General
-
Target
2dab73bf9a9c54a7c9387b04396a54fc_JaffaCakes118
-
Size
1.8MB
-
Sample
241009-j2hv6s1ejd
-
MD5
2dab73bf9a9c54a7c9387b04396a54fc
-
SHA1
bc192b3dbbe757b509c9c578292bb2f39f107c2b
-
SHA256
4901a28190643c783fbac88dc77099df4e57a24f1b0f8a572bad2b8943cfeeb5
-
SHA512
202c25156a069d9f862fffcf5a651dac30c0a73fc817aef8bb49fbfe50e0bd8ba3d7addbfe80256f6fa19e0d63cdfbd21bbbcd786bb7cea092d4ddd42fff486f
-
SSDEEP
49152:fkAjLF64/YRrfTCNoYAk+r8TSR4SMKZyYm6Mlxo/ppfZ:fkAPc4afcoYAhrqqMKZZmrDU
Malware Config
Targets
-
-
Target
2dab73bf9a9c54a7c9387b04396a54fc_JaffaCakes118
-
Size
1.8MB
-
MD5
2dab73bf9a9c54a7c9387b04396a54fc
-
SHA1
bc192b3dbbe757b509c9c578292bb2f39f107c2b
-
SHA256
4901a28190643c783fbac88dc77099df4e57a24f1b0f8a572bad2b8943cfeeb5
-
SHA512
202c25156a069d9f862fffcf5a651dac30c0a73fc817aef8bb49fbfe50e0bd8ba3d7addbfe80256f6fa19e0d63cdfbd21bbbcd786bb7cea092d4ddd42fff486f
-
SSDEEP
49152:fkAjLF64/YRrfTCNoYAk+r8TSR4SMKZyYm6Mlxo/ppfZ:fkAPc4afcoYAhrqqMKZZmrDU
Score7/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of SMS inbox messages.
-
Reads the content of the SMS messages.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-