cc2da8612ec67cf94a1be44728240964dc3af5a95a7b21d17cecbb22172fbae0 | Triage

Sharing

General

Target

3a3fdde311455408b0a0adc593659a14_JaffaCakes118
Size

1.4MB
Sample

241012-qnzebssflf
MD5

3a3fdde311455408b0a0adc593659a14
SHA1

6d4f8bd05784e899172438b99165a8143be1fb46
SHA256

cc2da8612ec67cf94a1be44728240964dc3af5a95a7b21d17cecbb22172fbae0
SHA512

ecd85dda588f56bb57a85732a46c1e11b74b4cd3769d45081adc7c86696a54994d885d611808955f3b58e9c62551c0b7742e585132acdf709cfba34efbb8c973
SSDEEP

24576:yXiBwJzA8hP2wAEGBCrV3Nl+/ThCHw8a5uJl5pE3OuE8:ZwJBPfCwTlYhCHzaEl5GxE8

Score

7^/10

android discovery

Malware Config

Targets

- Target
  
  3a3fdde311455408b0a0adc593659a14_JaffaCakes118
- Size
  
  1.4MB
- MD5
  
  3a3fdde311455408b0a0adc593659a14
- SHA1
  
  6d4f8bd05784e899172438b99165a8143be1fb46
- SHA256
  
  cc2da8612ec67cf94a1be44728240964dc3af5a95a7b21d17cecbb22172fbae0
- SHA512
  
  ecd85dda588f56bb57a85732a46c1e11b74b4cd3769d45081adc7c86696a54994d885d611808955f3b58e9c62551c0b7742e585132acdf709cfba34efbb8c973
- SSDEEP
  
  24576:yXiBwJzA8hP2wAEGBCrV3Nl+/ThCHw8a5uJl5pE3OuE8:ZwJBPfCwTlYhCHzaEl5GxE8
Score

7^/10

discovery
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Reads information about phone network operator.
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1