General

  • Target

    aecf513d1b5aaa4d1a234f4683892f3f_JaffaCakes118

  • Size

    19.4MB

  • Sample

    240615-rj2vbsxcpm

  • MD5

    aecf513d1b5aaa4d1a234f4683892f3f

  • SHA1

    e27388321b2c592538d2286a2c04e4ce9a6bb00c

  • SHA256

    0b440eff4e288251d452599c4e51e85fe4f86615761ae55d3f39b3bc240cf657

  • SHA512

    fc3b90f92ca6902263de755bf4b15b05543317b0545c0d086174ba3dccec6a28534ea50cc753d59c15f760fbb84973a0ff3cd0e437c1e6120652bf7f26525576

  • SSDEEP

    393216:dfHpoycBq5ueMQZHlipi6ZLVMJOYME/D7+fut+L5gTdbCzEZpzdVO4eMcj:dfpBcHQZHl4LVMJO1meug63/dVZcj

Malware Config

Targets

    • Target

      aecf513d1b5aaa4d1a234f4683892f3f_JaffaCakes118

    • Size

      19.4MB

    • MD5

      aecf513d1b5aaa4d1a234f4683892f3f

    • SHA1

      e27388321b2c592538d2286a2c04e4ce9a6bb00c

    • SHA256

      0b440eff4e288251d452599c4e51e85fe4f86615761ae55d3f39b3bc240cf657

    • SHA512

      fc3b90f92ca6902263de755bf4b15b05543317b0545c0d086174ba3dccec6a28534ea50cc753d59c15f760fbb84973a0ff3cd0e437c1e6120652bf7f26525576

    • SSDEEP

      393216:dfHpoycBq5ueMQZHlipi6ZLVMJOYME/D7+fut+L5gTdbCzEZpzdVO4eMcj:dfpBcHQZHl4LVMJO1meug63/dVZcj

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Reads information about phone network operator.

    • Target

      RemoteRdp.apk

    • Size

      9.8MB

    • MD5

      666b5502e7d3ec8ce2d192a003faa012

    • SHA1

      4452cb3abd2768c7c81c76acebf4e9e36ae9e300

    • SHA256

      22c93f566945e87d6f6886d349af5992c0fb0b302e3c214563881e71b85529fe

    • SHA512

      1fdef7588bba56ae5c8f9d6e185fcc5ef5c9e1422b0211a1ffa6f14dfef20387af53d2cbeb5803717e47f29bcfac5c9598ab9b59662030998d208795eea4323c

    • SSDEEP

      196608:e2S+4/cv9G1KQf5Y3N643FYKjqXzdbQgDdRToehVQ4vXefJyHkgxPEx82gbUpX:eB+8clc5AFWXxbTdhT/efJskg6xhqU5

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Target

      wbeta.apk

    • Size

      4.6MB

    • MD5

      51331934dc83dc4015b7505c5a8d6d25

    • SHA1

      4eb9ca0312e41997fa5012be061d6f5af2d5c530

    • SHA256

      cf1de3ea394084b8c13b7f20ca506c8bc34708dd6d4a19f0ed0444fcdaafd82c

    • SHA512

      88360aeff8a3bb121b0b5811b9cd83bbe1fa396d762d4b3d1b6132d9a2c8b0afd8f2232cd0c7d3444d07cb87efba416e443de6ff5f2ec05cf992d45135e4eefe

    • SSDEEP

      98304:L//G5gKkZMXhOnVyb9AL8dLb/Al/pIgN/qrlJOA02zDkFTyg7S:f1ZMUnVM7VAdurlJOAJzDcI

    Score
    1/10

MITRE ATT&CK Matrix

Tasks