General

  • Target

    583f100323ed26b0f6eaeddd1f73c41a_JaffaCakes118

  • Size

    6.8MB

  • Sample

    241018-s4wdqaxaqq

  • MD5

    583f100323ed26b0f6eaeddd1f73c41a

  • SHA1

    8a27d444227769babfd3feed229b81c22ac08dd8

  • SHA256

    1d0b79d3c3346c66e464bd08e275b7cafcf91b4cdfc133ddd1617ab40a57f0e1

  • SHA512

    feebc9d78b131a0074daa655572a2bcdedf7d568144268eadaf0e6cec29b6c5d9def9730e3f81b05e79cb40427fddcee9b175bf5a944bb88a38c1bd5e456d33a

  • SSDEEP

    196608:+DHQMqQZd7xeuVcr73aLLsqqXr3q5LzicB:+0JQ/PVcXM6XTqJziQ

Malware Config

Targets

    • Target

      583f100323ed26b0f6eaeddd1f73c41a_JaffaCakes118

    • Size

      6.8MB

    • MD5

      583f100323ed26b0f6eaeddd1f73c41a

    • SHA1

      8a27d444227769babfd3feed229b81c22ac08dd8

    • SHA256

      1d0b79d3c3346c66e464bd08e275b7cafcf91b4cdfc133ddd1617ab40a57f0e1

    • SHA512

      feebc9d78b131a0074daa655572a2bcdedf7d568144268eadaf0e6cec29b6c5d9def9730e3f81b05e79cb40427fddcee9b175bf5a944bb88a38c1bd5e456d33a

    • SSDEEP

      196608:+DHQMqQZd7xeuVcr73aLLsqqXr3q5LzicB:+0JQ/PVcXM6XTqJziQ

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Acquires the wake lock

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks