb1_JaffaCakes118

  • Size

    15.7MB

  • Sample

    240615-hh3wka1fla

  • MD5

    ad378698236ea2818ceae5efbe43fbb1

  • SHA1

    e64cfe8f08f6a8a901240157152d024ec27d053e

  • SHA256

    f53f73ca927fea65e5fe20a219d5969f7529b4b9d66c16418c4f10c69218a56f

  • SHA512

    106ddf38321f789abc6602805d345467dfe9f1c729e8da6a3caa698cff4b153529f9fa92c5590ef13625d88216d998d0ff9df365fdafa45d73872705673e7d1b

  • SSDEEP

    393216:hpSNjuoHJFIeD04PZYssxG3n0PZYssxG3Mo:CNjPpu9ss83Xss83Mo

Malware Config

Targets

    • Target

      ad378698236ea2818ceae5efbe43fbb1_JaffaCakes118

    • Size

      15.7MB

    • MD5

      ad378698236ea2818ceae5efbe43fbb1

    • SHA1

      e64cfe8f08f6a8a901240157152d024ec27d053e

    • SHA256

      f53f73ca927fea65e5fe20a219d5969f7529b4b9d66c16418c4f10c69218a56f

    • SHA512

      106ddf38321f789abc6602805d345467dfe9f1c729e8da6a3caa698cff4b153529f9fa92c5590ef13625d88216d998d0ff9df365fdafa45d73872705673e7d1b

    • SSDEEP

      393216:hpSNjuoHJFIeD04PZYssxG3n0PZYssxG3Mo:CNjPpu9ss83Xss83Mo

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks