Overview

overview

10

Static

static

10

07fcb3e2a9...18.apk

android-9-x86

8

BannerPlugin-3.1.apk

android-9-x86

1

BannerPlugin-3.1.apk

android-10-x64

1

BannerPlugin-3.1.apk

android-11-x64

1

CommonPlugin-4.7.apk

android-9-x86

1

CommonPlugin-4.7.apk

android-10-x64

1

CommonPlugin-4.7.apk

android-11-x64

1

FrameworkP....4.apk

android-9-x86

1

FrameworkP....4.apk

android-10-x64

1

FrameworkP....4.apk

android-11-x64

1

InsertPlugin-2.9.apk

android-9-x86

1

InsertPlugin-2.9.apk

android-10-x64

1

InsertPlugin-2.9.apk

android-11-x64

1

WelcomePlugin-3.3.apk

android-9-x86

1

WelcomePlugin-3.3.apk

android-10-x64

1

WelcomePlugin-3.3.apk

android-11-x64

1

gdtadv2.apk

android-9-x86

gdtadv2.apk

android-10-x64

gdtadv2.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    07fcb3e2a959b57dc43627afaf5c24ac_JaffaCakes118

  • Size

    30.4MB

  • MD5

    07fcb3e2a959b57dc43627afaf5c24ac

  • SHA1

    31e0d004b2b23ce9228de5734f3ec727fdcafbb0

  • SHA256

    144ed9088577cf27bad63078f1a3b303db97170dda2dcdfb0b5bf1f9da27871f

  • SHA512

    a5bd937e0d1255b6800d725f83bcf93e251a9deff49714f2bf3d7c92b4db350d948779f463c76b479aee42b26990f56e77a7dc5c20e9e731f43792804763e806

  • SSDEEP

    786432:V2tAGCI1gtBpEp04mAZ8Bqtgb2aziWGlYDNEAYb:MvCIqp+04mAZa9ziWGYuAw

Score
10/10
joker

Malware Config

Extracted

Family

joker

C2

http://adashx.m.taobao.com/rest/gc2

http://api.exc.mob.com:80

Signatures

  • Joker family
    joker
  • Requests dangerous framework permissions 9 IoCs

Files

  • 07fcb3e2a959b57dc43627afaf5c24ac_JaffaCakes118
    .apk android arch:arm

    com.wedobest.piano

    com.wedobest.piano.StartAct


  • BannerPlugin-3.1.apk
    .apk android

    com.alimama.mobile.sdk.banner

    com.alimama.mobile.plugin.banner.service.MainActivity


  • CommonPlugin-4.7.apk
    .apk android

    com.taobao.munion.plugin.cm

    com.taobao.test.MainActivity


  • FrameworkPlugin-3.4.apk
    .apk android

    com.taobao.munion.plugin.framework


  • InsertPlugin-2.9.apk
    .apk android

    com.alimama.mobile.sdk.insert


  • WelcomePlugin-3.3.apk
    .apk android

    com.alimama.mobile.sdk.welcome


  • gdtadv2.jar
    .apk android

Android Permissions

07fcb3e2a959b57dc43627afaf5c24ac_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_COARSE_LOCATION

android.permission.CAMERA

android.permission.CHANGE_WIFI_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.GET_TASKS

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.CHANGE_CONFIGURATION

android.permission.CHANGE_NETWORK_STATE

android.permission.READ_LOGS

android.permission.CALL_PHONE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.INTERACT_ACROSS_USERS_FULL

android.permission.VIBRATE

android.permission.GET_TASKS

android.permission.BLUETOOTH

android.permission.READ_SETTINGS