16b6c9f27a7f6acc97f5902f1051ef03_JaffaCakes118

General

Target

16b6c9f27a7f6acc97f5902f1051ef03_JaffaCakes118
Size

8.4MB
MD5

16b6c9f27a7f6acc97f5902f1051ef03
SHA1

660b31a3ec1c81a3e50302e43c384ce69f9f9044
SHA256

50e9664b38a425d78df0572d1d2bbd486678a3b37a5b3f7325ece099e0e98812
SHA512

2235ea328171f1713e5ba5572af6c146b8cd4a9dd83e92d9bb76c6e040443f817c444d24f1948a84ba07bb1f3b789b296446a4a4a19942f0cdaa77b657c559df
SSDEEP

196608:gU0IATjyvq4zWbTBRvcavm2ewDVlwO3YFKIDIkYuNM5yu0A:dy+vZc3+2LymHl0A

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 11 IoCs

description	ioc
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

16b6c9f27a7f6acc97f5902f1051ef03_JaffaCakes118
.apk android arch:arm arch:x86

com.flkeyguard.lockscreen

cn.com.nd.s.ThemeListActivity

Activities

com.flkeyguard.lockgp.activity.LockGpOneKeyClearActivity

com.flkeyguard.lockgp.activity.LockGpOneKeyClearActivity

cn.com.nd.s.ThemeListActivity

cn.com.nd.zns.action.SETTING
android.intent.action.MAIN

com.baidu.screenlock.core.common.download.activity.DownloadManagerActivity

com.baidu.screenlock.downloadmanager.SHOW

Permissions

android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_SYNC_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
android.permission.WRITE_SETTINGS
android.permission.ACCESS_NETWORK_STATE
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.CHANGE_NETWORK_STATE
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.SET_ALARM
com.android.alarm.permission.SET_ALARM
android.permission.FLASHLIGHT
android.permission.CAMERA
android.permission.INTERNET
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.VIBRATE
android.permission.DISABLE_STATUS_BAR
android.permission.CHANGE_CONFIGURATION
android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_OVERLAY_WINDOW
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.CREATE_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.android.launcher3.permission.WRITE_SETTINGS
com.motorola.dlauncher.permission.READ_SETTINGS
com.motorola.dlauncher.permission.WRITE_SETTINGS
com.motorola.mmsp.motoswitch.permission.READ_SETTINGS
com.motorola.mmsp.motoswitch.permission.WRITE_SETTINGS
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.WRITE_SETTINGS
com.aspire.mm.permission.READ_SETTINGS
com.aspire.mm.permission.WRITE_SETTINGS
com.qihoo360.launcher.permission.WRITE_SETTINGS
com.qihoo360.launcher.permission.READ_SETTINGS
com.ty.launcher.permission.READ_SETTINGS
com.ty.launcher.permission.WRITE_SETTINGS
com.sonyericsson.homescreen.permission.READ_SETTINGS
com.sonyericsson.homescreen.permission.WRITE_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.mediatek.launcherplus.permission.READ_SETTINGS
com.mediatek.launcherplus.permission.WRITE_SETTINGS
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.WRITE_SETTINGS
com.huawei.launcher2.permission.READ_SETTINGS
com.huawei.launcher2.permission.WRITE_SETTINGS
com.huawei.launcher3.permission.READ_SETTINGS
com.huawei.launcher3.permission.WRITE_SETTINGS
com.baiqi.weather.permission.READ_SETTINGS
com.baiqi.weather.permission.WRITE_SETTINGS
com.fede.launcher.permission.READ_SETTINGS
com.fede.launcher.permission.WRITE_SETTINGS
mobi.SyndicateApps.ICS.launcher.permission.READ_SETTINGS
mobi.SyndicateApps.ICS.launcher.permission.WRITE_SETTINGS
com.motorola.dock.DesktopDock.permission.READ_SETTINGS
com.motorola.dock.DesktopDock.permission.WRITE_SETTINGS
com.lge.launcher.permission.READ_SETTINGS
com.lge.launcher.permission.WRITE_SETTINGS
com.thunderst.launcher.permission.READ_SETTINGS
com.thunderst.launcher.permission.WRITE_SETTINGS
com.sec.android.app.twlauncher.permission.READ_SETTINGS
com.sec.android.app.twlauncher.permission.WRITE_SETTINGS
org.adwfreak.launcher.permission.READ_SETTINGS
org.adwfreak.launcher.permission.WRITE_SETTINGS
org.adw.launcher.permission.READ_SETTINGS
org.adw.launcher.permission.WRITE_SETTINGS
net.qihoo.launcher.permission.READ_SETTINGS
net.qihoo.launcher.permission.WRITE_SETTINGS
com.bbk.launcher2.permission.READ_SETTINGS
com.bbk.launcher2.permission.WRITE_SETTINGS
com.android.launcher.permission.READ_SETTINGS
com.android.launcher2.permission.READ_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
org.adw.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.READ_SETTINGS
com.qihoo360.launcher.permission.READ_SETTINGS
com.lge.launcher.permission.READ_SETTINGS
net.qihoo.launcher.permission.READ_SETTINGS
org.adwfreak.launcher.permission.READ_SETTINGS
org.adw.launcher_donut.permission.READ_SETTINGS
com.huawei.launcher3.permission.READ_SETTINGS
com.fede.launcher.permission.READ_SETTINGS
com.sec.android.app.twlauncher.settings.READ_SETTINGS
com.anddoes.launcher.permission.READ_SETTINGS
com.tencent.qqlauncher.permission.READ_SETTINGS
com.huawei.launcher2.permission.READ_SETTINGS
com.android.mylauncher.permission.READ_SETTINGS
com.ebproductions.android.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.lenovo.launcher.permission.READ_SETTINGS
android.permission.DISABLE_KEYGUARD
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_TASKS
android.permission.WAKE_LOCK
android.permission.SET_WALLPAPER
android.permission.PACKAGE_USAGE_STATS
android.permission.USE_FINGERPRINT
android.permission.GET_ACCOUNTS
android.permission.RECORD_AUDIO
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_EXTERNAL_STORAGE
com.google.android.c2dm.permission.RECEIVE

