1487f7c3c440955b3fd3ef65bb0d8948_JaffaCakes118

General

Target

1487f7c3c440955b3fd3ef65bb0d8948_JaffaCakes118
Size

4.6MB
MD5

1487f7c3c440955b3fd3ef65bb0d8948
SHA1

b162ca3ef30bb341ef89c2afa9885d1d9ab161c2
SHA256

ebca9bfe670f48a157c4a3fef6ba3dc2baf64484f083a11ee82005f4ba91e872
SHA512

b70ac2a2a598ec2329d6899a4687d4a1044b9477d6410fa5d59f77862194f839ec3f178cf6b88b1a92bef35d4d438ef9fef8f5c02b78e358ee2329b09ce85ff0
SSDEEP

98304:aaKACTcWJgjHtwG9Rg2l9BvLkd+lFUSfLlHXKspsf71GL33Fn:Fyc4kHWGzgWLkYLlH6spS1KHd

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

1487f7c3c440955b3fd3ef65bb0d8948_JaffaCakes118
.apk android arch:arm

com.wuyueshangshui.laosiji

.SplashActivity

Activities

.SplashActivity

android.intent.action.MAIN

.DownFileActivity

android.intent.action.MAIN

cn.jpush.android.ui.PushActivity

cn.jpush.android.ui.PushActivity

Permissions

android.permission.VIBRATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.READ_LOGS
android.permission.WAKE_LOCK
com.wuyueshangshui.laosiji.permission.JPUSH_MESSAGE
android.permission.RECEIVE_USER_PRESENT
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.CHANGE_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.SYSTEM_ALERT_WINDOW

Receivers

cn.jpush.android.service.PushReceiver

android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED

.receiver.Receiver

cn.jpush.android.intent.REGISTRATION
cn.jpush.android.intent.MESSAGE_RECEIVED
cn.jpush.android.intent.NOTIFICATION_RECEIVED
cn.jpush.android.intent.NOTIFICATION_OPENED
android.intent.action.BOOT_COMPLETED

Services

cn.jpush.android.service.PushService

cn.jpush.android.intent.REGISTER
cn.jpush.android.intent.REPORT
cn.jpush.android.intent.PushService
cn.jpush.android.intent.PUSH_TIME
20121018133442msp.apk
.apk android arch:arm

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

android.intent.action.MAIN

.activity.Alerter

android.intent.action.MAIN

.activity.Welcome

android.intent.action.MAIN

.activity.Updater

android.intent.action.MAIN

.activity.PageForBrowser

android.intent.action.VIEW

.activity.CertBiz

android.intent.action.MAIN

.activity.MessageActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
com.aliyun.xiaoyunmi.alipay

Receivers

.AlixReceiver

com.aliyun.xiaoyunmi.alipay_exit

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

Android Permissions

1487f7c3c440955b3fd3ef65bb0d8948_JaffaCakes118

Permissions

android.permission.VIBRATE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.READ_LOGS

android.permission.WAKE_LOCK

com.wuyueshangshui.laosiji.permission.JPUSH_MESSAGE

android.permission.RECEIVE_USER_PRESENT

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.CHANGE_NETWORK_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.SYSTEM_ALERT_WINDOW

Sharing

General

Malware Config

Signatures

Files

com.wuyueshangshui.laosiji

.SplashActivity

Activities

.SplashActivity

.DownFileActivity

cn.jpush.android.ui.PushActivity

Permissions

Receivers

cn.jpush.android.service.PushReceiver

.receiver.Receiver

Services

cn.jpush.android.service.PushService

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

.activity.Alerter

.activity.Welcome

.activity.Updater

.activity.PageForBrowser

.activity.CertBiz

.activity.MessageActivity

Permissions

Receivers

.AlixReceiver

Services

.AlixService

Android Permissions

1487f7c3c440955b3fd3ef65bb0d8948_JaffaCakes118