157c40ed44b80b659b940a0a6f8721d6_JaffaCakes118

General

Target

157c40ed44b80b659b940a0a6f8721d6_JaffaCakes118
Size

12.7MB
MD5

157c40ed44b80b659b940a0a6f8721d6
SHA1

f951173b7d25ea82e40f53997ea2c060c05a1211
SHA256

c154cba78fe7162235e5a53034b691232ae38a3018e7132cd1dbda915c63a7a3
SHA512

2053369b9af3e1409825096a46a1c8b9e2ae051640a61cae45330d9dd5eaf3c76e2ef7255c803de01a49fd747fb1654429066e01b7092309ee4ea91892794d10
SSDEEP

196608:CUrlUfp/NQiSn8WnwB8wCuJPEQc8iB/VcFtBMw7sQs6ty4Vmu7EafjTpYtVnwqzK:CUrl2/N8bnw0/jGnMEymmcbTpmNwqzYj

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to record audio.	android.permission.RECORD_AUDIO

Files

157c40ed44b80b659b940a0a6f8721d6_JaffaCakes118
.apk android arch:arm

com.qianxun.kankan

com.qianxun.kankan.WelcomeActivity

Activities

com.qianxun.kankan.WelcomeActivity

android.intent.action.MAIN

com.qianxun.kankan.activity.ViewActivity

android.intent.action.VIEW

com.qianxun.kankan.activity.myqianxun.DownloadActivity

com.qianxun.kankan.intent.action.open_download

com.qianxun.game.LayaPluginActivity

com.qianxun.game.LayaPluginActivity

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.WRITE_SETTINGS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.DISABLE_KEYGUARD
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.VIBRATE
android.permission.CHANGE_CONFIGURATION
android.permission.CHANGE_WIFI_STATE
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
android.permission.RECORD_AUDIO

Receivers

com.qianxun.kankan.UpdateReceiver

android.net.conn.CONNECTIVITY_CHANGE
com.qianxun.kankan.intent.action.refresh_data
com.qianxun.kankan.intent.action.push_message
com.qianxun.kankan.intent.action.download
com.qianxun.kankan.intent.action.favorite

com.inmobi.commons.analytics.androidsdk.IMAdTrackerReceiver

com.android.vending.INSTALL_REFERRER

Services

com.qianxun.download.services.DownloadService

com.qianxun.kankan.download.services.IDownloadService
__pasys_remote_banner.jar
.apk android
gdtadv2.jar
.apk android

Android Permissions

157c40ed44b80b659b940a0a6f8721d6_JaffaCakes118

Permissions

android.permission.WRITE_SETTINGS

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_MULTICAST_STATE

android.permission.WAKE_LOCK

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.DISABLE_KEYGUARD

android.permission.READ_PHONE_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.VIBRATE

android.permission.CHANGE_CONFIGURATION

android.permission.CHANGE_WIFI_STATE

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

android.permission.RECORD_AUDIO

Sharing

General

Malware Config

Signatures

Files

com.qianxun.kankan

com.qianxun.kankan.WelcomeActivity

Activities

com.qianxun.kankan.WelcomeActivity

com.qianxun.kankan.activity.ViewActivity

com.qianxun.kankan.activity.myqianxun.DownloadActivity

com.qianxun.game.LayaPluginActivity

com.tencent.tauth.AuthActivity

Permissions

Receivers

com.qianxun.kankan.UpdateReceiver

com.inmobi.commons.analytics.androidsdk.IMAdTrackerReceiver

Services

com.qianxun.download.services.DownloadService

Android Permissions

157c40ed44b80b659b940a0a6f8721d6_JaffaCakes118