General

  • Target

    8605566a63e074e10da394bf59108fbe_JaffaCakes118

  • Size

    19.4MB

  • Sample

    241102-r9c9nawrbz

  • MD5

    8605566a63e074e10da394bf59108fbe

  • SHA1

    ee71cbf0c033947cb44a82cd9f560d477fe3399b

  • SHA256

    d1999e3281d5bf89e6194265852240303ced060756f7daca6d8ef7eed2602a6b

  • SHA512

    78ff9850e1076ac7a5a5a04014e564db495e4a7658c4f1b1b359955b67d686cfb4d31e33274126ac2246671aa211c808ad2ec4f8e23810f00e1d60412087fda7

  • SSDEEP

    393216:JBeG+5B8fd3XkQwTajV1rgh3Wbl76PwcueZujyf9Aa:LeGNfVXkrMghGbl76P7uesjyfP

Malware Config

Targets

    • Target

      8605566a63e074e10da394bf59108fbe_JaffaCakes118

    • Size

      19.4MB

    • MD5

      8605566a63e074e10da394bf59108fbe

    • SHA1

      ee71cbf0c033947cb44a82cd9f560d477fe3399b

    • SHA256

      d1999e3281d5bf89e6194265852240303ced060756f7daca6d8ef7eed2602a6b

    • SHA512

      78ff9850e1076ac7a5a5a04014e564db495e4a7658c4f1b1b359955b67d686cfb4d31e33274126ac2246671aa211c808ad2ec4f8e23810f00e1d60412087fda7

    • SSDEEP

      393216:JBeG+5B8fd3XkQwTajV1rgh3Wbl76PwcueZujyf9Aa:LeGNfVXkrMghGbl76P7uesjyfP

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Reads the content of photos stored on the user's device.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks