General

  • Target

    85ba0d20e34099f6732c82ebbbc3a201_JaffaCakes118

  • Size

    5.5MB

  • Sample

    241102-qy2mfaymam

  • MD5

    85ba0d20e34099f6732c82ebbbc3a201

  • SHA1

    91c1877925ef789da9b460c9ce726eab5b6c920b

  • SHA256

    1e62dbb36f75c82c79a7890cc63d61737aa6d9d29667d6913f9f3b7a6fc80c3e

  • SHA512

    b2b436fb5f849bf0ee68f0793b4a3b92163589ddf27a37d698774fbda3f10708352af57b729b9a696f1d3492776157c3833a5b179e3f219d0fd52c6c42bbfbed

  • SSDEEP

    98304:s5ZcZDaDCV5xvzE32s22aS6JAMleF1gBcpO1D3Nl4ImwgW1DO0XV49nyTZ49fV:snW6CTBk2U8tW1gBcpelS860gyTZid

Malware Config

Targets

    • Target

      85ba0d20e34099f6732c82ebbbc3a201_JaffaCakes118

    • Size

      5.5MB

    • MD5

      85ba0d20e34099f6732c82ebbbc3a201

    • SHA1

      91c1877925ef789da9b460c9ce726eab5b6c920b

    • SHA256

      1e62dbb36f75c82c79a7890cc63d61737aa6d9d29667d6913f9f3b7a6fc80c3e

    • SHA512

      b2b436fb5f849bf0ee68f0793b4a3b92163589ddf27a37d698774fbda3f10708352af57b729b9a696f1d3492776157c3833a5b179e3f219d0fd52c6c42bbfbed

    • SSDEEP

      98304:s5ZcZDaDCV5xvzE32s22aS6JAMleF1gBcpO1D3Nl4ImwgW1DO0XV49nyTZ49fV:snW6CTBk2U8tW1gBcpelS860gyTZid

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries the phone number (MSISDN for GSM devices)

    • Reads the content of SMS inbox messages.

    • Reads the content of the SMS messages.

    • Acquires the wake lock

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks