slocker | e6dc3648f7852db0a7789493222a92a8_JaffaCakes118

General

Target

e6dc3648f7852db0a7789493222a92a8_JaffaCakes118
Size

2.7MB
MD5

e6dc3648f7852db0a7789493222a92a8
SHA1

7434a19607d29c2105885742d85568151ea53e77
SHA256

3764bff48a4d4bae8026fd97d33475c390e5f4c17bbaa82ccda602271dd55c24
SHA512

b61deab11eb918c0d36fbec6aec37311ccf827793a5d860412b7a82f18c9fa3beccb6bac97146376bb5da0962fb846fc8406bc47b867a0050a44929855d83c0d
SSDEEP

49152:7JjM2M7xZk6sPctdtUtD6FJjM2M7xZkmPctdtUtD6lJjM2M7xZkTPctdtUtD6gJc:tjkxjsP04D6Hjkx3P04D6njkxGP04D6n

Score

10^/10

slocker

SLocker payload 1 IoCs

Processes:

resource yara_rule

sample family_slocker_1
Slocker family
slocker

resource	yara_rule
sample	family_slocker_1

Requests dangerous framework permissions 7 IoCs

Processes:

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA

Permissions

android.permission.SYSTEM_ALERT_WINDOW

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.SET_WALLPAPER

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_CONTACTS

android.permission.READ_SMS

android.permission.ACCESS_FINE_LOCATION

android.permission.WAKE_LOCK

android.permission.INTERNET

android.permission.REQUEST_INSTALL_PACKAGE

android.permission.CAMERA