General

  • Target

    8b0205a0b2fa5dd6602cc49bfb48a761_JaffaCakes118

  • Size

    4.7MB

  • Sample

    241103-mjf6ea1hqh

  • MD5

    8b0205a0b2fa5dd6602cc49bfb48a761

  • SHA1

    b9db2c31071957dbd123ed4d2926a31ce74be768

  • SHA256

    bb7d1c09e0ebbb62f185f204b0de4c7cd0d48fb83925c7fda95b2d27ab50343c

  • SHA512

    5d7f56d5cfc45bfba6434a2301a5e8aa9c82649fb9ff6666a11a213e2cd957840401e5a9224d88cb371981a3fc2f0d700ec9e127e630d8b4734e5528347cdfc8

  • SSDEEP

    98304:yhAZhGOMKYo3LqMrVuqo7DAY+ST2UHTZOoPt8lmJIBvLZTVal:5Zh1MKYo3FQj7DAjUZOoPthJIBXy

Malware Config

Targets

    • Target

      8b0205a0b2fa5dd6602cc49bfb48a761_JaffaCakes118

    • Size

      4.7MB

    • MD5

      8b0205a0b2fa5dd6602cc49bfb48a761

    • SHA1

      b9db2c31071957dbd123ed4d2926a31ce74be768

    • SHA256

      bb7d1c09e0ebbb62f185f204b0de4c7cd0d48fb83925c7fda95b2d27ab50343c

    • SHA512

      5d7f56d5cfc45bfba6434a2301a5e8aa9c82649fb9ff6666a11a213e2cd957840401e5a9224d88cb371981a3fc2f0d700ec9e127e630d8b4734e5528347cdfc8

    • SSDEEP

      98304:yhAZhGOMKYo3LqMrVuqo7DAY+ST2UHTZOoPt8lmJIBvLZTVal:5Zh1MKYo3FQj7DAjUZOoPthJIBXy

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries the phone number (MSISDN for GSM devices)

    • Reads the content of SMS inbox messages.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Target

      lyhtgh.mn.ltplugin_v1023.pl

    • Size

      145KB

    • MD5

      278e8100ea1ee2c466d55451e87cef73

    • SHA1

      8347d2b269f74841ca92cef51d450ed953d73aaa

    • SHA256

      06d08532287fc6a934aba8d5a361eb83e4d7a1c8cde4f6663ab2746e4fc09a38

    • SHA512

      3e7fcf245a07ce8e03a78f75835c30e0b0f270e68987f85b92aa97f7b0894d73702ebdd80372cddea310a52624db1ccf65125399b6bf218dbd717ad053dec088

    • SSDEEP

      3072:oxUD4XoHRfdDehWRT3ZI2c9CvcLUswbaTqM2r1vjKIjCB94PXZ:h4oBda8TXc8v0UsjTQJjtCu

    Score
    1/10
    • Target

      unicom_resource.dat

    • Size

      41KB

    • MD5

      1099cc55782e9dfbea4df0cc9c42e8af

    • SHA1

      c398368af914bbc35187b15201ab9b10de3f0592

    • SHA256

      7ae180774a4f784d4ebc21650295cea6269d0c4a1884a5af815930ee47553279

    • SHA512

      e6dcdac4c51042db8a91f25cf9d1461c0b4284a5138086fb3264e7090840aa6ca144f18e7bc498d0ecd1d131804193d94bdf471e8ada15f7b30b2bb8359adef8

    • SSDEEP

      768:R8gYCYCpONOKIfwiFWAkEsDVop56mAOvuGMC21q0dkHj:9PRpO4KsOOvuG3+dkD

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks