29fe9e0642afb8424d0d89befd15a1a02c89f74f435ce0afef065f6b9b8faf8a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb8791ff70b2ef27d87a277b62c8cb48_JaffaCakes118
Size

23.3MB
Sample

240928-fdypyazfqb
MD5

fb8791ff70b2ef27d87a277b62c8cb48
SHA1

bde2c75a048163f18eea4cb5c3a9be9f2242c969
SHA256

29fe9e0642afb8424d0d89befd15a1a02c89f74f435ce0afef065f6b9b8faf8a
SHA512

b803b7f614a19f1da6aa6b606e7f539aff667a0c65baa9852d7fbf1b42382ff27699d0edb7ec84a9ff1c2673d8456e30d8e708a99989260e0f522cf6c454715e
SSDEEP

393216:ndz3ugOIVzCW4LRNnry2INwXSmo8J0nJ9VO1YDMZmlCnCDTV4NevnGFhXdcZho8x:dz3bOKzCW4Lfr+rmFaJ9sYDMZoDDTV4a

Score

6^/10

android discovery

Malware Config

Targets

- Target
  
  fb8791ff70b2ef27d87a277b62c8cb48_JaffaCakes118
- Size
  
  23.3MB
- MD5
  
  fb8791ff70b2ef27d87a277b62c8cb48
- SHA1
  
  bde2c75a048163f18eea4cb5c3a9be9f2242c969
- SHA256
  
  29fe9e0642afb8424d0d89befd15a1a02c89f74f435ce0afef065f6b9b8faf8a
- SHA512
  
  b803b7f614a19f1da6aa6b606e7f539aff667a0c65baa9852d7fbf1b42382ff27699d0edb7ec84a9ff1c2673d8456e30d8e708a99989260e0f522cf6c454715e
- SSDEEP
  
  393216:ndz3ugOIVzCW4LRNnry2INwXSmo8J0nJ9VO1YDMZmlCnCDTV4NevnGFhXdcZho8x:dz3bOKzCW4Lfr+rmFaJ9sYDMZoDDTV4a
Score

6^/10

discovery
- Acquires the wake lock
- Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Reads information about phone network operator.
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1