0144888e87141eb3594cf4a4afcb54f6_JaffaCakes118

General

Target

0144888e87141eb3594cf4a4afcb54f6_JaffaCakes118
Size

532KB
MD5

0144888e87141eb3594cf4a4afcb54f6
SHA1

5675874b696b179c96f26924ab35ca352e49d9db
SHA256

890a73ee1dde15e6cd5332bf50b7de88e406b853b2f0646a47fc4490e28631f0
SHA512

b6e5bc0d9031f270c18d5bb0149b141c7a6bda0907bc2bf5567780362f411eef9e3ab9344f13d2889d1524c97e57d1adf8c879af7b4f0280fc622d5ee8d305f1
SSDEEP

12288:/7BhIKIB4gIgbCypdGkd6h0mUoLK1jARzvOSJtyJ:jBuKr/gbCF0mUoLKczvOq0J

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

0144888e87141eb3594cf4a4afcb54f6_JaffaCakes118
.apk android

com.cloud.android.sysinfo

.QSystemInfo

Activities

.QSystemInfo

android.intent.action.MAIN

com.dratwo.hzkj.Sora

android.intent.action.CREATE_SHORTCUT

Permissions

android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WAKE_LOCK
android.permission.VIBRATE
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.GET_PACKAGE_SIZE
android.permission.GET_TASKS
android.permission.RESTART_PACKAGES
android.permission.READ_LOGS
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

.WidgetProvider

android.appwidget.action.APPWIDGET_UPDATE

.WidgetProvider$TaskWidget

android.appwidget.action.APPWIDGET_UPDATE

.WidgetProvider$InfoWidget

android.appwidget.action.APPWIDGET_UPDATE

.QSystemInfo$BootReceiver

android.intent.action.BOOT_COMPLETED

com.dratwo.kg.DRe

android.intent.action.PACKAGE_ADDED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT

com.dratwo.hz.Cefr

android.intent.action.PACKAGE_ADDED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT

com.dratwo.hzkj.Sorr

android.intent.action.PACKAGE_ADDED
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE

com.dratwo.hzbl.Bonr

android.intent.action.PACKAGE_ADDED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT

com.dratwo.qs.sa

android.intent.action.PACKAGE_ADDED
android.net.conn.CONNECTIVITY_CHANGE
com.zdt.action.ALARM_ACTION
android.intent.action.USER_PRESENT

Services
BKit_out2
.apk android

Android Permissions

0144888e87141eb3594cf4a4afcb54f6_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WAKE_LOCK

android.permission.VIBRATE

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.GET_PACKAGE_SIZE

android.permission.GET_TASKS

android.permission.RESTART_PACKAGES

android.permission.READ_LOGS

android.permission.RECEIVE_BOOT_COMPLETED

Sharing

General

Malware Config

Signatures

Files

com.cloud.android.sysinfo

.QSystemInfo

Activities

.QSystemInfo

com.dratwo.hzkj.Sora

Permissions

Receivers

.WidgetProvider

.WidgetProvider$TaskWidget

.WidgetProvider$InfoWidget

.QSystemInfo$BootReceiver

com.dratwo.kg.DRe

com.dratwo.hz.Cefr

com.dratwo.hzkj.Sorr

com.dratwo.hzbl.Bonr

com.dratwo.qs.sa

Services

Android Permissions

0144888e87141eb3594cf4a4afcb54f6_JaffaCakes118