General
-
Target
de60660f479cf8a951234cb91a83097a_JaffaCakes118
-
Size
12.0MB
-
Sample
240913-rjjnratdjp
-
MD5
de60660f479cf8a951234cb91a83097a
-
SHA1
932aa644af6e94bf96c931ae1f0f87af84f12664
-
SHA256
2b122cdf2a84a2ca8b030b76bfaf4f541b82dabbd34742e39a0265bf69048b71
-
SHA512
fadd8ba9e61c08fb10f5dfd1a9d9b59813d0a5405719eadca950fcdea47ee36a8c1c37d4bf86e1220ecaef088cfe4db1743f8822e0a82f2f2df0655dd2e11b83
-
SSDEEP
393216:f9j8k68NTmPi4KQqWIQ8yMBIwRTur2ksEVJ:fB8k68NsMOwp2v3
Malware Config
Targets
-
-
Target
de60660f479cf8a951234cb91a83097a_JaffaCakes118
-
Size
12.0MB
-
MD5
de60660f479cf8a951234cb91a83097a
-
SHA1
932aa644af6e94bf96c931ae1f0f87af84f12664
-
SHA256
2b122cdf2a84a2ca8b030b76bfaf4f541b82dabbd34742e39a0265bf69048b71
-
SHA512
fadd8ba9e61c08fb10f5dfd1a9d9b59813d0a5405719eadca950fcdea47ee36a8c1c37d4bf86e1220ecaef088cfe4db1743f8822e0a82f2f2df0655dd2e11b83
-
SSDEEP
393216:f9j8k68NTmPi4KQqWIQ8yMBIwRTur2ksEVJ:fB8k68NsMOwp2v3
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Acquires the wake lock
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Checks the presence of a debugger
-