003efc6a5bf24aa78991e150ffec7911_JaffaCakes118

General

Target

003efc6a5bf24aa78991e150ffec7911_JaffaCakes118
Size

11.8MB
MD5

003efc6a5bf24aa78991e150ffec7911
SHA1

d73af4fecd793606b2e7ee5945823a8dc2a9deab
SHA256

68b5590b82a7360543d6a730b3a4358c4a749e9750204483ccd3a333a6792230
SHA512

dd60dc865f55f735daa4e549dd03f5a416797cfec0d630be160e8574dc8b6b2eb77508b8d12fba8b65c9198ad6a96008a6e3dd1f19a7884fe0aeeca75d86a65d
SSDEEP

196608:uY25g7g1ssQiX6/XNRfZlHoP551EVgsVbk8a7LM0tDkR6y4N9g3q2YCpqzUpF+:Eg4ssrX6VRfHHoP5bsK8afDkR6XN8qCg

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

003efc6a5bf24aa78991e150ffec7911_JaffaCakes118
.apk android arch:arm

com.oppo.music

.MainListActivity

Activities

.MediaPlaybackActivity

com.oppo.music.PLAYBACK_VIEWER
com.oppo.music.action_file_play

.MainListActivity

android.intent.action.MAIN
android.intent.action.MUSIC_PLAYER

.CreateClipActivity

com.oppo.music.create_clip

SetRingtoneActivity

com.oppo.music.set_ringtone

.MusicPicker

android.intent.action.PICK
android.intent.action.PICK

.AuditionActivity

com.oppo.music.SONG_AUDITION
com.oppo.music.PLAY_MEDIA_DIR
android.intent.action.VIEW

com.oppo.music.download.DataNetworkActivity

com.oppo.music.download.DataNetworkActivity

com.oppo.music.fragment.list.local.vip.VipPromptDialog

com.oppo.music.fragment.list.local.vip.VipPromptDialog

.wxapi.WXEntryActivity

com.oppo.music.wxapi.WXEntryActivity

.SettingActivity

oppo.intent.action.APP_SETTINGS

Permissions

android.permission.WRITE_SETTINGS
android.permission.WRITE_APN_SETTINGS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
com.android.email.permission.READ_ATTACHMENT
com.android.email.permission.ACCESS_PROVIDER
android.permission.BLUETOOTH
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.VIBRATE
android.permission.NFC
android.permission.GET_TASKS
android.permission.READ_PHONE_STATE
android.permission.WRITE_MEDIA_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.INSTALL_PACKAGES
com.oppo.music.permission.RECIEVE_MCS_MESSAGE
com.nearme.mcs.permission.RECIEVE_MCS_MESSAGE
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

com.oppo.music.service.MediaButtonIntentReceiver

android.intent.action.MEDIA_BUTTON

.providers.MusicScannerReceiver

music.intent.action.MEDIA_SCAN_ALL

com.oppo.usercenter.sdk.helper.UserCenterOperateReceiver

com.oppo.usercenter.account_login
com.oppo.usercenter.account_logout
com.oppo.usercenter.modify_name

.MusicPageWidgetProvider

android.appwidget.action.OPPO_WIDGET
android.appwidget.action.PRIVATE_PAGE

com.nearme.mcs.reciever.AlarmEventReceiver

com.nearme.mcs.activationmaster.broadcast
com.nearme.mcs.process.check.action
android.net.conn.CONNECTIVITY_CHANGE

com.oppo.music.mcs.DeliveryBtMcsReceiver

android.intent.action.BOOT_COMPLETED

com.oppo.music.mcs.DeliveryOppoBtMcsReceiver

android.intent.action.OPPO_BOOT_COMPLETED

com.oppo.music.mcs.MusicMCSMessageReceiver

com.oppo.music.action.MCS_MSG_RECEIVER
com.oppo.music.mcs.action.CLICK_NOTIFICATION

Services

com.oppo.music.service.MediaPlaybackService

com.oppo.music.service.command

com.oppo.music.playerservice.MusicPlayerService

com.oppo.music.playerservice.command

com.oppo.music.playerservice.MusicPlayerSingleProcessService

com.oppo.music.playerservice.command

com.nearme.mcs.service.RemoteService

com.nearme.mcs.action.MCS_MSG_SERVICE
com.nearme.mcs.action.ACTIVATE_SERVICE
nearme.apk
.apk android arch:arm

com.nearme.atlas

.ActionActivity

Activities

.NearmeNotificationActivity

nearme.plugin.startup.failed.file.illegal

com.nearme.plugin.pay.activity.MainChargeActivity

nearme.plugin.host.startup.action.single_pay
android.intent.action.VIEW

com.nearme.plugin.pay.activity.WeChatPayActivity

android.intent.action.VIEW

com.nearme.atlas.qqwallet.MqqPayCallbackActivity

android.intent.action.VIEW

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.RESTART_PACKAGES
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.GET_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.READ_SETTINGS
android.permission.READ_LOGS
android.permission.GET_TASKS
android.permission.DISABLE_KEYGUARD
android.permission.CHANGE_CONFIGURATION
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.RUN_INSTRUMENTATION
android.permission.WRITE_SETTINGS
com.oppo.findmyphone.permission.AUTH_TOKEN

