General

  • Target

    5316564732ba8ac0b1c8e70c0a2ac29d_JaffaCakes118

  • Size

    1.8MB

  • Sample

    241017-w5wyessanp

  • MD5

    5316564732ba8ac0b1c8e70c0a2ac29d

  • SHA1

    8d687e0367fee21c829f9bb984cb54bfb8c60cd0

  • SHA256

    299a3661c1883c4d82b583850bfe4044162b3a69b146324ac959bb1b0eb5a889

  • SHA512

    7a9f68bfbd76b8bdbf62335094ca89c4ea40a24ef0f591bbb3dc8b95832954244e3b0c3bfd9aa3c515a05b5ec9da725d4200ed747455482a113c4759373c99ec

  • SSDEEP

    49152:Aa/z4rZf7T9BALFSBfynKppzZpkoTMYNwmO4QiCnI:Aab4ptBfHpz/kenNwmO4QiUI

Malware Config

Targets

    • Target

      5316564732ba8ac0b1c8e70c0a2ac29d_JaffaCakes118

    • Size

      1.8MB

    • MD5

      5316564732ba8ac0b1c8e70c0a2ac29d

    • SHA1

      8d687e0367fee21c829f9bb984cb54bfb8c60cd0

    • SHA256

      299a3661c1883c4d82b583850bfe4044162b3a69b146324ac959bb1b0eb5a889

    • SHA512

      7a9f68bfbd76b8bdbf62335094ca89c4ea40a24ef0f591bbb3dc8b95832954244e3b0c3bfd9aa3c515a05b5ec9da725d4200ed747455482a113c4759373c99ec

    • SSDEEP

      49152:Aa/z4rZf7T9BALFSBfynKppzZpkoTMYNwmO4QiCnI:Aab4ptBfHpz/kenNwmO4QiUI

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries the phone number (MSISDN for GSM devices)

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks