General
-
Target
01c6dc177410968e5fecafe08fa5ba83_JaffaCakes118
-
Size
1.2MB
-
Sample
240930-rm127sterc
-
MD5
01c6dc177410968e5fecafe08fa5ba83
-
SHA1
2465abd62a295f7e5a47c39748703aaa4b16c25e
-
SHA256
048938dec6a2e42afbe9f6e3a54ce9d231f9aa09ecbf7d9cbdeb976e820770e9
-
SHA512
fc2c11ec82fca19d45fc3e3c0c323fbe21538969240544f6896d24711be68fa759a3fc5eedd9935f130a33e5ab525a4886fe7072de289f1afe54b5da1981f57c
-
SSDEEP
24576:kOBQog9RS9NJhKqq9nMJU3LS1vQ02HSTTiA7WPq:k8+S9N/xq9nEI0wATt7t
Malware Config
Targets
-
-
Target
01c6dc177410968e5fecafe08fa5ba83_JaffaCakes118
-
Size
1.2MB
-
MD5
01c6dc177410968e5fecafe08fa5ba83
-
SHA1
2465abd62a295f7e5a47c39748703aaa4b16c25e
-
SHA256
048938dec6a2e42afbe9f6e3a54ce9d231f9aa09ecbf7d9cbdeb976e820770e9
-
SHA512
fc2c11ec82fca19d45fc3e3c0c323fbe21538969240544f6896d24711be68fa759a3fc5eedd9935f130a33e5ab525a4886fe7072de289f1afe54b5da1981f57c
-
SSDEEP
24576:kOBQog9RS9NJhKqq9nMJU3LS1vQ02HSTTiA7WPq:k8+S9N/xq9nEI0wATt7t
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator.
-