fdd84aea74dd303a7707b0f260866efb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fdd84aea74dd303a7707b0f260866efb_JaffaCakes118
Size

6.4MB
MD5

fdd84aea74dd303a7707b0f260866efb
SHA1

191318158917313f61fde2eaec1ff00322808460
SHA256

9daee38cb9fd6867c108eb9221e88f8dac4562fdb230a95edc7cad61d04d1ad8
SHA512

78acf9170b7f6327a886567e63d530c06dafe6d8256665ae09b6a35cf4a45d0fd735a42e76884f99b48ea81abfde1f539693f55ed572c7a3f0cb2929757fc627
SSDEEP

98304:E2fOvd/cVGZiFSv7y6gAvi78c8eBbYJMJRn7SD/w1T0r6tTlxf:8vd/cofv7CF7p8eRcauD/f6Rf

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 27 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Required to be able to access the camera device.	android.permission.CAMERA
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether.	android.permission.PROCESS_OUTGOING_CALLS
Allows an application to read the user's calendar data.	android.permission.READ_CALENDAR
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to monitor incoming MMS messages.	android.permission.RECEIVE_MMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to receive WAP push messages.	android.permission.RECEIVE_WAP_PUSH
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to use SIP service.	android.permission.USE_SIP
Allows an application to write the user's calendar data.	android.permission.WRITE_CALENDAR
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES

Files

fdd84aea74dd303a7707b0f260866efb_JaffaCakes118
.apk android arch:arm

com.xjx.cyjl

com.stardust.autojs.inrt.SplashActivity

Activities

com.stardust.autojs.inrt.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_FINE_LOCATION
android.permission.RECORD_AUDIO
android.permission.ACCESS_CHECKIN_PROPERTIES
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_SURFACE_FLINGER
android.permission.ACCESS_WIFI_STATE
android.permission.ACCOUNT_MANAGER
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.BATTERY_STATS
android.permission.BIND_APPWIDGET
android.permission.BIND_DEVICE_ADMIN
android.permission.BIND_INPUT_METHOD
android.permission.BIND_REMOTEVIEWS
android.permission.BIND_WALLPAPER
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.BRICK
android.permission.BROADCAST_PACKAGE_REMOVED
android.permission.BROADCAST_SMS
android.permission.BROADCAST_STICKY
android.permission.BROADCAST_WAP_PUSH
android.permission.CALL_PHONE
android.permission.CALL_PRIVILEGED
android.permission.CAMERA
android.permission.CHANGE_COMPONENT_ENABLED_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CLEAR_APP_CACHE
android.permission.CLEAR_APP_USER_DATA
android.permission.CWJ_GROUP
android.permission.CELL_PHONE_MASTER_EX
android.permission.CONTROL_LOCATION_UPDATES
android.permission.DELETE_CACHE_FILES
android.permission.DELETE_PACKAGES
android.permission.DEVICE_POWER
android.permission.DIAGNOSTIC
android.permission.DISABLE_KEYGUARD
android.permission.DUMP
android.permission.EXPAND_STATUS_BAR
android.permission.FACTORY_TEST
android.permission.FLASHLIGHT
android.permission.FORCE_BACK
android.permission.GET_ACCOUNTS
android.permission.GET_PACKAGE_SIZE
android.permission.GET_TASKS
android.permission.GLOBAL_SEARCH
android.permission.HARDWARE_TEST
android.permission.INJECT_EVENTS
android.permission.INSTALL_LOCATION_PROVIDER
android.permission.INSTALL_PACKAGES
android.permission.INTERNAL_SYSTEM_WINDOW
android.permission.INTERNET
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.MANAGE_ACCOUNTS
android.permission.MANAGE_APP_TOKENS
android.permission.MTWEAK_USER
android.permission.MTWEAK_FORUM
android.permission.MASTER_CLEAR
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.MODIFY_PHONE_STATE
android.permission.MOUNT_FORMAT_FILESYSTEMS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.NFC
android.permission.PERSISTENT_ACTIVITY
android.permission.PROCESS_OUTGOING_CALLS
android.permission.READ_CALENDAR
android.permission.READ_CONTACTS
android.permission.READ_FRAME_BUFFER
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.READ_INPUT_STATE
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.READ_SMS
android.permission.READ_SYNC_SETTINGS
android.permission.READ_SYNC_STATS
android.permission.REBOOT
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_MMS
android.permission.RECEIVE_SMS
android.permission.RECEIVE_WAP_PUSH
android.permission.RECORD_AUDIO
android.permission.REORDER_TASKS
android.permission.RESTART_PACKAGES
android.permission.SEND_SMS
android.permission.SET_ACTIVITY_WATCHER
com.android.alarm.permission.SET_ALARM
android.permission.SET_ALWAYS_FINISH
android.permission.SET_ANIMATION_SCALE
android.permission.SET_DEBUG_APP
android.permission.SET_ORIENTATION
android.permission.SET_PREFERRED_APPLICATIONS
android.permission.SET_PROCESS_LIMIT
android.permission.SET_TIME
android.permission.SET_TIME_ZONE
android.permission.SET_WALLPAPER
android.permission.SET_WALLPAPER_HINTS
android.permission.SIGNAL_PERSISTENT_PROCESSES
android.permission.STATUS_BAR
android.permission.SUBSCRIBED_FEEDS_READ
android.permission.SUBSCRIBED_FEEDS_WRITE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.UPDATE_DEVICE_STATS
android.permission.USE_CREDENTIALS
android.permission.USE_SIP
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.WRITE_APN_SETTINGS
android.permission.WRITE_CALENDAR
android.permission.WRITE_CONTACTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_GSERVICES
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
android.permission.WRITE_SECURE_SETTINGS
android.permission.WRITE_SETTINGS
android.permission.WRITE_SMS
android.permission.WRITE_SYNC_SETTING
android.permission.FOREGROUND_SERVICE
android.permission.REQUEST_INSTALL_PACKAGES
moe.shizuku.manager.permission.API
android.permission.Flying

Receivers

com.stardust.autojs.inrt.launch.LaunchBroadcastReceiver

autojs.inrt.action.launch

com.stardust.autojs.core.timing.receiver.StaticBroadcastReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED
android.intent.action.UID_REMOVED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.ACTION_SHUTDOWN
android.intent.action.DATE_CHANGED
android.intent.action.DREAMING_STARTED
android.intent.action.DREAMING_STOPPED
android.intent.action.HEADSET_PLUG
android.intent.action.INPUT_METHOD_CHANGED
android.intent.action.LOCALE_CHANGED
android.intent.action.MEDIA_BUTTON
android.intent.action.MEDIA_CHECKING
android.intent.action.MEDIA_MOUNTED
android.intent.action.PACKAGE_FIRST_LAUNCH
android.intent.action.PROVIDER_CHANGED
android.intent.action.WALLPAPER_CHANGED
android.intent.action.USER_UNLOCKED
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_DATA_CLEARED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_RESTARTED

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.v14.RUN_JOB
net.vrallev.android.job.v14.RUN_JOB

com.evernote.android.job.JobBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.MY_PACKAGE_REPLACED

Services

com.stardust.notification.NotificationListenerService

android.service.notification.NotificationListenerService

com.stardust.autojs.core.accessibility.AccessibilityService

android.accessibilityservice.AccessibilityService

com.evernote.android.job.gcm.PlatformGcmService

com.google.android.gms.gcm.ACTION_TASK_READY

Android Permissions

fdd84aea74dd303a7707b0f260866efb_JaffaCakes118

Permissions

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_FINE_LOCATION

android.permission.RECORD_AUDIO

android.permission.ACCESS_CHECKIN_PROPERTIES

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_SURFACE_FLINGER

android.permission.ACCESS_WIFI_STATE

android.permission.ACCOUNT_MANAGER

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.BATTERY_STATS

android.permission.BIND_APPWIDGET

android.permission.BIND_DEVICE_ADMIN

android.permission.BIND_INPUT_METHOD

android.permission.BIND_REMOTEVIEWS

android.permission.BIND_WALLPAPER

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.BRICK

android.permission.BROADCAST_PACKAGE_REMOVED

android.permission.BROADCAST_SMS

android.permission.BROADCAST_STICKY

android.permission.BROADCAST_WAP_PUSH

android.permission.CALL_PHONE

android.permission.CALL_PRIVILEGED

android.permission.CAMERA

android.permission.CHANGE_COMPONENT_ENABLED_STATE

android.permission.CHANGE_CONFIGURATION

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_MULTICAST_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.CLEAR_APP_CACHE

android.permission.CLEAR_APP_USER_DATA

android.permission.CWJ_GROUP

android.permission.CELL_PHONE_MASTER_EX

android.permission.CONTROL_LOCATION_UPDATES

android.permission.DELETE_CACHE_FILES

android.permission.DELETE_PACKAGES

android.permission.DEVICE_POWER

android.permission.DIAGNOSTIC

android.permission.DISABLE_KEYGUARD

Sharing

General

Malware Config

Signatures

Files

com.xjx.cyjl

com.stardust.autojs.inrt.SplashActivity

Activities

com.stardust.autojs.inrt.SplashActivity

Permissions

Receivers

com.stardust.autojs.inrt.launch.LaunchBroadcastReceiver

com.stardust.autojs.core.timing.receiver.StaticBroadcastReceiver

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.JobBootReceiver

Services

com.stardust.notification.NotificationListenerService

com.stardust.autojs.core.accessibility.AccessibilityService

com.evernote.android.job.gcm.PlatformGcmService

Android Permissions

fdd84aea74dd303a7707b0f260866efb_JaffaCakes118