General
-
Target
86803901ad22e416cab41658acb01253_JaffaCakes118
-
Size
6.8MB
-
Sample
240810-r9z4esycje
-
MD5
86803901ad22e416cab41658acb01253
-
SHA1
4a660bd5b37125f4bd13e41d72d332bc83666b5e
-
SHA256
51d115af1fd28f6f2972168f4471050bed2c8a408c813815586882165d4e423c
-
SHA512
61061463b29db63600c57d887b9a79af0ceed4bd8c865badcb411677e5f63533639ea7d5428dc61195bc226d6465122bbf9991013bc7105c8a03e0c32dde2c48
-
SSDEEP
196608:irA8DXFP7fvyXl4NUXRiZnkQIAMW7qRqaU:MJB7+6nkNAb+RqX
Malware Config
Targets
-
-
Target
86803901ad22e416cab41658acb01253_JaffaCakes118
-
Size
6.8MB
-
MD5
86803901ad22e416cab41658acb01253
-
SHA1
4a660bd5b37125f4bd13e41d72d332bc83666b5e
-
SHA256
51d115af1fd28f6f2972168f4471050bed2c8a408c813815586882165d4e423c
-
SHA512
61061463b29db63600c57d887b9a79af0ceed4bd8c865badcb411677e5f63533639ea7d5428dc61195bc226d6465122bbf9991013bc7105c8a03e0c32dde2c48
-
SSDEEP
196608:irA8DXFP7fvyXl4NUXRiZnkQIAMW7qRqaU:MJB7+6nkNAb+RqX
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
3System Checks
3