General
-
Target
158b43f642267d04b9dc62a040ba6683_JaffaCakes118
-
Size
788KB
-
Sample
241005-a96grswcnq
-
MD5
158b43f642267d04b9dc62a040ba6683
-
SHA1
df6905b26bab47e30e960f0f91d6a1be428b37ca
-
SHA256
78284ef5c79c1024ac56944e68e830d5a90a02791bc7b27739846eef5220032f
-
SHA512
fbfa8967d4f3224109f473998df76beac4a853785911317dd244403dfdf9513290fc6ea291ae5beff07fee0d7f61b5bead68fc2f82c28716459e3372e3fc7709
-
SSDEEP
12288:LTCFcQMJaNXTgyWdj6DWMuQ678brqhbdmILQ1pC2J17PKQFb+:6FcQNjgcWMuPm2bIILQK2n7HK
Malware Config
Targets
-
-
Target
158b43f642267d04b9dc62a040ba6683_JaffaCakes118
-
Size
788KB
-
MD5
158b43f642267d04b9dc62a040ba6683
-
SHA1
df6905b26bab47e30e960f0f91d6a1be428b37ca
-
SHA256
78284ef5c79c1024ac56944e68e830d5a90a02791bc7b27739846eef5220032f
-
SHA512
fbfa8967d4f3224109f473998df76beac4a853785911317dd244403dfdf9513290fc6ea291ae5beff07fee0d7f61b5bead68fc2f82c28716459e3372e3fc7709
-
SSDEEP
12288:LTCFcQMJaNXTgyWdj6DWMuQ678brqhbdmILQ1pC2J17PKQFb+:6FcQNjgcWMuPm2bIILQK2n7HK
Score7/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of SMS inbox messages.
-
Reads the content of the SMS messages.
-
Acquires the wake lock
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-