e7bb3bb359482f36700c1b69688c4481_JaffaCakes118

General

Target

e7bb3bb359482f36700c1b69688c4481_JaffaCakes118
Size

7.2MB
MD5

e7bb3bb359482f36700c1b69688c4481
SHA1

412593f60383bb19cc195e29dafaef971078f08f
SHA256

919298ffd9dc324e22cd86445fa00da1b359aba9828ea81defae195a3323adef
SHA512

d4286d241c8bd27e6b00ea1c242ffc3ef757a5499a8446c6498654f7167e9d87ab4a4b7e42c25907bda988d7cb343fa4fb6cd9501838b89b952f4ff771576eb1
SSDEEP

98304:uxfMbIqjEdDtWVotboOWCgkOO4IambQQrGxre+sRYdtA+T2J0jmxgkQxgkPbvW:uxIIU4DtWqboO3dOJ+oJT8JxdQxdPbW

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

e7bb3bb359482f36700c1b69688c4481_JaffaCakes118
.apk android

ru.aaaaaaaj.installer

ru.aaaaaaaj.installer.MainActivity

Activities

ru.aaaaaaaj.installer.MainActivity

android.intent.action.MAIN
android.intent.action.SEND
android.intent.action.SEND_MULTIPLE
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.lp.SetPrefs

android.intent.action.MAIN

com.google.android.finsky.billing.iab.BuyActivity

org.billinghack.BUY

com.lp.widgets.BinderWidgetConfigureActivity

android.appwidget.action.APPWIDGET_CONFIGURE

com.lp.widgets.AppDisablerWidgetConfigureActivity

android.appwidget.action.APPWIDGET_CONFIGURE

Permissions

android.permission.ACCESS_WIFI_STATE
android.permission.BLUETOOTH
com.android.vending.BILLING
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_LOGS
android.permission.ACCESS_SUPERUSER
android.permission.INTERNET
android.permission.VIBRATE
com.android.vending.CHECK_LICENSE
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.ACCESS_NETWORK_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.WRITE_SETTINGS
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_MEDIA_STORAGE
android.permission.REORDER_TASKS
android.permission.READ_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.FOREGROUND_SERVICE

Receivers

com.lp.PackageChangeReceiver

android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_CHANGED

com.lp.OnAlarmReceiver

com.lp.OnAlarmReceiver.ACTION_WIDGET_RECEIVER

com.lp.BinderLuckyPatcher

android.intent.action.BOOT_COMPLETED
android.intent.action.MEDIA_SCANNER_FINISHED
android.intent.action.MEDIA_SCANNER_STARTED
android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_EJECT
android.intent.action.MEDIA_UNMOUNTED
android.intent.action.MEDIA_REMOVED

com.lp.OnBootLuckyPatcher

android.intent.action.BOOT_COMPLETED
android.intent.action.EXTERNAL_APPLICATIONS_AVAILABLE
android.intent.action.EXTERNAL_APPLICATIONS_UNAVAILABLE
android.intent.action.UMS_DISCONNECTED
android.intent.action.POWER_DISCONNECTED
android.intent.action.MY_PACKAGE_REPLACED

com.lp.widgets.proxyGP_widget

android.appwidget.action.APPWIDGET_UPDATE
com.lp.widgets.proxyGP_widget.ACTION_WIDGET_RECEIVER
com.lp.widgets.proxyGP_widget.ACTION_WIDGET_RECEIVER_Updater

com.lp.widgets.lvl_widget

android.appwidget.action.APPWIDGET_UPDATE
com.lp.widgets.lvl_widget.ACTION_WIDGET_RECEIVER
com.lp.widgets.lvl_widget.ACTION_WIDGET_RECEIVER_Updater

com.lp.widgets.inapp_widget

android.appwidget.action.APPWIDGET_UPDATE
com.lp.widgets.inapp_widget.ACTION_WIDGET_RECEIVER
com.lp.widgets.inapp_widget.ACTION_WIDGET_RECEIVER_Updater

com.lp.widgets.AndroidPatchWidget

android.appwidget.action.APPWIDGET_UPDATE

com.lp.widgets.BinderWidget

android.appwidget.action.APPWIDGET_UPDATE
com.lp.widgets.BinderWidget.ACTION_WIDGET_RECEIVER
com.lp.widgets.BinderWidget.ACTION_WIDGET_RECEIVER_Updater

com.lp.widgets.AppDisablerWidget

android.appwidget.action.APPWIDGET_UPDATE
com.lp.widgets.AppDisablerWidget.ACTION_WIDGET_RECEIVER
com.lp.widgets.AppDisablerWidget.ACTION_WIDGET_RECEIVER_Updater

Services

com.google.android.finsky.billing.iab.InAppBillingService

com.android.vending.billing.InAppBillingService.COIN
com.android.vending.billing.InAppBillingService.COIO
com.android.vending.billing.InAppBillingService.LUCM
com.android.vending.billing.InAppBillingService.PROX
ir.cafebazaar.pardakht.InAppBillingService.BIND
com.nokia.payment.iapenabler.InAppBillingService.BIND
com.android.vending.billing.InAppBillingService.INST

com.google.android.finsky.billing.iab.MarketBillingService

com.android.vending.billing.MarketBillingService.BIND

com.google.android.finsky.services.LicensingService

com.android.vending.licensing.ILicensingService

com.lp.TestService

com.lp.ITestServiceInterface.BIND

com.chelpus.TransferFilesService

com.chelpus.TransferFilesService.ITransferFilesServiceInterface.BIND

Android Permissions

e7bb3bb359482f36700c1b69688c4481_JaffaCakes118

Permissions

android.permission.ACCESS_WIFI_STATE

android.permission.BLUETOOTH

com.android.vending.BILLING

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.READ_LOGS

android.permission.ACCESS_SUPERUSER

android.permission.INTERNET

android.permission.VIBRATE

com.android.vending.CHECK_LICENSE

android.permission.INTERACT_ACROSS_USERS_FULL

android.permission.ACCESS_NETWORK_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.WRITE_SETTINGS

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_MEDIA_STORAGE

android.permission.REORDER_TASKS

android.permission.READ_EXTERNAL_STORAGE

android.permission.WAKE_LOCK

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.FOREGROUND_SERVICE

Sharing

General

Malware Config

Signatures

Files

ru.aaaaaaaj.installer

ru.aaaaaaaj.installer.MainActivity

Activities

ru.aaaaaaaj.installer.MainActivity

com.lp.SetPrefs

com.google.android.finsky.billing.iab.BuyActivity

com.lp.widgets.BinderWidgetConfigureActivity

com.lp.widgets.AppDisablerWidgetConfigureActivity

Permissions

Receivers

com.lp.PackageChangeReceiver

com.lp.OnAlarmReceiver

com.lp.BinderLuckyPatcher

com.lp.OnBootLuckyPatcher

com.lp.widgets.proxyGP_widget

com.lp.widgets.lvl_widget

com.lp.widgets.inapp_widget

com.lp.widgets.AndroidPatchWidget

com.lp.widgets.BinderWidget

com.lp.widgets.AppDisablerWidget

Services

com.google.android.finsky.billing.iab.InAppBillingService

com.google.android.finsky.billing.iab.MarketBillingService

com.google.android.finsky.services.LicensingService

com.lp.TestService

com.chelpus.TransferFilesService

Android Permissions

e7bb3bb359482f36700c1b69688c4481_JaffaCakes118