General
-
Target
cdf0fa9baff2a53b59309e82f5585084_JaffaCakes118
-
Size
20.5MB
-
Sample
240901-bnp4bswhlc
-
MD5
cdf0fa9baff2a53b59309e82f5585084
-
SHA1
e4c617f02d80ae9ee258044365b45e83c177e185
-
SHA256
0ff8402233e0d763dac36265f5d9d0cf9658a98b7135ef4ee8a27aaa858a7e7b
-
SHA512
3de193a6f9a748aa1b63a60742b3eba2fae968fe94df661c88e32b9cf4cd6603a45cbed98935a041c6f3c99d3c928db447cfea963d5d4e688b3537765a6bf877
-
SSDEEP
393216:neMEfdEcelOQOO+BYR1+HpuL4zocIoMlRe33ekuzlx4V9Os54GKzl7hx01rRhqL:EEcelOq5R1+H04zTIoMlRezuRxCY3fhZ
Malware Config
Targets
-
-
Target
cdf0fa9baff2a53b59309e82f5585084_JaffaCakes118
-
Size
20.5MB
-
MD5
cdf0fa9baff2a53b59309e82f5585084
-
SHA1
e4c617f02d80ae9ee258044365b45e83c177e185
-
SHA256
0ff8402233e0d763dac36265f5d9d0cf9658a98b7135ef4ee8a27aaa858a7e7b
-
SHA512
3de193a6f9a748aa1b63a60742b3eba2fae968fe94df661c88e32b9cf4cd6603a45cbed98935a041c6f3c99d3c928db447cfea963d5d4e688b3537765a6bf877
-
SSDEEP
393216:neMEfdEcelOQOO+BYR1+HpuL4zocIoMlRe33ekuzlx4V9Os54GKzl7hx01rRhqL:EEcelOq5R1+H04zTIoMlRezuRxCY3fhZ
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2