164d1ffdc6d282360406d65f68166cd5_JaffaCakes118

General

Target

164d1ffdc6d282360406d65f68166cd5_JaffaCakes118
Size

11.7MB
MD5

164d1ffdc6d282360406d65f68166cd5
SHA1

f52b40e4b533837f7fb63611b7f6d106a8ea6313
SHA256

292278bd17ff6a108ecf70b8cd46ad276a0499a2e2c59aaee1250dfb1ac9a711
SHA512

0079e099e517ec1e41fb68109eb688a5c04b7767916cfdfbc6c0e547bc229c443191ca0db9b8a7b7f3d8703991a6b06f41a0b897054435a55b316e0177f7c3ee
SSDEEP

196608:LBQQiLvEOh8RC9cdN8zWlqey1E3Um+JIfXNwlb10PHsBqMhLCHvlcIGiTc4RRxgO:NQQeEOh0N8zeqP1E3mmfOlb1ljhdoThZ

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 9 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Required to be able to access the camera device.	android.permission.CAMERA

Files

164d1ffdc6d282360406d65f68166cd5_JaffaCakes118
.apk android arch:arm

com.fengguo.xjy.dl

com.downjoy.activity.SdkLoadActivity

Activities

com.downjoy.activity.SdkLoadActivity

android.intent.action.MAIN

com.downjoy.activity.SdkActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.VIBRATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_LOGS
android.permission.WAKE_LOCK
android.permission.SYSTEM_ALERT_WINDOW
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.RECEIVE_USER_PRESENT
android.permission.CHANGE_WIFI_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_INTERNAL_STORAGE
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.WRITE_SETTINGS
android.permission.READ_SETTINGS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.GET_TASKS
android.permission.NFC
android.webkit.permission.PLUGIN
cn.swiftpass.wxpay.permission.MMOAUTH_CALLBACK
cn.swiftpass.wxpay.permission.MM_MESSAGE
android.permission.CAMERA
android.permission.FLASHLIGHT
xvtian.gai.receiver
android.permission.SYSTEM_OVERLAY_WINDOW
org.simalliance.openmobileapi.SMARTCARD

Services
downjoy.apk
.apk android arch:arm64 arch:arm arch:x86

com.downjoyimpl

com.downjoy.activity.InnerSdkLoadActivity

Activities

com.downjoy.activity.InnerSdkLoadActivity

android.intent.action.MAIN

com.downjoy.activity.InnerSdkActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_INTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.READ_SMS
android.permission.ACCESS_FINE_LOCATION
android.permission.WRITE_SETTINGS
android.permission.READ_SETTINGS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.GET_TASKS
android.permission.READ_LOGS
android.permission.CALL_PHONE
android.permission.NFC
android.permission.VIBRATE
android.webkit.permission.PLUGIN
android.permission.CAMERA
android.permission.FLASHLIGHT
android.permission.SYSTEM_OVERLAY_WINDOW
cn.swiftpass.wxpay.permission.MMOAUTH_CALLBACK
cn.swiftpass.wxpay.permission.MM_MESSAGE
xvtian.gai.receiver
org.simalliance.openmobileapi.SMARTCARD
android.permission.REQUEST_INSTALL_PACKAGES

Services

com.downjoy.service.PollingService

action.downjoy.polling.service

com.downjoy.service.PollingQRCodeLoginService

action.downjoy.polling.qrcode.login.service

Android Permissions

164d1ffdc6d282360406d65f68166cd5_JaffaCakes118

Permissions

android.permission.VIBRATE

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_LOGS

android.permission.WAKE_LOCK

android.permission.SYSTEM_ALERT_WINDOW

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.RECEIVE_USER_PRESENT

android.permission.CHANGE_WIFI_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.READ_INTERNAL_STORAGE

android.permission.CHANGE_NETWORK_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.WRITE_SETTINGS

android.permission.READ_SETTINGS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.GET_TASKS

android.permission.NFC

android.webkit.permission.PLUGIN

cn.swiftpass.wxpay.permission.MMOAUTH_CALLBACK

cn.swiftpass.wxpay.permission.MM_MESSAGE

android.permission.CAMERA

android.permission.FLASHLIGHT

xvtian.gai.receiver

android.permission.SYSTEM_OVERLAY_WINDOW

org.simalliance.openmobileapi.SMARTCARD

Sharing

General

Malware Config

Signatures

Files

com.fengguo.xjy.dl

com.downjoy.activity.SdkLoadActivity

Activities

com.downjoy.activity.SdkLoadActivity

com.downjoy.activity.SdkActivity

com.tencent.tauth.AuthActivity

Permissions

Services

com.downjoyimpl

com.downjoy.activity.InnerSdkLoadActivity

Activities

com.downjoy.activity.InnerSdkLoadActivity

com.downjoy.activity.InnerSdkActivity

com.tencent.tauth.AuthActivity

Permissions

Services

com.downjoy.service.PollingService

com.downjoy.service.PollingQRCodeLoginService

Android Permissions

164d1ffdc6d282360406d65f68166cd5_JaffaCakes118