040d6af301b7587e6c364bb5130a549e_JaffaCakes118

General

Target

040d6af301b7587e6c364bb5130a549e_JaffaCakes118
Size

11.7MB
MD5

040d6af301b7587e6c364bb5130a549e
SHA1

94cef6476b8a497b5ba25f582be8e11ffc6caaa2
SHA256

a9448302b20a26e3bb05f51eeb568549b77fff3cd7ef0cae898313479f09a5c5
SHA512

6d053b029dfdda5bf64ef67c324ba87816060399d006b2b78cbaeb574ef06d9858219d2474ae027426d4a1e077dbde9914cde4cfcdb414f757ec8c0bc418b2e7
SSDEEP

196608:IIQbdh2GSxu3bkYbMwdekNyEDkiazkFLhVhmdCcHB/OsXXZ+QMUFHY5FtBfSQ0AD:fzYgYbZekNjAiYk5hVhMCA5OsntY5/BN

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

040d6af301b7587e6c364bb5130a549e_JaffaCakes118
.apk android arch:x64 arch:arm64 arch:x86 arch:mips64 arch:arm arch:mips

ir.m.y.ghza.soghary

ir.m.y.ghza.soghary.MainActivity

Activities

ir.m.y.ghza.soghary.MainActivity

android.intent.action.MAIN
android.intent.action.SEARCH
android.intent.action.VIEW

ir.m.y.ghza.soghary.RssActivity

ir.m.y.ghza.soghary.RssActivity

ir.m.y.ghza.soghary.ListActivity

ir.m.y.ghza.soghary.ListActivity

ir.m.y.ghza.soghary.SearchActivity

ir.m.y.ghza.soghary.SearchActivity

ir.m.y.ghza.soghary.PageActivity

ir.m.y.ghza.soghary.PageActivity

ir.m.y.ghza.soghary.WebActivity

ir.m.y.ghza.soghary.WebActivity

ir.m.y.ghza.soghary.HtmlActivity

ir.m.y.ghza.soghary.HtmlActivity

ir.m.y.ghza.soghary.BookmarksActivity

ir.m.y.ghza.soghary.BookmarksActivity

ir.m.y.ghza.soghary.SettingActivity

ir.m.y.ghza.soghary.SettingActivity

ir.m.y.ghza.soghary.UpdateActivity

ir.m.y.ghza.soghary.UpdateActivity

ir.m.y.ghza.soghary.AudioPlayer

ir.m.y.ghza.soghary.AudioPlayer

ir.m.y.ghza.soghary.JoAppVideoPlayer

ir.m.y.ghza.soghary.JoAppVideoPlayer

ir.m.y.ghza.soghary.ImageViewActivity

ir.m.y.ghza.soghary.ImageViewActivity

ir.m.y.ghza.soghary.GalleryActivity

ir.m.y.ghza.soghary.GalleryActivity

ir.m.y.ghza.soghary.PayActivity

ir.m.y.ghza.soghary.PayActivity

ir.m.y.ghza.soghary.PayActivityHP

ir.m.y.ghza.soghary.PayActivityHP

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
ir.m.y.ghza.soghary.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

co.ronash.pushe.receiver.UpdateReceiver

android.intent.action.PACKAGE_REPLACED

co.ronash.pushe.receiver.PusheGcmReceiver

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

com.google.android.gms.gcm.GcmReceiver

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

co.ronash.pushe.receiver.FallbackGcmNetworkManagerReceiver

co.ronash.pushe.CHECK_TASKS

co.ronash.pushe.receiver.BootAndScreenReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

co.ronash.pushe.receiver.ConnectivityReceiver

android.net.conn.CONNECTIVITY_CHANGE

co.ronash.pushe.receiver.AddReceiver

com.evernote.android.job.ADD_JOB_CREATOR

co.ronash.pushe.receiver.AppChangeReceiver

android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_FULLY_REMOVED

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.v14.RUN_JOB
net.vrallev.android.job.v14.RUN_JOB

com.evernote.android.job.JobBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.MY_PACKAGE_REPLACED

Services

ir.m.y.ghza.soghary.MyPushListener

co.ronash.pushe.RECEIVE

co.ronash.pushe.service.GcmService

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.RECEIVE

co.ronash.pushe.service.ScreenStateService

co.ronash.pushe.service.ScreenStateService

co.ronash.pushe.service.FallbackGcmTaskRunner

co.ronash.pushe.ACTION_TASK_READY

co.ronash.pushe.task.scheduler.gcm.GcmTaskRunner

com.google.android.gms.gcm.ACTION_TASK_READY

co.ronash.pushe.service.InstanceIDService

com.google.android.gms.iid.InstanceID

com.evernote.android.job.gcm.PlatformGcmService

com.google.android.gms.gcm.ACTION_TASK_READY

Android Permissions

040d6af301b7587e6c364bb5130a549e_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

ir.m.y.ghza.soghary.permission.C2D_MESSAGE

com.google.android.c2dm.permission.RECEIVE

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_BOOT_COMPLETED

Sharing

General

Malware Config

Signatures

Files

ir.m.y.ghza.soghary

ir.m.y.ghza.soghary.MainActivity

Activities

ir.m.y.ghza.soghary.MainActivity

ir.m.y.ghza.soghary.RssActivity

ir.m.y.ghza.soghary.ListActivity

ir.m.y.ghza.soghary.SearchActivity

ir.m.y.ghza.soghary.PageActivity

ir.m.y.ghza.soghary.WebActivity

ir.m.y.ghza.soghary.HtmlActivity

ir.m.y.ghza.soghary.BookmarksActivity

ir.m.y.ghza.soghary.SettingActivity

ir.m.y.ghza.soghary.UpdateActivity

ir.m.y.ghza.soghary.AudioPlayer

ir.m.y.ghza.soghary.JoAppVideoPlayer

ir.m.y.ghza.soghary.ImageViewActivity

ir.m.y.ghza.soghary.GalleryActivity

ir.m.y.ghza.soghary.PayActivity

ir.m.y.ghza.soghary.PayActivityHP

Permissions

Receivers

co.ronash.pushe.receiver.UpdateReceiver

co.ronash.pushe.receiver.PusheGcmReceiver

com.google.android.gms.gcm.GcmReceiver

co.ronash.pushe.receiver.FallbackGcmNetworkManagerReceiver

co.ronash.pushe.receiver.BootAndScreenReceiver

co.ronash.pushe.receiver.ConnectivityReceiver

co.ronash.pushe.receiver.AddReceiver

co.ronash.pushe.receiver.AppChangeReceiver

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.JobBootReceiver

Services

ir.m.y.ghza.soghary.MyPushListener

co.ronash.pushe.service.GcmService

co.ronash.pushe.service.ScreenStateService

co.ronash.pushe.service.FallbackGcmTaskRunner

co.ronash.pushe.task.scheduler.gcm.GcmTaskRunner

co.ronash.pushe.service.InstanceIDService

com.evernote.android.job.gcm.PlatformGcmService

Android Permissions

040d6af301b7587e6c364bb5130a549e_JaffaCakes118