General
-
Target
70240b62ea477e47abdafb26e924f01b_JaffaCakes118
-
Size
16.0MB
-
Sample
241023-whncrssgke
-
MD5
70240b62ea477e47abdafb26e924f01b
-
SHA1
876ecd00a5bd97e54086764039ac713fb1a1499f
-
SHA256
ec7e2338bfec3b91c03cfdc9fe33e9c36b22b19cb898aba331613de768c82a51
-
SHA512
bac9b0cd37e38c9a1ace1b79c1cb45b38fd3e3d8108afc52694a915e705ef284230a10fd5b440e35173cfa20d7428b4f0b5731c32dd5f8702b81c46a55b69fe8
-
SSDEEP
393216:WacfKqQNIxd/xMzaZLN9KT6FLWf4v0PGiQEC1wgD5sGpuC2JohR:VcSqeIDJgaZLN9y1foqQ9V24R
Malware Config
Targets
-
-
Target
70240b62ea477e47abdafb26e924f01b_JaffaCakes118
-
Size
16.0MB
-
MD5
70240b62ea477e47abdafb26e924f01b
-
SHA1
876ecd00a5bd97e54086764039ac713fb1a1499f
-
SHA256
ec7e2338bfec3b91c03cfdc9fe33e9c36b22b19cb898aba331613de768c82a51
-
SHA512
bac9b0cd37e38c9a1ace1b79c1cb45b38fd3e3d8108afc52694a915e705ef284230a10fd5b440e35173cfa20d7428b4f0b5731c32dd5f8702b81c46a55b69fe8
-
SSDEEP
393216:WacfKqQNIxd/xMzaZLN9KT6FLWf4v0PGiQEC1wgD5sGpuC2JohR:VcSqeIDJgaZLN9y1foqQ9V24R
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
3System Checks
3