General

  • Target

    ba3ec8784205b6d1327c84bdbad2f706_JaffaCakes118

  • Size

    31.9MB

  • Sample

    240618-ak4a4szdmd

  • MD5

    ba3ec8784205b6d1327c84bdbad2f706

  • SHA1

    7a11b5f7d6b8ddff2072b9e765637b4e2a74f556

  • SHA256

    e2af7cc890bc1fad1ea2ab65eb1d2039eec5f4f76d5054c5304c80bdb1c4e45b

  • SHA512

    5dc3e9828f9c9f458183e44d20d5d79900a0d35e2d11c2a056e94cb99bfb240ff8065c1a4e9a046de294210289b17c5faae2cc315367fbfd5a75d464c4680129

  • SSDEEP

    786432:9L8xiHDeQovgq4qK0TAy4NS1eJ1CimKCvgLPF8U3oVrdLNQcvHZ:9LGVklQd4NS182cLN67NQW

Malware Config

Targets

    • Target

      ba3ec8784205b6d1327c84bdbad2f706_JaffaCakes118

    • Size

      31.9MB

    • MD5

      ba3ec8784205b6d1327c84bdbad2f706

    • SHA1

      7a11b5f7d6b8ddff2072b9e765637b4e2a74f556

    • SHA256

      e2af7cc890bc1fad1ea2ab65eb1d2039eec5f4f76d5054c5304c80bdb1c4e45b

    • SHA512

      5dc3e9828f9c9f458183e44d20d5d79900a0d35e2d11c2a056e94cb99bfb240ff8065c1a4e9a046de294210289b17c5faae2cc315367fbfd5a75d464c4680129

    • SSDEEP

      786432:9L8xiHDeQovgq4qK0TAy4NS1eJ1CimKCvgLPF8U3oVrdLNQcvHZ:9LGVklQd4NS182cLN67NQW

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks