General

  • Target

    4a77aff65c0f6ec4e961a1bb6285ca31_JaffaCakes118

  • Size

    9.7MB

  • Sample

    241015-3c5heswgmp

  • MD5

    4a77aff65c0f6ec4e961a1bb6285ca31

  • SHA1

    6b99bdbf40ffc332d4edd08c9efea9151f8a07a3

  • SHA256

    56892ea3d02282d0b4c7a48b19ccd5ddb2ed4165ac742f34c444e754cb7d7e34

  • SHA512

    435f936c853607110132abfc4a281290751feca4ed18f6b09cd5cf984b79927836e3ad89db106867c5050dde306370ec4de8c565faf4e311575a9372f62faf88

  • SSDEEP

    196608:ta2YZfaepMIkVHMKH5k6pl8ueAFwusQ1HR8dpGbqHR8dpGbW+PpLYth:NYZfaepR85kuFwuJHR8fGbqHR8fGbJp2

Malware Config

Targets

    • Target

      4a77aff65c0f6ec4e961a1bb6285ca31_JaffaCakes118

    • Size

      9.7MB

    • MD5

      4a77aff65c0f6ec4e961a1bb6285ca31

    • SHA1

      6b99bdbf40ffc332d4edd08c9efea9151f8a07a3

    • SHA256

      56892ea3d02282d0b4c7a48b19ccd5ddb2ed4165ac742f34c444e754cb7d7e34

    • SHA512

      435f936c853607110132abfc4a281290751feca4ed18f6b09cd5cf984b79927836e3ad89db106867c5050dde306370ec4de8c565faf4e311575a9372f62faf88

    • SSDEEP

      196608:ta2YZfaepMIkVHMKH5k6pl8ueAFwusQ1HR8dpGbqHR8dpGbW+PpLYth:NYZfaepR85kuFwuJHR8fGbqHR8fGbJp2

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries the phone number (MSISDN for GSM devices)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks