3048394244077b9f48e0f3d9373e66276f3c0967069f5a0ad463f1c9f47d7a52 | Triage

Sharing

General

Target

cf9853b127733742caad09b46d2593a1_JaffaCakes118
Size

6.2MB
Sample

240906-qallbaxenq
MD5

cf9853b127733742caad09b46d2593a1
SHA1

719d29127194e753089c5dfe370bd940cf1b1224
SHA256

3048394244077b9f48e0f3d9373e66276f3c0967069f5a0ad463f1c9f47d7a52
SHA512

32db3dbe6d23f8a90cc878e332e675f8f884cfd3a3fbd1d0c8fab3a381bfb22e2413985dae5375e194194308d711d1c1bd8f1c5e272bdc94109f8e07dab7dc03
SSDEEP

98304:4ZVaW80Y/9sSjsBdqXMZi4y2P1itD2CPjaKB1gWSt18ACnJUvmrjj5v5AX4caDkL:VzWSYTqXOiJkMFx1gWMhCsWj1s4caTYH

Score

6^/10

android discovery

Malware Config

Targets

- Target
  
  cf9853b127733742caad09b46d2593a1_JaffaCakes118
- Size
  
  6.2MB
- MD5
  
  cf9853b127733742caad09b46d2593a1
- SHA1
  
  719d29127194e753089c5dfe370bd940cf1b1224
- SHA256
  
  3048394244077b9f48e0f3d9373e66276f3c0967069f5a0ad463f1c9f47d7a52
- SHA512
  
  32db3dbe6d23f8a90cc878e332e675f8f884cfd3a3fbd1d0c8fab3a381bfb22e2413985dae5375e194194308d711d1c1bd8f1c5e272bdc94109f8e07dab7dc03
- SSDEEP
  
  98304:4ZVaW80Y/9sSjsBdqXMZi4y2P1itD2CPjaKB1gWSt18ACnJUvmrjj5v5AX4caDkL:VzWSYTqXOiJkMFx1gWMhCsWj1s4caTYH
Score

6^/10

discovery
- Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2