17f9bf723758b056b369a68d9f215224_JaffaCakes118

General

Target

17f9bf723758b056b369a68d9f215224_JaffaCakes118
Size

14.2MB
MD5

17f9bf723758b056b369a68d9f215224
SHA1

b357db7d84a72501c50a502dd099fb1974555ded
SHA256

0ad5934914bd90030715040d62e2175dc7f6f94637b9cb10fd418f1b4bf4fbca
SHA512

81ddd648ad581043f54ffbc0713773d20a00dca22cdde07230a54c3e706cb5e32fc1de76be3bfaa96505e894464399beafb5748522c7e8dfe30a93bc919ce0d8
SSDEEP

393216:21aixO5qf0rL+62OlVHXVdBN9jPhwThYmJ2Su7PiHvMozgguNIDZz:YxO5qf053zBN9JGZ2o0mVuNIDZz

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

17f9bf723758b056b369a68d9f215224_JaffaCakes118
.apk android arch:arm

zjdgame.ftyx.sky.mm

zjdgame.ftyx.sky.mm.Sky

Activities

zjdgame.ftyx.sky.mm.Sky

android.intent.action.MAIN

mm.purchasesdk.iapservice.BillingLayoutActivity

zjdgame.ftyx.sky.mm.com.mmiap.activity

safiap.framework.ui.UpdateHintActivity

safiap.framework.ACTION_TO_INSTALL
safiap.framework.ACTION_TO_INSTALL_IAP
safiap.framework.ACTION_NETWORK_ERROR_IAP
safiap.framework.ACTION_NETWORK_ERROR_FRAMEWORK

Permissions

com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.SEND_SMS
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Receivers

safiap.framework.CheckUpdateReceiver

safiap.framework.ACTION_CANCEL_NOTIFICATION
safiap.GET_SHARED_DATA
safiap.framework.ACTION_SET_TIMER

Services

mm.purchasesdk.iapservice.PurchaseService

com.aspire.purchaseservice.BIND
com.aspire.demo.purchaseservice.BIND
android.intent.action.MAIN

safiap.framework.SafFrameworkManager

safiap.framework.sdk.ISAFFramework
safiap.framework.ACTION_START_DOWNLOAD
safiap.framework.ACTION_CHECK_UPDATE
alipay_plugin_20120428msp.apk
.apk android

com.alipay.android.app

.Cashier

Activities

.Cashier

android.intent.action.MAIN

.Alerter

android.intent.action.MAIN

.Welcome

android.intent.action.MAIN

.Updater

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.SEND_SMS
android.permission.ACCESS_COARSE_LOCATION
com.aliyun.xiaoyunmi.alipay

Receivers

.AlixReceiver

com.aliyun.xiaoyunmi.alipay_exit

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay
com.skymobi.pay.opplugin_V2009.apk
.apk android

com.skymobi.pay.opplugin

com.skymobi.pay.third.activity.impl.EnterChargeCenter

Activities

com.skymobi.pay.third.activity.impl.EnterChargeCenter

android.intent.action.MAIN

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_COARSE_LOCATION
android.permission.CHANGE_NETWORK_STATE
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.GET_TASKS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.SEND_SMS
android.permission.READ_PHONE_STATE

Receivers

com.skymobi.pay.sms.receiver.BootReceiver

android.intent.action.BATTERY_CHANGED
android.intent.action.SIM_STATE_CHANGED
android.intent.action.NOTIFICATION_ADD
android.intent.action.SERVICE_STATE
android.intent.action.NOTIFICATION_REMOVE
android.intent.action.NOTIFICATION_UPDATE
android.bluetooth.adapter.action.STATE_CHANGED
android.net.wifi.WIFI_STATE_CHANGED
android.intent.action.ANY_DATA_STATE
android.net.wifi.STATE_CHANGE
android.intent.action.BOOT_COMPLETED
android.intent.action.SCREEN_ON
android.intent.action.USER_PRESENT

com.skymobi.pay.sms.receiver.SmsReceiver

android.provider.Telephony.SMS_RECEIVED

com.skymobi.pay.sms.receiver.NetworkReceiver

android.net.conn.CONNECTIVITY_CHANGE

Services

com.skymobi.pay.services.SkyPayRemoteService

com.skymobi.pay.sdk.ISkyPayRemoteService

Android Permissions

17f9bf723758b056b369a68d9f215224_JaffaCakes118

Permissions

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_CONFIGURATION

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.SEND_SMS

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Sharing

General

Malware Config

Signatures

Files

zjdgame.ftyx.sky.mm

zjdgame.ftyx.sky.mm.Sky

Activities

zjdgame.ftyx.sky.mm.Sky

mm.purchasesdk.iapservice.BillingLayoutActivity

safiap.framework.ui.UpdateHintActivity

Permissions

Receivers

safiap.framework.CheckUpdateReceiver

Services

mm.purchasesdk.iapservice.PurchaseService

safiap.framework.SafFrameworkManager

com.alipay.android.app

.Cashier

Activities

.Cashier

.Alerter

.Welcome

.Updater

Permissions

Receivers

.AlixReceiver

Services

.AlixService

com.skymobi.pay.opplugin

com.skymobi.pay.third.activity.impl.EnterChargeCenter

Activities

com.skymobi.pay.third.activity.impl.EnterChargeCenter

Permissions

Receivers

com.skymobi.pay.sms.receiver.BootReceiver

com.skymobi.pay.sms.receiver.SmsReceiver

com.skymobi.pay.sms.receiver.NetworkReceiver

Services

com.skymobi.pay.services.SkyPayRemoteService

Android Permissions

17f9bf723758b056b369a68d9f215224_JaffaCakes118