General
-
Target
8b0205a0b2fa5dd6602cc49bfb48a761_JaffaCakes118
-
Size
4.7MB
-
Sample
241103-mjf6ea1hqh
-
MD5
8b0205a0b2fa5dd6602cc49bfb48a761
-
SHA1
b9db2c31071957dbd123ed4d2926a31ce74be768
-
SHA256
bb7d1c09e0ebbb62f185f204b0de4c7cd0d48fb83925c7fda95b2d27ab50343c
-
SHA512
5d7f56d5cfc45bfba6434a2301a5e8aa9c82649fb9ff6666a11a213e2cd957840401e5a9224d88cb371981a3fc2f0d700ec9e127e630d8b4734e5528347cdfc8
-
SSDEEP
98304:yhAZhGOMKYo3LqMrVuqo7DAY+ST2UHTZOoPt8lmJIBvLZTVal:5Zh1MKYo3FQj7DAjUZOoPthJIBXy
Static task
static1
Behavioral task
behavioral1
Sample
8b0205a0b2fa5dd6602cc49bfb48a761_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
lyhtgh.mn.ltplugin_v1023.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral3
Sample
lyhtgh.mn.ltplugin_v1023.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral4
Sample
lyhtgh.mn.ltplugin_v1023.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral5
Sample
unicom_resource.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral6
Sample
unicom_resource.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral7
Sample
unicom_resource.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Targets
-
-
Target
8b0205a0b2fa5dd6602cc49bfb48a761_JaffaCakes118
-
Size
4.7MB
-
MD5
8b0205a0b2fa5dd6602cc49bfb48a761
-
SHA1
b9db2c31071957dbd123ed4d2926a31ce74be768
-
SHA256
bb7d1c09e0ebbb62f185f204b0de4c7cd0d48fb83925c7fda95b2d27ab50343c
-
SHA512
5d7f56d5cfc45bfba6434a2301a5e8aa9c82649fb9ff6666a11a213e2cd957840401e5a9224d88cb371981a3fc2f0d700ec9e127e630d8b4734e5528347cdfc8
-
SSDEEP
98304:yhAZhGOMKYo3LqMrVuqo7DAY+ST2UHTZOoPt8lmJIBvLZTVal:5Zh1MKYo3FQj7DAjUZOoPthJIBXy
Score7/10-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of SMS inbox messages.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
-
-
Target
lyhtgh.mn.ltplugin_v1023.pl
-
Size
145KB
-
MD5
278e8100ea1ee2c466d55451e87cef73
-
SHA1
8347d2b269f74841ca92cef51d450ed953d73aaa
-
SHA256
06d08532287fc6a934aba8d5a361eb83e4d7a1c8cde4f6663ab2746e4fc09a38
-
SHA512
3e7fcf245a07ce8e03a78f75835c30e0b0f270e68987f85b92aa97f7b0894d73702ebdd80372cddea310a52624db1ccf65125399b6bf218dbd717ad053dec088
-
SSDEEP
3072:oxUD4XoHRfdDehWRT3ZI2c9CvcLUswbaTqM2r1vjKIjCB94PXZ:h4oBda8TXc8v0UsjTQJjtCu
Score1/10 -
-
-
Target
unicom_resource.dat
-
Size
41KB
-
MD5
1099cc55782e9dfbea4df0cc9c42e8af
-
SHA1
c398368af914bbc35187b15201ab9b10de3f0592
-
SHA256
7ae180774a4f784d4ebc21650295cea6269d0c4a1884a5af815930ee47553279
-
SHA512
e6dcdac4c51042db8a91f25cf9d1461c0b4284a5138086fb3264e7090840aa6ca144f18e7bc498d0ecd1d131804193d94bdf471e8ada15f7b30b2bb8359adef8
-
SSDEEP
768:R8gYCYCpONOKIfwiFWAkEsDVop56mAOvuGMC21q0dkHj:9PRpO4KsOOvuG3+dkD
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2