Receivers

.declare.PayProxyBroadcastReceiver

plugin.exit
plugin_update_force_clear_data
alipay_response

.declare.ReservePayProxyBroadcastReceiver1

plugin.exit
plugin_update_force_clear_data

.declare.ReservePayProxyBroadcastReceiver2

plugin.exit
plugin_update_force_clear_data

.declare.ReservePayProxyBroadcastReceiver3

plugin.exit
plugin_update_force_clear_data

.declare.ReservePayProxyBroadcastReceiver4

plugin.exit
plugin_update_force_clear_data

.declare.ReservePayProxyBroadcastReceiver5

plugin.exit
plugin_update_force_clear_data

.declare.ReservePayProxyBroadcastReceiver6

plugin.exit
plugin_update_force_clear_data

.declare.ReservePayProxyBroadcastReceiver7

plugin.exit
plugin_update_force_clear_data

.NearmeActionReceiver

nearme.host.plugin.action.broadcast.background
com.android.action.send

.declare.ReservePayProxyBroadcastReceiver8

plugin.exit
plugin_update_force_clear_data

.declare.ReservePayProxyBroadcastReceiver9

plugin.exit
plugin_update_force_clear_data

.declare.ReservePayProxyBroadcastReceiver10

plugin.exit
plugin_update_force_clear_data

.declare.AccountProxyBroadcastReceiver

plugin.exit
plugin_update_force_clear_data

.NearmeReceiver

com.nearme.plugin.call.alipay

com.nearme.plugin.framework.core.broadcast.NearmeProxyBroadcastReceiver

pre_load
plugin.exit
plugin_update_force_clear_data

com.nearme.plugin.pay.receiver.ProcessReceiver

com.nearme.plugin.pay.action.directpay

com.nearme.atlas.wxapi.AppRegister

com.tencent.mm.plugin.openapi.Intent.ACTION_REFRESH_WXAPP

com.oppo.usercenter.sdk.helper.UserCenterOperateReceiver

com.oppo.usercenter.account_login
com.oppo.usercenter.account_logout
com.oppo.usercenter.modify_name

Services

.PayActionService

com.oppo.action.PAY_ACTION

com.nearme.plugin.framework.download.DownloadService

com.nearme.plugin.framework.downloadservice

Android Permissions

003efc6a5bf24aa78991e150ffec7911_JaffaCakes118

Permissions

android.permission.WRITE_SETTINGS

android.permission.WRITE_APN_SETTINGS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WAKE_LOCK

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

com.android.email.permission.READ_ATTACHMENT

com.android.email.permission.ACCESS_PROVIDER

android.permission.BLUETOOTH

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.VIBRATE

android.permission.NFC

android.permission.GET_TASKS

android.permission.READ_PHONE_STATE

android.permission.WRITE_MEDIA_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.INSTALL_PACKAGES

com.oppo.music.permission.RECIEVE_MCS_MESSAGE

com.nearme.mcs.permission.RECIEVE_MCS_MESSAGE

android.permission.RECEIVE_BOOT_COMPLETED

Sharing

General

Malware Config

Signatures

Files

com.oppo.music

.MainListActivity

Activities

.MediaPlaybackActivity

.MainListActivity

.CreateClipActivity

SetRingtoneActivity

.MusicPicker

.AuditionActivity

com.oppo.music.download.DataNetworkActivity

com.oppo.music.fragment.list.local.vip.VipPromptDialog

.wxapi.WXEntryActivity

.SettingActivity

Permissions

Receivers

com.oppo.music.service.MediaButtonIntentReceiver

.providers.MusicScannerReceiver

com.oppo.usercenter.sdk.helper.UserCenterOperateReceiver

.MusicPageWidgetProvider

com.nearme.mcs.reciever.AlarmEventReceiver

com.oppo.music.mcs.DeliveryBtMcsReceiver

com.oppo.music.mcs.DeliveryOppoBtMcsReceiver

com.oppo.music.mcs.MusicMCSMessageReceiver

Services

com.oppo.music.service.MediaPlaybackService

com.oppo.music.playerservice.MusicPlayerService

com.oppo.music.playerservice.MusicPlayerSingleProcessService

com.nearme.mcs.service.RemoteService

com.nearme.atlas

.ActionActivity

Activities

.NearmeNotificationActivity

com.nearme.plugin.pay.activity.MainChargeActivity

com.nearme.plugin.pay.activity.WeChatPayActivity

com.nearme.atlas.qqwallet.MqqPayCallbackActivity

Permissions

Receivers

.declare.PayProxyBroadcastReceiver

.declare.ReservePayProxyBroadcastReceiver1

.declare.ReservePayProxyBroadcastReceiver2

.declare.ReservePayProxyBroadcastReceiver3

.declare.ReservePayProxyBroadcastReceiver4

.declare.ReservePayProxyBroadcastReceiver5

.declare.ReservePayProxyBroadcastReceiver6

.declare.ReservePayProxyBroadcastReceiver7

.NearmeActionReceiver

.declare.ReservePayProxyBroadcastReceiver8

.declare.ReservePayProxyBroadcastReceiver9

.declare.ReservePayProxyBroadcastReceiver10

.declare.AccountProxyBroadcastReceiver

.NearmeReceiver

com.nearme.plugin.framework.core.broadcast.NearmeProxyBroadcastReceiver

com.nearme.plugin.pay.receiver.ProcessReceiver

com.nearme.atlas.wxapi.AppRegister

com.oppo.usercenter.sdk.helper.UserCenterOperateReceiver

Services

.PayActionService

com.nearme.plugin.framework.download.DownloadService

Android Permissions

003efc6a5bf24aa78991e150ffec7911_JaffaCakes118