General

  • Target

    b44d1c531952914e0a10feeb5aa91568_JaffaCakes118

  • Size

    10.7MB

  • Sample

    240616-s7q86sygmf

  • MD5

    b44d1c531952914e0a10feeb5aa91568

  • SHA1

    a83e340e462f6f02bfade04847d5c1033833e8e4

  • SHA256

    60aba175713504319ba69d8bb491fe2a5f1b23529a9137e4ba7ca727891f3ad3

  • SHA512

    d1c122759fe13eb630cb8d8fbf816524101279a286d7e40f2929e72d25825f592191ea81eb508b016f4b7340cb8ce5a8172edf91b7bcf01a8002194756b9d54b

  • SSDEEP

    196608:EaaYr0EV3x7Nx3ZOLSRJDMVWzsU8+2LU3/r6CMu7S4hqQGeX:kY4sB7NpZOgIaFDobQGG

Malware Config

Targets

    • Target

      b44d1c531952914e0a10feeb5aa91568_JaffaCakes118

    • Size

      10.7MB

    • MD5

      b44d1c531952914e0a10feeb5aa91568

    • SHA1

      a83e340e462f6f02bfade04847d5c1033833e8e4

    • SHA256

      60aba175713504319ba69d8bb491fe2a5f1b23529a9137e4ba7ca727891f3ad3

    • SHA512

      d1c122759fe13eb630cb8d8fbf816524101279a286d7e40f2929e72d25825f592191ea81eb508b016f4b7340cb8ce5a8172edf91b7bcf01a8002194756b9d54b

    • SSDEEP

      196608:EaaYr0EV3x7Nx3ZOLSRJDMVWzsU8+2LU3/r6CMu7S4hqQGeX:kY4sB7NpZOgIaFDobQGG

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks