General

  • Target

    4437714366502f5353cc50e87001e251_JaffaCakes118

  • Size

    1.1MB

  • Sample

    241014-z32yfawhpa

  • MD5

    4437714366502f5353cc50e87001e251

  • SHA1

    bddbb9a7c34f8f7e4c08bb5a5facca28c8b3a491

  • SHA256

    3fc1cfc45bd514cb239bf9a03c36dce5424772a06537b8d04cd8f423f02abe60

  • SHA512

    4b18f5a5025909b09e93186e9bcce52c51b209f6193bdce545552d7b1a3ab1db55007ad07aa85f84995f865034edb0e5c06e1500a32bdd115e5bf074e1af1085

  • SSDEEP

    24576:if0saQXQU+bmpWgAVosXSfwj/BC8gMmDRD:PQX1+bQU6sXSfwdFGRD

Malware Config

Targets

    • Target

      4437714366502f5353cc50e87001e251_JaffaCakes118

    • Size

      1.1MB

    • MD5

      4437714366502f5353cc50e87001e251

    • SHA1

      bddbb9a7c34f8f7e4c08bb5a5facca28c8b3a491

    • SHA256

      3fc1cfc45bd514cb239bf9a03c36dce5424772a06537b8d04cd8f423f02abe60

    • SHA512

      4b18f5a5025909b09e93186e9bcce52c51b209f6193bdce545552d7b1a3ab1db55007ad07aa85f84995f865034edb0e5c06e1500a32bdd115e5bf074e1af1085

    • SSDEEP

      24576:if0saQXQU+bmpWgAVosXSfwj/BC8gMmDRD:PQX1+bQU6sXSfwdFGRD

    • Removes its main activity from the application launcher

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks