0c3c86279afe2d31882c18681e0f5774_JaffaCakes118

General

Target

0c3c86279afe2d31882c18681e0f5774_JaffaCakes118
Size

22.0MB
MD5

0c3c86279afe2d31882c18681e0f5774
SHA1

8b64a8232405381a387b007f51e362c24135fdc2
SHA256

54a168382f4c79d613b661ce7c13a8707b79a1409b9a9b03f1d1db7fafa3bb39
SHA512

4246582ffc5e216bd80b4e9ef7595962a3befec06c64ae03f5c1e8ad9f32312a2e936d6db5d9f1365807a70b6a5438389c6e58f18858237d352d4211ec5d3867
SSDEEP

393216:yAe1O0xVlf0BrvqDYXPK4r25bHmRojGazeRVVeT4SbfyRxebZ1zSvRk9fc:yAe1Oubfz6KEazes+M2vR8E

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by input method services to bind with the system. Allows apps to provide custom input methods (keyboards).	android.permission.BIND_INPUT_METHOD

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Files

0c3c86279afe2d31882c18681e0f5774_JaffaCakes118
.apk android arch:arm

com.songheng.wubiime

com.songheng.wubiime.app.gdt.SplashActivity

Activities

cn.jpush.android.ui.PushActivity

cn.jpush.android.ui.PushActivity

com.songheng.wubiime.app.gdt.SplashActivity

android.intent.action.MAIN

com.songheng.wubiime.app.MainActivity

android.intent.action.CREATE_SHORTCUT

com.alibaba.alibclinkpartner.ui.ALPEntranceActivity

com.alibaba.intent.action.GETWAY

com.alibaba.baichuan.android.trade.ui.AlibcWebViewActivity

COM_TAOBAO_TAE_SDK_TRADE_WEB_VIEW_ACTION

com.alibaba.baichuan.android.trade.ui.AlibcBackActivity

android.intent.action.VIEW

Permissions

android.permission.SYSTEM_ALERT_WINDOW
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
com.android.launcher2.permission.READ_SETTINGS
com.android.launcher2.permission.WRITE_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.android.launcher3.permission.WRITE_SETTINGS
org.adw.launcher.permission.READ_SETTINGS
org.adw.launcher.permission.WRITE_SETTINGS
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.WRITE_SETTINGS
com.qihoo360.launcher.permission.READ_SETTINGS
com.qihoo360.launcher.permission.WRITE_SETTINGS
com.lge.launcher.permission.READ_SETTINGS
com.lge.launcher.permission.WRITE_SETTINGS
net.qihoo.launcher.permission.READ_SETTINGS
net.qihoo.launcher.permission.WRITE_SETTINGS
org.adwfreak.launcher.permission.READ_SETTINGS
org.adwfreak.launcher.permission.WRITE_SETTINGS
org.adw.launcher_donut.permission.READ_SETTINGS
org.adw.launcher_donut.permission.WRITE_SETTINGS
com.huawei.launcher3.permission.READ_SETTINGS
com.huawei.launcher3.permission.WRITE_SETTINGS
com.fede.launcher.permission.READ_SETTINGS
com.fede.launcher.permission.WRITE_SETTINGS
com.sec.android.app.twlauncher.settings.READ_SETTINGS
com.sec.android.app.twlauncher.settings.WRITE_SETTINGS
com.anddoes.launcher.permission.READ_SETTINGS
com.anddoes.launcher.permission.WRITE_SETTINGS
com.tencent.qqlauncher.permission.READ_SETTINGS
com.tencent.qqlauncher.permission.WRITE_SETTINGS
com.huawei.launcher2.permission.READ_SETTINGS
com.huawei.launcher2.permission.WRITE_SETTINGS
com.android.mylauncher.permission.READ_SETTINGS
com.android.mylauncher.permission.WRITE_SETTINGS
com.ebproductions.android.launcher.permission.READ_SETTINGS
com.ebproductions.android.launcher.permission.WRITE_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.WRITE_SETTINGS
telecom.mdesk.permission.READ_SETTINGS
telecom.mdesk.permission.WRITE_SETTINGS
dianxin.permission.ACCESS_LAUNCHER_DATA
com.songheng.wubiime.permission.JPUSH_MESSAGE
android.permission.RECEIVE_USER_PRESENT
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_USER_DICTIONARY
android.permission.READ_CONTACTS
android.permission.CAMERA
android.permission.FLASHLIGHT
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.BROADCAST_STICKY
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.BLUETOOTH
android.permission.READ_SETTINGS
android.permission.CHANGE_CONFIGURATION
android.permission.RUN_INSTRUMENTATION
android.permission.CHANGE_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.BLUETOOTH_ADMIN
getui.permission.GetuiService.com.songheng.wubiime

Receivers

cn.jpush.android.service.PushReceiver

cn.jpush.android.intent.NOTIFICATION_RECEIVED_PROXY
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.songheng.wubiime.app.BroadcastReceiver.JPushReceiver

cn.jpush.android.intent.REGISTRATION
cn.jpush.android.intent.MESSAGE_RECEIVED
cn.jpush.android.intent.NOTIFICATION_RECEIVED
cn.jpush.android.intent.NOTIFICATION_OPENED
cn.jpush.android.intent.CONNECTION

com.songheng.framework.StaticRegisterReceiver

android.intent.action.BOOT_COMPLETED

com.gx.dfttsdk.sdk.news.business.broadcast.DownLoadCompleteReceiver

android.intent.action.DOWNLOAD_COMPLETE

Services

cn.jpush.android.service.PushService

cn.jpush.android.intent.REGISTER
cn.jpush.android.intent.REPORT
cn.jpush.android.intent.PushService
cn.jpush.android.intent.PUSH_TIME

cn.jpush.android.service.DaemonService

cn.jpush.android.intent.DaemonService

com.songheng.wubiime.ime.GuangSuImeService

android.view.InputMethod

Android Permissions

0c3c86279afe2d31882c18681e0f5774_JaffaCakes118

Permissions

android.permission.SYSTEM_ALERT_WINDOW

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.WRITE_SETTINGS

com.android.launcher2.permission.READ_SETTINGS

com.android.launcher2.permission.WRITE_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

com.android.launcher3.permission.WRITE_SETTINGS

org.adw.launcher.permission.READ_SETTINGS

org.adw.launcher.permission.WRITE_SETTINGS

com.htc.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.WRITE_SETTINGS

com.qihoo360.launcher.permission.READ_SETTINGS

com.qihoo360.launcher.permission.WRITE_SETTINGS

com.lge.launcher.permission.READ_SETTINGS

com.lge.launcher.permission.WRITE_SETTINGS

net.qihoo.launcher.permission.READ_SETTINGS

net.qihoo.launcher.permission.WRITE_SETTINGS

org.adwfreak.launcher.permission.READ_SETTINGS

org.adwfreak.launcher.permission.WRITE_SETTINGS

org.adw.launcher_donut.permission.READ_SETTINGS

org.adw.launcher_donut.permission.WRITE_SETTINGS

com.huawei.launcher3.permission.READ_SETTINGS

com.huawei.launcher3.permission.WRITE_SETTINGS

com.fede.launcher.permission.READ_SETTINGS

com.fede.launcher.permission.WRITE_SETTINGS

com.sec.android.app.twlauncher.settings.READ_SETTINGS

com.sec.android.app.twlauncher.settings.WRITE_SETTINGS

com.anddoes.launcher.permission.READ_SETTINGS

com.anddoes.launcher.permission.WRITE_SETTINGS

com.tencent.qqlauncher.permission.READ_SETTINGS

com.tencent.qqlauncher.permission.WRITE_SETTINGS

com.huawei.launcher2.permission.READ_SETTINGS

com.huawei.launcher2.permission.WRITE_SETTINGS

com.android.mylauncher.permission.READ_SETTINGS

com.android.mylauncher.permission.WRITE_SETTINGS

com.ebproductions.android.launcher.permission.READ_SETTINGS

com.ebproductions.android.launcher.permission.WRITE_SETTINGS

com.oppo.launcher.permission.READ_SETTINGS

com.oppo.launcher.permission.WRITE_SETTINGS

com.huawei.android.launcher.permission.READ_SETTINGS

com.huawei.android.launcher.permission.WRITE_SETTINGS

telecom.mdesk.permission.READ_SETTINGS

telecom.mdesk.permission.WRITE_SETTINGS

dianxin.permission.ACCESS_LAUNCHER_DATA

com.songheng.wubiime.permission.JPUSH_MESSAGE

android.permission.RECEIVE_USER_PRESENT

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.READ_PHONE_STATE

Sharing

General

Malware Config

Signatures

Files

com.songheng.wubiime

com.songheng.wubiime.app.gdt.SplashActivity

Activities

cn.jpush.android.ui.PushActivity

com.songheng.wubiime.app.gdt.SplashActivity

com.songheng.wubiime.app.MainActivity

com.alibaba.alibclinkpartner.ui.ALPEntranceActivity

com.alibaba.baichuan.android.trade.ui.AlibcWebViewActivity

com.alibaba.baichuan.android.trade.ui.AlibcBackActivity

Permissions

Receivers

cn.jpush.android.service.PushReceiver

com.songheng.wubiime.app.BroadcastReceiver.JPushReceiver

com.songheng.framework.StaticRegisterReceiver

com.gx.dfttsdk.sdk.news.business.broadcast.DownLoadCompleteReceiver

Services

cn.jpush.android.service.PushService

cn.jpush.android.service.DaemonService

com.songheng.wubiime.ime.GuangSuImeService

Android Permissions

0c3c86279afe2d31882c18681e0f5774_JaffaCakes118