16daaf361325b1ae6f3a8c39285de179_JaffaCakes118

General

Target

16daaf361325b1ae6f3a8c39285de179_JaffaCakes118
Size

5.2MB
MD5

16daaf361325b1ae6f3a8c39285de179
SHA1

26a9ff9a4f243e761dba687f3adb42c02272012a
SHA256

bccd3b3701cb4163ca3f5d951030d252ccddc4dd270c01aee5450b4f419029bb
SHA512

a1c506487d8d9a83b020fa591ccce168b196c1b944adce3c901446a4a6e1e30425b03f394e0cd0e6c131a2c920e9628e063337f93481ec537d6afd8e6d93e03a
SSDEEP

98304:bN9Jtd72acBlGgda5AX7OwsyRd8WlE5IJXbLqo5Q/X5Zha59q:bHp2DrIZkROWCypLlcX5um

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

16daaf361325b1ae6f3a8c39285de179_JaffaCakes118
.apk android arch:arm arch:x86 arch:mips

com.sangame.jjhcps.android

.act.InitActivity

Activities

.act.InitActivity

android.intent.action.MAIN

com.baidu.frontia.activity.share.FrontiaQQFriendShareReceiverActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.WRITE_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.BROADCAST_STICKY
android.permission.VIBRATE
android.permission.DISABLE_KEYGUARD
android.permission.ACCESS_COARSE_LOCATION
android.permission.GET_TASKS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WAKE_LOCK

Receivers

com.sangame.jjhcps.android.broadcast.receiver.BaiduPushMessageReceiver

com.baidu.android.pushservice.action.MESSAGE
com.baidu.android.pushservice.action.RECEIVE
com.baidu.android.pushservice.action.notification.CLICK

com.sangame.jjhcps.android.broadcast.receiver.BindBaiduReceiver

com.sangame.jjh.bind.baidu.service

com.baidu.android.pushservice.PushServiceReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
com.baidu.android.pushservice.action.notification.SHOW
com.baidu.android.pushservice.action.media.CLICK
com.baidu.android.pushservice.action.frontia.user

com.baidu.android.pushservice.RegistrationReceiver

com.baidu.android.pushservice.action.METHOD
com.baidu.android.pushservice.action.BIND_SYNC
android.intent.action.PACKAGE_REMOVED

.appwidget.QuotaProvider2

android.appwidget.action.APPWIDGET_UPDATE

.appwidget.receiver.BootCompletedReceiver

android.intent.action.BOOT_COMPLETED

Services
plugin-deploy.jar
.apk android

Android Permissions

16daaf361325b1ae6f3a8c39285de179_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_DOWNLOAD_MANAGER

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.WRITE_SETTINGS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.BROADCAST_STICKY

android.permission.VIBRATE

android.permission.DISABLE_KEYGUARD

android.permission.ACCESS_COARSE_LOCATION

android.permission.GET_TASKS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WAKE_LOCK

Sharing

General

Malware Config

Signatures

Files

com.sangame.jjhcps.android

.act.InitActivity

Activities

.act.InitActivity

com.baidu.frontia.activity.share.FrontiaQQFriendShareReceiverActivity

Permissions

Receivers

com.sangame.jjhcps.android.broadcast.receiver.BaiduPushMessageReceiver

com.sangame.jjhcps.android.broadcast.receiver.BindBaiduReceiver

com.baidu.android.pushservice.PushServiceReceiver

com.baidu.android.pushservice.RegistrationReceiver

.appwidget.QuotaProvider2

.appwidget.receiver.BootCompletedReceiver

Services

Android Permissions

16daaf361325b1ae6f3a8c39285de179_JaffaCakes118