b3837544e557b26f031e063f4fa5f54ebf4fbc807574453130afcfa96ff2a71a | Triage

Sharing

General

Target

046e38e9e19ae927ea33e8b6494e3e13_JaffaCakes118
Size

5.7MB
Sample

241001-fg9ava1fqj
MD5

046e38e9e19ae927ea33e8b6494e3e13
SHA1

a662f98c3214f329ed547cdd742be60193c7e464
SHA256

b3837544e557b26f031e063f4fa5f54ebf4fbc807574453130afcfa96ff2a71a
SHA512

a025ac8739ec89b672745945b3de745e23ba25dc2211d3d1e20015202dbfbc6869deddcf0faf3998d36d905cd1dfc0ddeb743b4faaa326aeee8565428f058459
SSDEEP

49152:qazh0eheCDUnZign0f/VlwjB4Zpq8qoniptX:PxvN1lwwpqO4

Score

6^/10

android discovery

Malware Config

Targets

- Target
  
  046e38e9e19ae927ea33e8b6494e3e13_JaffaCakes118
- Size
  
  5.7MB
- MD5
  
  046e38e9e19ae927ea33e8b6494e3e13
- SHA1
  
  a662f98c3214f329ed547cdd742be60193c7e464
- SHA256
  
  b3837544e557b26f031e063f4fa5f54ebf4fbc807574453130afcfa96ff2a71a
- SHA512
  
  a025ac8739ec89b672745945b3de745e23ba25dc2211d3d1e20015202dbfbc6869deddcf0faf3998d36d905cd1dfc0ddeb743b4faaa326aeee8565428f058459
- SSDEEP
  
  49152:qazh0eheCDUnZign0f/VlwjB4Zpq8qoniptX:PxvN1lwwpqO4
Score

6^/10

discovery
- Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3