13bcbd3a695aa174402075d0c4305658_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

13bcbd3a695aa174402075d0c4305658_JaffaCakes118
Size

18.1MB
MD5

13bcbd3a695aa174402075d0c4305658
SHA1

7646b1513e58cb374d1f880232478433388f356e
SHA256

d1e594d804cb5ac2a2723865543fd2ddb8d229ef0cf285c73a6f74019204cc43
SHA512

df498c89f95127ee8b63c0420d6962215bea269e478e698ba9b974743f3daba3e69599d82d2ccd8fbf704fa4feeb54810b4e30c1252c6e07075c045ed748fa7b
SSDEEP

393216:wKirOKZ5TBLkwPpYLk3peFUN1q0mtk6ctaxD2wdg9IPmqfM/vykt:wKirO0PkwPuYeW/l86gywm9Wat

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

13bcbd3a695aa174402075d0c4305658_JaffaCakes118
.apk android arch:arm64 arch:arm arch:x86 arch:x64

org.xzip.android.archiver

org.openintents.filemanager.FileManagerActivity

Activities

org.openintents.filemanager.FileManagerActivity

android.intent.action.VIEW
android.intent.action.MAIN
org.openintents.action.PICK_FILE
org.openintents.action.PICK_FILE
org.openintents.action.PICK_FILE
org.openintents.action.PICK_DIRECTORY
org.openintents.action.PICK_DIRECTORY
android.intent.action.GET_CONTENT
org.openintents.action.MULTI_SELECT
android.intent.action.VIEW
android.intent.action.VIEW

io.presage.mraid.browser.ShortcutActivity

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
com.android.vending.BILLING
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_WIFI_STATE
com.google.android.providers.gsf.permission.READ_GSERVICES
android.permission.READ_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.CHANGE_WIFI_STATE
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.WAKE_LOCK
com.android.alarm.permission.SET_ALARM
android.permission.FOREGROUND_SERVICE

Receivers

com.adclient.android.sdk.install.DownloadCompleteReceiver

android.intent.action.DOWNLOAD_COMPLETE

com.startapp.android.publish.common.metaData.BootCompleteListener

android.intent.action.BOOT_COMPLETED

com.mintegral.msdk.click.AppReceiver

android.intent.action.PACKAGE_ADDED

com.yandex.metrica.MetricaEventHandler

com.android.vending.INSTALL_REFERRER

com.opensignal.datacollection.AppUpgradeReceiver

android.intent.action.MY_PACKAGE_REPLACED

com.opensignal.datacollection.schedules.monitors.BootReceiver

android.intent.action.BOOT_COMPLETED
com.opensignal.IS_DATA_COLLECTOR

com.opensignal.datacollection.schedules.monitors.BatteryLowReceiver

android.intent.action.BATTERY_LOW

com.opensignal.datacollection.schedules.monitors.BatteryOkayReceiver

android.intent.action.BATTERY_OKAY

com.opensignal.datacollection.schedules.monitors.PowerConnectedReceiver

android.intent.action.ACTION_POWER_CONNECTED

com.opensignal.datacollection.schedules.monitors.PowerDisconnectedReceiver

android.intent.action.ACTION_POWER_DISCONNECTED

com.opensignal.datacollection.schedules.monitors.WifiChangeReceiver

android.net.wifi.WIFI_STATE_CHANGED
android.net.wifi.STATE_CHANGE
android.net.wifi.supplicant.CONNECTION_CHANGE

com.opensignal.datacollection.schedules.monitors.PhoneStateReceiver

android.intent.action.PHONE_STATE

com.opensignal.datacollection.schedules.monitors.IntensiveDataTransferReceiver

com.opensignal.action.INTENSIVE_DATA_TRANSFER_ON
com.opensignal.action.INTENSIVE_DATA_TRANSFER_OFF

com.mobknowsdk.receivers.MInstallReceiver

android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_ADDED

com.mobknowsdk.receivers.BService

android.intent.action.BOOT_COMPLETED

com.oneaudience.sdk.OneAudienceReceiver

android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_ADDED
com.oneaudience.action.CONFIGURATION

