General

  • Target

    8a23c7a76c690d1b7b0d7405473fb1be_JaffaCakes118

  • Size

    7.0MB

  • Sample

    241103-hlzy3sxmby

  • MD5

    8a23c7a76c690d1b7b0d7405473fb1be

  • SHA1

    ba06a09f29693ef6d6839520e2c829a489bd7e39

  • SHA256

    fa398c01ffd60fc8f8c8020bf4163a2fd2d5f9d531ef8298e48459ccc837d7f9

  • SHA512

    755466f4bf7c81d47bd8971f182c40c4cbb10a913f307d01452b2d6e1e79b28d5478b6f4b31ed4111fc30e0e01b6a9cd97d780a68822f65955375bf625514344

  • SSDEEP

    196608:RnZZcZeHS9DuWl2w5q+IXoym76MrPBwZZ0Oz3nyAc8nicpzRdY:heey9DNl2ebiL13nyAcmichRdY

Malware Config

Targets

    • Target

      8a23c7a76c690d1b7b0d7405473fb1be_JaffaCakes118

    • Size

      7.0MB

    • MD5

      8a23c7a76c690d1b7b0d7405473fb1be

    • SHA1

      ba06a09f29693ef6d6839520e2c829a489bd7e39

    • SHA256

      fa398c01ffd60fc8f8c8020bf4163a2fd2d5f9d531ef8298e48459ccc837d7f9

    • SHA512

      755466f4bf7c81d47bd8971f182c40c4cbb10a913f307d01452b2d6e1e79b28d5478b6f4b31ed4111fc30e0e01b6a9cd97d780a68822f65955375bf625514344

    • SSDEEP

      196608:RnZZcZeHS9DuWl2w5q+IXoym76MrPBwZZ0Oz3nyAc8nicpzRdY:heey9DNl2ebiL13nyAcmichRdY

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads the content of the SMS messages.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks