0b74ac77b52973350ad920380aa9683d_JaffaCakes118

General

Target

0b74ac77b52973350ad920380aa9683d_JaffaCakes118
Size

4.2MB
MD5

0b74ac77b52973350ad920380aa9683d
SHA1

74c3eff658ed64485974a1087e22c7abe229bede
SHA256

170e3311da10c30d9b3ee94b57c14b81f11f007f83696a53deefcee899556356
SHA512

34e0192737140cd0ea004ab878a5370dd8061c2a214a38f8fcd38d7c1482ebde17ffe744ff0c533f484725221d898b10a04d1730eff0a3acc656d12c2f5ccb6b
SSDEEP

49152:3OY4jRlCTyZzH0G726OIPYHgm8c6XvCUOfWtlM6bQz2ekA8uNUSi6RlKRZ:eY4j7COzHmUSi5RZ

Score

6^/10

Malware Config

Signatures

Declares broadcast receivers with permission to handle system events 1 IoCs

description	ioc
Required by device admin receivers to bind with the system. Allows apps to manage device administration features.	android.permission.BIND_DEVICE_ADMIN

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by remote views services to bind with the system. Allows apps to share and display views across different processes.	android.permission.BIND_REMOTEVIEWS

Requests dangerous framework permissions 8 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to read the user's calendar data.	android.permission.READ_CALENDAR
Allows an application to write the user's calendar data.	android.permission.WRITE_CALENDAR
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

0b74ac77b52973350ad920380aa9683d_JaffaCakes118
.apk android

com.android.email

com.android.email.activity.ComposeActivityEmail

Activities

com.android.email.activity.ComposeActivityEmail

android.intent.action.VIEW
android.intent.action.SENDTO
android.intent.action.SEND
android.intent.action.SEND_MULTIPLE
com.android.email.intent.action.REPLY
android.intent.action.SEND
android.nfc.action.NDEF_DISCOVERED
com.android.mail.intent.action.LAUNCH_COMPOSE
com.android.mail.intent.action.LAUNCH_COMPOSE

.activity.EventViewer

android.intent.action.VIEW

com.android.email2.ui.MailboxSelectionActivityEmail

android.appwidget.action.APPWIDGET_CONFIGURE

com.android.mail.ui.MailboxSelectionActivity

android.appwidget.action.APPWIDGET_CONFIGURE

com.android.email2.ui.CreateShortcutActivityEmail

android.intent.action.CREATE_SHORTCUT

com.android.email2.ui.MailActivityEmail

android.intent.action.VIEW
android.intent.action.SEARCH

.activity.setup.AccountSetupFinal

com.android.email.FORCE_CREATE_ACCOUNT
com.android.email.CREATE_NEW_ACCOUNT

.activity.setup.EmailPreferenceActivity

android.intent.action.EDIT
android.intent.action.VIEW

com.android.mail.ui.settings.PublicPreferenceActivity

com.android.email.activity.setup.ACCOUNT_MANAGER_ENTRY
android.intent.action.MANAGE_NETWORK_USAGE

.activity.setup.HeadlessAccountSettingsLoader

android.intent.action.VIEW

.provider.FolderPickerActivity

android.intent.action.EDIT

com.android.mail.browse.EmlViewerActivity

android.intent.action.VIEW

Permissions

android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.VIBRATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.READ_SYNC_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
android.permission.WRITE_CONTACTS
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.READ_CALENDAR
android.permission.WRITE_CALENDAR
android.permission.READ_PROFILE
android.permission.NFC
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
com.android.email.permission.READ_ATTACHMENT
android.permission.USE_CREDENTIALS
com.android.email.permission.ACCESS_PROVIDER

Receivers

.provider.WidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
com.android.mail.ACTION_NOTIFY_DATASET_CHANGED
com.android.mail.ACTION_UPDATE_WIDGET
com.android.mail.ACTION_VALIDATE_ALL_WIDGETS

.service.EmailUpgradeBroadcastReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.MY_PACKAGE_REPLACED

.service.EmailBroadcastReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK
android.intent.action.LOCALE_CHANGED
android.accounts.LOGIN_ACCOUNTS_CHANGED
com.android.mail.action.update_notification
android.provider.Telephony.SECRET_CODE

.SecurityPolicy$PolicyAdmin

android.app.action.DEVICE_ADMIN_ENABLED

Services

.service.Pop3AuthenticatorService

android.accounts.AccountAuthenticator

.service.ImapAuthenticatorService

android.accounts.AccountAuthenticator

com.android.email.service.Pop3SyncAdapterService

android.content.SyncAdapter

com.android.email.service.LegacyImapSyncAdapterService

android.content.SyncAdapter

.service.PolicyService

com.android.email.POLICY_INTENT

.service.AccountService

com.android.email.ACCOUNT_INTENT

.service.ImapService

com.android.email.IMAP_INTENT

.service.Pop3Service

com.android.email.POP3_INTENT

.service.EasAuthenticatorService

android.accounts.AccountAuthenticator

.service.EasTestAuthenticatorService

android.accounts.AccountAuthenticator

.service.EasAuthenticatorServiceAlternate

android.accounts.AccountAuthenticator

.service.LegacyImapAuthenticatorService

android.accounts.AccountAuthenticator

.service.LegacyEmailAuthenticatorService

android.accounts.AccountAuthenticator

.service.LegacyEasAuthenticatorService

android.accounts.AccountAuthenticator

com.android.email.EmailIntentService

com.android.mail.action.RESEND_NOTIFICATIONS
com.android.mail.action.RESEND_NOTIFICATIONS_WEAR
com.android.mail.action.SEND_SET_NEW_EMAIL_INDICATOR
com.android.mail.action.CLEAR_NEW_MAIL_NOTIFICATIONS
com.android.mail.action.update_notification

com.android.mail.NotificationActionIntentService

com.android.mail.action.notification.MARK_READ
com.android.mail.action.notification.ARCHIVE
com.android.mail.action.notification.DELETE
com.android.mail.action.notification.UNDO
com.android.mail.action.notification.DESTRUCT
com.android.mail.action.notification.UNDO_TIMEOUT
com.android.mail.action.notification.REPLY
com.android.mail.action.notification.REPLY_ALL
com.android.mail.action.notification.FORWARD

Android Permissions

0b74ac77b52973350ad920380aa9683d_JaffaCakes118

Permissions

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.VIBRATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.GET_ACCOUNTS

android.permission.MANAGE_ACCOUNTS

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.READ_SYNC_SETTINGS

android.permission.WRITE_SYNC_SETTINGS

android.permission.WRITE_CONTACTS

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.READ_CALENDAR

android.permission.WRITE_CALENDAR

android.permission.READ_PROFILE

android.permission.NFC

android.permission.WAKE_LOCK

android.permission.READ_PHONE_STATE

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

com.android.email.permission.READ_ATTACHMENT

android.permission.USE_CREDENTIALS

com.android.email.permission.ACCESS_PROVIDER

Sharing

General

Malware Config

Signatures

Files

com.android.email

com.android.email.activity.ComposeActivityEmail

Activities

com.android.email.activity.ComposeActivityEmail

.activity.EventViewer

com.android.email2.ui.MailboxSelectionActivityEmail

com.android.mail.ui.MailboxSelectionActivity

com.android.email2.ui.CreateShortcutActivityEmail

com.android.email2.ui.MailActivityEmail

.activity.setup.AccountSetupFinal

.activity.setup.EmailPreferenceActivity

com.android.mail.ui.settings.PublicPreferenceActivity

.activity.setup.HeadlessAccountSettingsLoader

.provider.FolderPickerActivity

com.android.mail.browse.EmlViewerActivity

Permissions

Receivers

.provider.WidgetProvider

.service.EmailUpgradeBroadcastReceiver

.service.EmailBroadcastReceiver

.SecurityPolicy$PolicyAdmin

Services

.service.Pop3AuthenticatorService

.service.ImapAuthenticatorService

com.android.email.service.Pop3SyncAdapterService

com.android.email.service.LegacyImapSyncAdapterService

.service.PolicyService

.service.AccountService

.service.ImapService

.service.Pop3Service

.service.EasAuthenticatorService

.service.EasTestAuthenticatorService

.service.EasAuthenticatorServiceAlternate

.service.LegacyImapAuthenticatorService

.service.LegacyEmailAuthenticatorService

.service.LegacyEasAuthenticatorService

com.android.email.EmailIntentService

com.android.mail.NotificationActionIntentService

Android Permissions

0b74ac77b52973350ad920380aa9683d_JaffaCakes118