com.appnext.base.receivers.AppnextBootReciever

android.intent.action.BOOT_COMPLETED

com.bidmotion.gorgon.sdk.action.ActionEventReceiver

android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_DATA_CLEARED
android.intent.action.PACKAGE_FIRST_LAUNCH
android.intent.action.PACKAGE_NEEDS_VERIFICATION
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_VERIFIED
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_FULLY_REMOVED

com.venpath.sdk.service.LocationLoggerServiceManager

android.intent.action.BOOT_COMPLETED

com.areametrics.areametricssdk.AMLocationUpdatesBroadcastReceiver

com.areametrics.areametricssdk.AMLocationUpdatesBroadcastReceiver.ACTION_PROCESS_UPDATES

com.vungle.warren.NetworkStateReceiver

android.net.conn.CONNECTIVITY_CHANGE

org.altbeacon.beacon.startup.StartupBroadcastReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.cuebiq.cuebiqsdk.receiver.CoverageReceiver

android.location.PROVIDERS_CHANGED
android.intent.action.BOOT_COMPLETED

com.inlocomedia.android.location.LocationReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.AIRPLANE_MODE

com.inlocomedia.android.core.schedulers.alarm.AlarmHelperReceiver

com.inlocomedia.android.core.AlarmTriggeredEvent

Services

com.mintegral.msdk.shell.MTGService

com.mintegral.msdk.download.action

com.yandex.metrica.MetricaService

com.yandex.metrica.IMetricaService

com.yandex.metrica.ConfigurationService

com.yandex.metrica.configuration.ACTION_START

Android Permissions

13bcbd3a695aa174402075d0c4305658_JaffaCakes118

Permissions

android.permission.SYSTEM_ALERT_WINDOW

android.permission.GET_TASKS

com.android.vending.BILLING

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_WIFI_STATE

com.google.android.providers.gsf.permission.READ_GSERVICES

android.permission.READ_EXTERNAL_STORAGE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.CHANGE_WIFI_STATE

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.WAKE_LOCK

com.android.alarm.permission.SET_ALARM

android.permission.FOREGROUND_SERVICE

Sharing

General

Malware Config

Signatures

Files

org.xzip.android.archiver

org.openintents.filemanager.FileManagerActivity

Activities

org.openintents.filemanager.FileManagerActivity

io.presage.mraid.browser.ShortcutActivity

Permissions

Receivers

com.adclient.android.sdk.install.DownloadCompleteReceiver

com.startapp.android.publish.common.metaData.BootCompleteListener

com.mintegral.msdk.click.AppReceiver

com.yandex.metrica.MetricaEventHandler

com.opensignal.datacollection.AppUpgradeReceiver

com.opensignal.datacollection.schedules.monitors.BootReceiver

com.opensignal.datacollection.schedules.monitors.BatteryLowReceiver

com.opensignal.datacollection.schedules.monitors.BatteryOkayReceiver

com.opensignal.datacollection.schedules.monitors.PowerConnectedReceiver

com.opensignal.datacollection.schedules.monitors.PowerDisconnectedReceiver

com.opensignal.datacollection.schedules.monitors.WifiChangeReceiver

com.opensignal.datacollection.schedules.monitors.PhoneStateReceiver

com.opensignal.datacollection.schedules.monitors.IntensiveDataTransferReceiver

com.mobknowsdk.receivers.MInstallReceiver

com.mobknowsdk.receivers.BService

com.oneaudience.sdk.OneAudienceReceiver

com.appnext.base.receivers.AppnextBootReciever

com.bidmotion.gorgon.sdk.action.ActionEventReceiver

com.venpath.sdk.service.LocationLoggerServiceManager

com.areametrics.areametricssdk.AMLocationUpdatesBroadcastReceiver

com.vungle.warren.NetworkStateReceiver

org.altbeacon.beacon.startup.StartupBroadcastReceiver

com.cuebiq.cuebiqsdk.receiver.CoverageReceiver

com.inlocomedia.android.location.LocationReceiver

com.inlocomedia.android.core.schedulers.alarm.AlarmHelperReceiver

Services

com.mintegral.msdk.shell.MTGService

com.yandex.metrica.MetricaService

com.yandex.metrica.ConfigurationService

Android Permissions

13bcbd3a695aa174402075d0c4305658_JaffaCakes118