06078986015b6c1823e4af2a7d1f64a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06078986015b6c1823e4af2a7d1f64a5_JaffaCakes118
Size

14.7MB
MD5

06078986015b6c1823e4af2a7d1f64a5
SHA1

996cd8d7649d54d5534186e75ef4076680ed4e74
SHA256

95d827ecd04178c930f04df20b530e0ac0ccd6690b6a153e688345991b1abc7b
SHA512

e2accffbbb2dabf87218eb09ff6ecb26c591f384c98dd819176c2927b3c720a198ea1a42725f5185e9bea98ca8cd77160c97c25b60a4f26f09caf918528c10f5
SSDEEP

393216:6J927gvjKxmaTJN/hFz1vNg+AdA81UmjZM4h5HcuDZczjuySbz3:6SkaL5Z1vZAGRm9PkuDZczTKT

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by input method services to bind with the system. Allows apps to provide custom input methods (keyboards).	android.permission.BIND_INPUT_METHOD
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 8 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

06078986015b6c1823e4af2a7d1f64a5_JaffaCakes118
.apk android arch:arm

com.iflytek.xiri

com.iflytek.xiri.StartActivity

Activities

com.iflytek.xiri.StartActivity

android.intent.action.MAIN
android.hardware.usb.action.USB_DEVICE_ATTACHED

com.iflytek.xiri.nlp.WebsiteActivity

android.intent.action.MAIN

com.iflytek.xiri.custom.reservation.ReserveManager

android.intent.action.MAIN

com.iflytek.xiri.custom.app.memo.ListTabActivity

com.iflytek.Memo.TASK_LIST
com.iflytek.memo.widget.CLICK

com.iflytek.xiri.custom.app.memo.AddMemoActivity

com.iflytek.Memo.ADD

com.iflytek.xiri.ime.SettingsActivity

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.REBOOT
android.permission.INTERNET
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.INSTALL_PACKAGES
android.permission.DELETE_PACKAGES
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.GET_TASKS
android.permission.INTERNET
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECORD_AUDIO
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.ACCESS_COARSE_LOCATION
android.permission.BIND_APPWIDGET
android.permission.APPWIDGET_LIST
android.permission.INSTALL_PACKAGES
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_MEDIA_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.hardware.usb.host

Receivers

com.iflytek.xiri.custom.InitReceiver

com.iflytek.xiri.reservation.add
com.iflytek.xiri.reservation.dismiss
com.iflytek.memo.ALARM_
com.iflytek.xiri.showqrmobile

com.iflytek.xiri.XiriBroadcastReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.BOOT_COMPLETED
android.intent.action.INPUT_METHOD_CHANGED
android.net.conn.CONNECTIVITY_CHANGE

com.iflytek.xiri.custom.app.memo.AlarmReceiver

com.iflytek.memo.ADD_MEMO
com.iflytek.vocmd.COMEBACK
com.iflytek.memo.widget.MEMOLIST
com.iflytek.memo.widget.CLICK
com.iflytek.memo.widget.NEWMEMO
com.iflytek.memo.ALARM

Services

com.iflytek.xiri.video.channel.UploadService

com.iflytek.xiri.tvchannel.UPLOAD
com.iflytek.xiri.tvchannel.UPDATE
com.iflytek.xiri.contact.UPDATE

com.iflytek.xiri.custom.InitService

com.iflytek.action.init

com.iflytek.xiri.Xiri

com.iflytek.vocmd.START
com.iflytek.xiri2.START
com.iflytek.xiri2.topActivity.COMMIT
com.iflytek.xiri2.focusActivity.COMMIT
com.iflytek.xiri.scene.COMMIT
com.iflytek.xiri.KEYUP
com.iflytek.xiri2.app.CALL

com.iflytek.xiri.custom.app.memo.MemoService

com.iflytek.memo.MemoService

com.iflytek.xiri.ime.InputMethod

android.view.InputMethod

com.iflytek.xiri.ime.IMEService

com.iflytek.xiri.ime.GET_FOCUSED_PROCESS_NAME

.XiriAccessibilityService

android.accessibilityservice.AccessibilityService
plugin_ali.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_boshilink.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_changhong.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_drpeng.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_fondcoo.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_huawei4k.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_jav.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_jimi.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_konka.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_lzcsw_media.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_lzcsw_platform.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_lzcsw_shared.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_lzcsw_testkey.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_mele.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_normal.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_panda1.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_panda2.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_panda3.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_showcome.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_skyworth.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_syjA80.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_tcl_1.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_tcl_2.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_tcl_3.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_tcl_4.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_thtf.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control
plugin_yunos.apk
.apk android

com.iflytek.xiri2.system

Permissions

android.permission.INJECT_EVENTS

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri.control

Android Permissions

06078986015b6c1823e4af2a7d1f64a5_JaffaCakes118

Permissions

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.REBOOT

android.permission.INTERNET

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.INSTALL_PACKAGES

android.permission.DELETE_PACKAGES

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.GET_TASKS

android.permission.INTERNET

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.RECORD_AUDIO

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

android.permission.ACCESS_COARSE_LOCATION

android.permission.BIND_APPWIDGET

android.permission.APPWIDGET_LIST

android.permission.INSTALL_PACKAGES

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_MEDIA_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.hardware.usb.host

Sharing

General

Malware Config

Signatures

Files

com.iflytek.xiri

com.iflytek.xiri.StartActivity

Activities

com.iflytek.xiri.StartActivity

com.iflytek.xiri.nlp.WebsiteActivity

com.iflytek.xiri.custom.reservation.ReserveManager

com.iflytek.xiri.custom.app.memo.ListTabActivity

com.iflytek.xiri.custom.app.memo.AddMemoActivity

com.iflytek.xiri.ime.SettingsActivity

Permissions

Receivers

com.iflytek.xiri.custom.InitReceiver

com.iflytek.xiri.XiriBroadcastReceiver

com.iflytek.xiri.custom.app.memo.AlarmReceiver

Services

com.iflytek.xiri.video.channel.UploadService

com.iflytek.xiri.custom.InitService

com.iflytek.xiri.Xiri

com.iflytek.xiri.custom.app.memo.MemoService

com.iflytek.xiri.ime.InputMethod

com.iflytek.xiri.ime.IMEService

.XiriAccessibilityService

com.iflytek.xiri2.system

Permissions

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri2.system

Permissions

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri2.system

Permissions

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri2.system

Permissions

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri2.system

Permissions

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri2.system

Permissions

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri2.system

Permissions

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri2.system

Permissions

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri2.system

Permissions

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri2.system

Permissions

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri2.system

Permissions

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri2.system

Permissions

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri2.system

Permissions

Services

com.iflytek.xiri.system.ControlService

com.iflytek.xiri2.system