General

  • Target

    526be06edea4e2e860adfe833b09dd51_JaffaCakes118

  • Size

    1.6MB

  • Sample

    241017-r9mhbsvflq

  • MD5

    526be06edea4e2e860adfe833b09dd51

  • SHA1

    e1d1bcf52b8b2e9487afbd4663a392e27dab1071

  • SHA256

    e36b4c5aaff9be0e99fedeae418a75c0cb0fa685c83aafe0fb3a1ea545c344c9

  • SHA512

    2392e30f5d170eba33e1b9f686eadf55c90538667d802159428d5cc89cac44aba283fb8a88e7fd11b212008f5650795f84872d6bbf2640304728c56561f9afbd

  • SSDEEP

    24576:fG5v6LWhxef9XymZMj30CYdj/YdMYjgFAxLQXu6bLIQK40bf4IrPD+LYsGwkcCn1:+5v6IMXy3e1/YdMex4uMK40MIzpiCn1

Malware Config

Targets

    • Target

      526be06edea4e2e860adfe833b09dd51_JaffaCakes118

    • Size

      1.6MB

    • MD5

      526be06edea4e2e860adfe833b09dd51

    • SHA1

      e1d1bcf52b8b2e9487afbd4663a392e27dab1071

    • SHA256

      e36b4c5aaff9be0e99fedeae418a75c0cb0fa685c83aafe0fb3a1ea545c344c9

    • SHA512

      2392e30f5d170eba33e1b9f686eadf55c90538667d802159428d5cc89cac44aba283fb8a88e7fd11b212008f5650795f84872d6bbf2640304728c56561f9afbd

    • SSDEEP

      24576:fG5v6LWhxef9XymZMj30CYdj/YdMYjgFAxLQXu6bLIQK40bf4IrPD+LYsGwkcCn1:+5v6IMXy3e1/YdMex4uMK40MIzpiCn1

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries the phone number (MSISDN for GSM devices)

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks