General
-
Target
fe82de1e3d236da5ebc0cdba5719b8e2_JaffaCakes118
-
Size
12.9MB
-
Sample
240929-pgz7lstgnm
-
MD5
fe82de1e3d236da5ebc0cdba5719b8e2
-
SHA1
015a4567ebd4bbf983a98559000641af219ee43e
-
SHA256
5d8844891bfc23e34b140ccf68811f4156058b00bed0d364d712284b3ee6334d
-
SHA512
055123a19c211e58c54904ffdd72840a8ad81e733c74d03b540ecb8cbbeca0f4fd4cfb949aab26f9fe5b00c162b7e272a27ef20eea1887668d3fb83d9327be53
-
SSDEEP
393216:rOTUqXy7jIAVhpJB/T2/QCbkEXpAe2W6o:C7ifIcpJxPcAxs
Malware Config
Targets
-
-
Target
fe82de1e3d236da5ebc0cdba5719b8e2_JaffaCakes118
-
Size
12.9MB
-
MD5
fe82de1e3d236da5ebc0cdba5719b8e2
-
SHA1
015a4567ebd4bbf983a98559000641af219ee43e
-
SHA256
5d8844891bfc23e34b140ccf68811f4156058b00bed0d364d712284b3ee6334d
-
SHA512
055123a19c211e58c54904ffdd72840a8ad81e733c74d03b540ecb8cbbeca0f4fd4cfb949aab26f9fe5b00c162b7e272a27ef20eea1887668d3fb83d9327be53
-
SSDEEP
393216:rOTUqXy7jIAVhpJB/T2/QCbkEXpAe2W6o:C7ifIcpJxPcAxs
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
-
-
Target
oppo_game_service_201004.so
-
Size
2.3MB
-
MD5
3b6a661f348a9c1c166ba70ea4b8bd17
-
SHA1
9f38786fe161673ebdf248166fdbf16fbc53206f
-
SHA256
fbaf39b712004d5bc4b8ef8f6bf48d389925f4fe70d724af6991017a72ebb473
-
SHA512
7f34d8283dded8e5e390db0b791673c729dbce4926e5868b0f83a8b90627bc1377c93b966bff94fd27d64c9876bd0ee6d083da11e2f2ae2434661a375bd32913
-
SSDEEP
49152:jUXI5r2ywM9SYsGUnxptLHmOiN879lCoI4jyIuZjlON8hSIz4UQH+OSQJc:oQ4M9SYsjhHmO4Ml3I4Fu9lOoSXUQpry
Score1/10 -