General
-
Target
fcc0b7e7bfedb49f4786cb2c391dcd8a_JaffaCakes118
-
Size
4.7MB
-
Sample
240928-vj6easwgjj
-
MD5
fcc0b7e7bfedb49f4786cb2c391dcd8a
-
SHA1
1c9b8b0ea9ada6adb70288a8e88d991e63a47558
-
SHA256
b31705f05cb2b0687aabc3f6f989ab02ae04756eaa0204559b5f8333a70883de
-
SHA512
a49fd5a97661b753b7ab34e66b065a113f8b272f999110cfe955dbd2f00741c67707a754d6b91d91074077a3216812ea88a58ff57a0105b67915e3302f7074fa
-
SSDEEP
98304:Z6faoaWfTBiSRCA/S3MuxN1cLYjS+EdgkIZMVEHoHEfOySK:ZOaEgSRb/SHxD9EdgJiWokfOu
Malware Config
Targets
-
-
Target
fcc0b7e7bfedb49f4786cb2c391dcd8a_JaffaCakes118
-
Size
4.7MB
-
MD5
fcc0b7e7bfedb49f4786cb2c391dcd8a
-
SHA1
1c9b8b0ea9ada6adb70288a8e88d991e63a47558
-
SHA256
b31705f05cb2b0687aabc3f6f989ab02ae04756eaa0204559b5f8333a70883de
-
SHA512
a49fd5a97661b753b7ab34e66b065a113f8b272f999110cfe955dbd2f00741c67707a754d6b91d91074077a3216812ea88a58ff57a0105b67915e3302f7074fa
-
SSDEEP
98304:Z6faoaWfTBiSRCA/S3MuxN1cLYjS+EdgkIZMVEHoHEfOySK:ZOaEgSRb/SHxD9EdgJiWokfOu
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
1System Checks
1