General

  • Target

    afb98f0c27e234d4eb68355dc33099b7_JaffaCakes118

  • Size

    4.9MB

  • Sample

    240615-ws8fpazdqa

  • MD5

    afb98f0c27e234d4eb68355dc33099b7

  • SHA1

    2b6aca4b56e2c0f265568dfa00b630c0de180109

  • SHA256

    1bba1da3f9df37c9c47fba04ec9c63ec389c2c3984d7e300c7e535b3970a0729

  • SHA512

    664b2fdb4666c1b95e1f85930b7a07b82ef502d44af4d03c2dcbfc08b97c1917f83edb4c8f7ba490aff945f9e7c77e3595a23e34d48329a8d4c37f9e9601b31f

  • SSDEEP

    98304:pZUjAlOjAw+aBC7ZmCJ+j+79O+oH13Hmx6SvGESVuf:QsOvr0YCMOO+oHBGx6SWV6

Malware Config

Targets

    • Target

      afb98f0c27e234d4eb68355dc33099b7_JaffaCakes118

    • Size

      4.9MB

    • MD5

      afb98f0c27e234d4eb68355dc33099b7

    • SHA1

      2b6aca4b56e2c0f265568dfa00b630c0de180109

    • SHA256

      1bba1da3f9df37c9c47fba04ec9c63ec389c2c3984d7e300c7e535b3970a0729

    • SHA512

      664b2fdb4666c1b95e1f85930b7a07b82ef502d44af4d03c2dcbfc08b97c1917f83edb4c8f7ba490aff945f9e7c77e3595a23e34d48329a8d4c37f9e9601b31f

    • SSDEEP

      98304:pZUjAlOjAw+aBC7ZmCJ+j+79O+oH13Hmx6SvGESVuf:QsOvr0YCMOO+oHBGx6SWV6

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks