09464f853a95554937e0fddd46d13623_JaffaCakes118

General

Target

09464f853a95554937e0fddd46d13623_JaffaCakes118
Size

30.6MB
MD5

09464f853a95554937e0fddd46d13623
SHA1

dfbf162cb309773a24aae58189031bdc7ffb22eb
SHA256

83bceef1e184f0a27e7dd5d0d31fbdb1b3102a15ac9504aa46ae85ca2c0af556
SHA512

c9e061ca7ec2ce35ed0bd0285c9306c3967ef1a9926c9b8aa09d7305d92ea9ee8908899c08cf83666cf0fda2a17a0055066dcda11711ae8736e4aa0d7be3ca14
SSDEEP

786432:APKBJ59JTEwXg+EtHY/TWxWXaVblED8s3gnsBYfo:7f59dLgY/wQaV2D8s3vKfo

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS

Files

09464f853a95554937e0fddd46d13623_JaffaCakes118
.apk android arch:arm64 arch:arm arch:mips arch:mips64 arch:x86 arch:x64

com.youzan.cashierhd

com.youzan.cashier.account.common.ui.PrepareActivity

Activities

com.youzan.router.RouterActivity

android.intent.action.VIEW

com.youzan.cashierhd.wxapi.WXEntryActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.youzan.cashierhd.wxapi.WXPayEntryActivity

android.intent.action.VIEW

com.youzan.cashier.account.common.ui.PrepareActivity

android.intent.action.MAIN

Permissions

android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CAMERA
android.permission.VIBRATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.CHANGE_CONFIGURATION
android.permission.CLOUDPOS_PRINTER
android.permission.CLOUDPOS_PINPAD
android.permission.CLOUDPOS_CONTACTLESS_CARD
android.permission.CLOUDPOS_MSR
android.permission.CLOUDPOS_LED
android.permission.CLOUDPOS_SAFE_MODULE
android.permission.CLOUDPOS_SMARTCARD
android.permission.CLOUDPOS_PIN_GET_PIN_BLOCK
android.permission.CLOUDPOS_PIN_MAC
android.permission.CLOUDPOS_PIN_ENCRYPT_DATA
android.permission.CLOUDPOS_PIN_UPDATE_USER_KEY
android.permission.CLOUDPOS_PIN_UPDATE_MASTER_KEY
android.permission.CLOUDPOS_EMV
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.WRITE_SETTINGS
android.permission.WAKE_LOCK
android.permission.DISABLE_KEYGUARD
android.permission.GET_TASKS
android.permission.BATTERY_STATS
android.permission.ACCESS_COARSE_UPDATES
com.wangpos.cashiercoreapp.coreapi
com.youzan.cashierhd.permission.MIPUSH_RECEIVE
android.permission.CHANGE_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
getui.permission.GetuiService.com.youzan.cashierhd
android.permission.RECORD_AUDIO
android.permission.CHANGE_NETWORK_STATE
android.permission.READ_CONTACTS
android.permission.KIVVI_PRINTER
android.permission.KIVVI_PINPAD
android.permission.KIVVI_STORAGE
android.permission.KIVVI_SECSTORAGE
android.permission.KIVVI_CARD
android.permission.KIVVI_EXSCREEN
android.permission.KIVVI_AUTH
android.permission.ARQ_KEYREL
android.permission.ARQ_KEY
android.permission.ARQ_MAGC
android.permission.ARQ_ICC
thomas.permission.AIDL_SERVICE
android.permission.ARQ_SECURITY
android.permission.ARQ_ENCRYPTION
android.permission.ARQ_MISC
android.permission.ARQ_UPDATE
android.permission.ARQ_EMV_COMMON
android.permission.ARQ_EMV_FILE
android.permission.ARQ_FILEOPS
android.permission.ARQ_EMV_LIB
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.READ_LOGS

Receivers

com.youzan.cashier.account.common.ModuleEventReceiver

com.youzan.cashierhd.APP_START

com.youzan.cashier.account.common.Receiver

com.youzan.cashierhd.AUTH_FAIL
com.youzan.cashierhd.MUST_UPDATE
com.youzan.mobile.zannet.AUTH_FAIL
com.youzan.mobile.zannet.MUST_UPDATE

com.youzan.cashier.push.common.ModuleEventReceiver

com.youzan.cashierhd.APP_START

com.youzan.cashier.bill.common.ModuleEventReceiver

com.youzan.cashierhd.APP_START

com.youzan.cashier.device.common.ModuleEventReceiver

com.youzan.cashierhd.APP_START

sunmi.ds.MsgReceiver

com.sunmi.hcservice
com.sunmi.hcservice.status

com.youzan.cashier.goods.common.ModuleEventReceiver

com.youzan.cashierhd.APP_START

com.youzan.zanpush.receiver.GetuiPushMessageReceiver

com.igexin.sdk.action.VoXFvFozeT7eewzdrEqEzA

com.xiaomi.push.service.receivers.NetworkStatusReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.xiaomi.push.service.receivers.PingReceiver

com.xiaomi.push.PING_TIMER

com.youzan.zanpush.receiver.XiaoMiPushMessageReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.MESSAGE_ARRIVED
com.xiaomi.mipush.ERROR

com.youzan.zanpush.receiver.HuaWeiPushMessageReceiver

com.huawei.android.push.intent.REGISTRATION
com.huawei.android.push.intent.RECEIVE
com.huawei.android.push.intent.CLICK
com.huawei.intent.action.PUSH_STATE

com.huawei.hms.support.api.push.PushEventReceiver

com.huawei.intent.action.PUSH

com.igexin.sdk.PushReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
com.igexin.sdk.action.refreshls
android.intent.action.MEDIA_MOUNTED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.igexin.sdk.PushManagerReceiver

com.igexin.sdk.action.pushmanager

com.igexin.download.DownloadReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.chpartner.huiyuanbao.pay.bao5.Onecomm$TradeReciver

com.charpter.huiyuanbao.pay.trade

com.youzan.pay.channel_sdk.YouzanPOSImpl$PayRetBroadcastReciver

com.youzan.cashierhd.pay.channel_sdk.payResult

Services

com.igexin.sdk.PushService

com.igexin.sdk.action.service.message

Android Permissions

09464f853a95554937e0fddd46d13623_JaffaCakes118

Permissions

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.CAMERA

android.permission.VIBRATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.CHANGE_CONFIGURATION

android.permission.CLOUDPOS_PRINTER

android.permission.CLOUDPOS_PINPAD

android.permission.CLOUDPOS_CONTACTLESS_CARD

android.permission.CLOUDPOS_MSR

android.permission.CLOUDPOS_LED

android.permission.CLOUDPOS_SAFE_MODULE

android.permission.CLOUDPOS_SMARTCARD

android.permission.CLOUDPOS_PIN_GET_PIN_BLOCK

android.permission.CLOUDPOS_PIN_MAC

android.permission.CLOUDPOS_PIN_ENCRYPT_DATA

android.permission.CLOUDPOS_PIN_UPDATE_USER_KEY

android.permission.CLOUDPOS_PIN_UPDATE_MASTER_KEY

android.permission.CLOUDPOS_EMV

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.WRITE_SETTINGS

android.permission.WAKE_LOCK

android.permission.DISABLE_KEYGUARD

android.permission.GET_TASKS

android.permission.BATTERY_STATS

android.permission.ACCESS_COARSE_UPDATES

com.wangpos.cashiercoreapp.coreapi

com.youzan.cashierhd.permission.MIPUSH_RECEIVE

android.permission.CHANGE_WIFI_STATE

android.permission.RECEIVE_BOOT_COMPLETED

getui.permission.GetuiService.com.youzan.cashierhd

android.permission.RECORD_AUDIO

android.permission.CHANGE_NETWORK_STATE

android.permission.READ_CONTACTS

android.permission.KIVVI_PRINTER

android.permission.KIVVI_PINPAD

android.permission.KIVVI_STORAGE

android.permission.KIVVI_SECSTORAGE

android.permission.KIVVI_CARD

android.permission.KIVVI_EXSCREEN

android.permission.KIVVI_AUTH

android.permission.ARQ_KEYREL

Sharing

General

Malware Config

Signatures

Files

com.youzan.cashierhd

com.youzan.cashier.account.common.ui.PrepareActivity

Activities

com.youzan.router.RouterActivity

com.youzan.cashierhd.wxapi.WXEntryActivity

com.tencent.tauth.AuthActivity

com.youzan.cashierhd.wxapi.WXPayEntryActivity

com.youzan.cashier.account.common.ui.PrepareActivity

Permissions

Receivers

com.youzan.cashier.account.common.ModuleEventReceiver

com.youzan.cashier.account.common.Receiver

com.youzan.cashier.push.common.ModuleEventReceiver

com.youzan.cashier.bill.common.ModuleEventReceiver

com.youzan.cashier.device.common.ModuleEventReceiver

sunmi.ds.MsgReceiver

com.youzan.cashier.goods.common.ModuleEventReceiver

com.youzan.zanpush.receiver.GetuiPushMessageReceiver

com.xiaomi.push.service.receivers.NetworkStatusReceiver

com.xiaomi.push.service.receivers.PingReceiver

com.youzan.zanpush.receiver.XiaoMiPushMessageReceiver

com.youzan.zanpush.receiver.HuaWeiPushMessageReceiver

com.huawei.hms.support.api.push.PushEventReceiver

com.igexin.sdk.PushReceiver

com.igexin.sdk.PushManagerReceiver

com.igexin.download.DownloadReceiver

com.chpartner.huiyuanbao.pay.bao5.Onecomm$TradeReciver

com.youzan.pay.channel_sdk.YouzanPOSImpl$PayRetBroadcastReciver

Services

com.igexin.sdk.PushService

Android Permissions

09464f853a95554937e0fddd46d13623_JaffaCakes118