Receivers

com.google.android.gms.analytics.CampaignTrackingReceiver

com.android.vending.INSTALL_REFERRER

com.felink.ad.receiver.AppReceiver

android.intent.action.PACKAGE_ADDED

com.duapps.ad.base.PackageAddReceiver

android.intent.action.PACKAGE_ADDED

com.batmobi.BatMobiBroadcastReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.felink.ad.receiver.InstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.baidu.screenlock.lockcore.receiver.BootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT
android.intent.action.ACTION_SHUTDOWN
android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.WIFI_STATE_CHANGED
action.restart.UpdateService
android.intent.action.PACKAGE_REMOVED

com.baidu.screenlock.lockcore.receiver.ZnsInstallReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED

com.baidu.screenlock.settings.feedback.SendChooseBroadcast

android.net.conn.CONNECTIVITY_CHANGE

com.felink.weather_lib.push.NetConnectReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.felink.weather_lib.push.AlarmDayReceiver

com.felink.alarm.clock

Services

com.baidu.screenlock.adaptation.service.NotificationService

android.service.notification.NotificationListenerService

com.baidu.screenlock.common.LockStateService

com.baidu.screenlock.common.LockStateService

com.baidu.screenlock.core.lock.service.LockStateManagerServer

cn.com.nd.s.lock.series

com.baidu.screenlock.core.lock.service.MyAccessibility

android.accessibilityservice.AccessibilityService

Android Permissions

16b6c9f27a7f6acc97f5902f1051ef03_JaffaCakes118

Permissions

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.READ_SYNC_SETTINGS

android.permission.WRITE_SYNC_SETTINGS

android.permission.WRITE_SETTINGS

android.permission.ACCESS_NETWORK_STATE

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.CHANGE_NETWORK_STATE

android.permission.INTERACT_ACROSS_USERS_FULL

android.permission.SET_ALARM

com.android.alarm.permission.SET_ALARM

android.permission.FLASHLIGHT

android.permission.CAMERA

android.permission.INTERNET

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.VIBRATE

android.permission.DISABLE_STATUS_BAR

android.permission.CHANGE_CONFIGURATION

android.permission.SYSTEM_ALERT_WINDOW

android.permission.SYSTEM_OVERLAY_WINDOW

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.CREATE_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.WRITE_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

com.android.launcher3.permission.WRITE_SETTINGS

com.motorola.dlauncher.permission.READ_SETTINGS

com.motorola.dlauncher.permission.WRITE_SETTINGS

com.motorola.mmsp.motoswitch.permission.READ_SETTINGS

com.motorola.mmsp.motoswitch.permission.WRITE_SETTINGS

com.htc.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.WRITE_SETTINGS

com.aspire.mm.permission.READ_SETTINGS

com.aspire.mm.permission.WRITE_SETTINGS

com.qihoo360.launcher.permission.WRITE_SETTINGS

com.qihoo360.launcher.permission.READ_SETTINGS

com.ty.launcher.permission.READ_SETTINGS

com.ty.launcher.permission.WRITE_SETTINGS

com.sonyericsson.homescreen.permission.READ_SETTINGS

com.sonyericsson.homescreen.permission.WRITE_SETTINGS

com.oppo.launcher.permission.WRITE_SETTINGS

com.oppo.launcher.permission.READ_SETTINGS

com.mediatek.launcherplus.permission.READ_SETTINGS

com.mediatek.launcherplus.permission.WRITE_SETTINGS

com.huawei.android.launcher.permission.READ_SETTINGS

com.huawei.android.launcher.permission.WRITE_SETTINGS

com.huawei.launcher2.permission.READ_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.flkeyguard.lockscreen

cn.com.nd.s.ThemeListActivity

Activities

com.flkeyguard.lockgp.activity.LockGpOneKeyClearActivity

cn.com.nd.s.ThemeListActivity

com.baidu.screenlock.core.common.download.activity.DownloadManagerActivity

Permissions

Receivers

com.google.android.gms.analytics.CampaignTrackingReceiver

com.felink.ad.receiver.AppReceiver

com.duapps.ad.base.PackageAddReceiver

com.batmobi.BatMobiBroadcastReceiver

com.felink.ad.receiver.InstallReferrerReceiver

com.baidu.screenlock.lockcore.receiver.BootReceiver

com.baidu.screenlock.lockcore.receiver.ZnsInstallReceiver

com.baidu.screenlock.settings.feedback.SendChooseBroadcast

com.felink.weather_lib.push.NetConnectReceiver

com.felink.weather_lib.push.AlarmDayReceiver

Services

com.baidu.screenlock.adaptation.service.NotificationService

com.baidu.screenlock.common.LockStateService

com.baidu.screenlock.core.lock.service.LockStateManagerServer

com.baidu.screenlock.core.lock.service.MyAccessibility

Android Permissions

16b6c9f27a7f6acc97f5902f1051ef03_JaffaCakes118