General

  • Target

    bbdb658b0c49f9903ec7c7906516f4e4_JaffaCakes118

  • Size

    12.7MB

  • Sample

    240618-pbv1pssfqh

  • MD5

    bbdb658b0c49f9903ec7c7906516f4e4

  • SHA1

    225e8246735f9ed223515d581fcff1426a1f6122

  • SHA256

    9cc56ace4676989cc3db4c6b6b99e6172da9b8e4bad51f152a34dd054a20c227

  • SHA512

    8f54582d34ab970817127932e5937d1b3dcab6d0723d2fb2ba1dacb96a0839fefc25294a7ef23bb2b93dc08a027115a64230b9b5afa75f516b2d2bfdefb3a214

  • SSDEEP

    196608:aGY1/bJBgj3Zy9l3VJ+44gCIHkYlzqmetgtahs8BFgl3MfP10fLm5sgS6SFkzv4r:A1TJ24lFJ+4og6ngIP10fKigihQwp

Malware Config

Targets

    • Target

      bbdb658b0c49f9903ec7c7906516f4e4_JaffaCakes118

    • Size

      12.7MB

    • MD5

      bbdb658b0c49f9903ec7c7906516f4e4

    • SHA1

      225e8246735f9ed223515d581fcff1426a1f6122

    • SHA256

      9cc56ace4676989cc3db4c6b6b99e6172da9b8e4bad51f152a34dd054a20c227

    • SHA512

      8f54582d34ab970817127932e5937d1b3dcab6d0723d2fb2ba1dacb96a0839fefc25294a7ef23bb2b93dc08a027115a64230b9b5afa75f516b2d2bfdefb3a214

    • SSDEEP

      196608:aGY1/bJBgj3Zy9l3VJ+44gCIHkYlzqmetgtahs8BFgl3MfP10fLm5sgS6SFkzv4r:A1TJ24lFJ+4og6ngIP10fKigihQwp

    • Checks if the Android device is rooted.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Checks the presence of a debugger

    • Listens for changes in the sensor environment (might be used to detect emulation)

    • Target

      1

    • Size

      70KB

    • MD5

      f9c5abc0635b6c6fcf841a06f18ec033

    • SHA1

      e3fb0e05c45c5d8aa2d6f8fbb26cdadbbd3b4999

    • SHA256

      d30beaae9bbb021429ac8e496f130a2a7ebd0f26f5956320c49081e4b162c9ec

    • SHA512

      55af060c8dba8e890354b11bfc65d578e60d40636bbeb1899733d293774a0c16c25bd5ef1e3339ed28554739c06155ed9d83d14ccfea1f224495f8e9aa15cdfb

    • SSDEEP

      1536:A4YeLHvFYLSHMU8zhSETpo8z0J8bcWtE5amVpZFF1FAgmObWb:A4YejSL0MU8V/oK0JYcpgOpHFrbWb

    Score
    1/10
    • Target

      9

    • Size

      5KB

    • MD5

      65881be88e0f72930678e6b931ab0130

    • SHA1

      a824bbe5e40010cb3b4e28c02d4885a9cfaa62a4

    • SHA256

      5ec62950e82db472f773321ae49bc2d02bf915788314ebaa898b5598017f37c1

    • SHA512

      d3ff334a50928b811dbc03533d559ad462483477359fb9141b46f2146c6b17d0fb4aef2e875a02d610a0ffd37eb51ba943b5308739a462a5f7af9dbdf1f38482

    • SSDEEP

      96:kAfr547juoLAy+ZRZtdG9vFyf0H9vfc+FtEmP8aTnn8ZtblhaHgmVllpu9:kACPuoLEZFYM0xFtEmEan8Ztb7agcQ9

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks