962cd44167327a1e65201ef3ef151fc5f6134daf63a579a754b8bff03d50046f

General

Target

d528d5b1a22504b83d91bae233ab586a_JaffaCakes118
Size

26.7MB
Sample

240908-1wbncaxdkk
MD5

d528d5b1a22504b83d91bae233ab586a
SHA1

07433d49a2b386a9620ee8216962cac30e597fd9
SHA256

962cd44167327a1e65201ef3ef151fc5f6134daf63a579a754b8bff03d50046f
SHA512

9523619f3c118e1ce97533cf3f187f292a3462f4b2810caa9a7653dd63073ee2fe6c84f3d1f3955705a21c111b4362431c08aded6703b0b484fd8685f5cb49eb
SSDEEP

393216:kmoVFh4rF0BtHpEsOehoty2EYSuYHrRyNsnBHpDAhknwV1J77IkD0d9cVA:kXFhm0LHpwec4HyNOHpDhnwVfWd9Z

Score

7^/10

Malware Config

Targets

- Target
  
  d528d5b1a22504b83d91bae233ab586a_JaffaCakes118
- Size
  
  26.7MB
- MD5
  
  d528d5b1a22504b83d91bae233ab586a
- SHA1
  
  07433d49a2b386a9620ee8216962cac30e597fd9
- SHA256
  
  962cd44167327a1e65201ef3ef151fc5f6134daf63a579a754b8bff03d50046f
- SHA512
  
  9523619f3c118e1ce97533cf3f187f292a3462f4b2810caa9a7653dd63073ee2fe6c84f3d1f3955705a21c111b4362431c08aded6703b0b484fd8685f5cb49eb
- SSDEEP
  
  393216:kmoVFh4rF0BtHpEsOehoty2EYSuYHrRyNsnBHpDAhknwV1J77IkD0d9cVA:kXFhm0LHpwec4HyNOHpDhnwVfWd9Z
Score

7^/10

collection discovery evasion impact persistence
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Requests cell location
  Uses Android APIs to to get current cell information.
  collection discovery
- Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Reads information about phone network operator.
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1
- Target
  
  unicom_channel_resource.dat
- Size
  
  28KB
- MD5
  
  af566108ab40330c1c97f8c54fae3c83
- SHA1
  
  6754244194eeed6aa426105563797b93852d5406
- SHA256
  
  3e1b5149777df0b31e00c53e3d0a7bc7b8041299ff44ae28e14a843e3ba24c6c
- SHA512
  
  115c32bc47c49e94bd9ce28ed579ba461dfe29aa3b6fc869d1810b61de84eff399f53570fadad08dc95316b82446e3e4b696913db71edf4c133e62e323b8c359
- SSDEEP
  
  768:vgmYNoDKahCyhzLEXiFWAkEsDVop56mTCZbOnih:vCNCKafhf8gih
Score

1^/10
behavioral2 behavioral3 behavioral4
- Target
  
  unicom_resource.dat
- Size
  
  110KB
- MD5
  
  31fbb28feeef6aecc7fd4c74374bb71b
- SHA1
  
  c3d83ea4e6f9e490efac6ca73db3ba314da1b6c5
- SHA256
  
  5d60f1abd1dd0ee3761dffcb27c36e6a538bf7e28f5c208e8d74d2394dc42b67
- SHA512
  
  e7e9563840836973153fba6f11c7d1a5b7066680d4f23194328b8ebae64924bc510d5a604adb62584824d5b6e528bd207a785f52be75395587d6a3341329a7b3
- SSDEEP
  
  1536:7amaCvrgOZgdG2az4LnyH25aU3/k27yluevqIJwzqvl2PSZ63:7jrgGSGIjM25a2/luAIJJFk
Score

1^/10
behavioral5 behavioral6 behavioral7