1ef8edba3d960e5fadd2799e33fb4587_JaffaCakes118

General

Target

1ef8edba3d960e5fadd2799e33fb4587_JaffaCakes118
Size

13.8MB
MD5

1ef8edba3d960e5fadd2799e33fb4587
SHA1

bc4098901045eea0a8e2929498c793dc88e59acd
SHA256

6af3de43b04ebebf484eeb95bb49c32c36eb8b4d7220c39b0e26b1eaad199fa3
SHA512

713329bf872d5090655f72b8e318d5cf7a45b535bc6b3e165268f8bbcefd929dbdbbba0eb4857c57975b49c963d82dc60a988244ae5010a8c57107f9c8827389
SSDEEP

393216:oMpQUgkYtANsdAqtSityHKNd9fxmd2wvqVRnBzq9:oMpPGAqDkHo7G2wviRnc9

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 9 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Files

1ef8edba3d960e5fadd2799e33fb4587_JaffaCakes118
.apk android arch:arm

cn.dxy.android.aspirin

cn.dxy.android.aspirin.startup.StartupActivity

Activities

cn.dxy.android.aspirin.startup.StartupActivity

android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

cn.dxy.library.getui.OfflineLauncherActivity

android.intent.action.oppopush

cn.dxy.library.getui.OppoLauncherActivity

cn.dxy.android.aspirin.oppopush

com.sina.weibo.sdk.share.WbShareTransActivity

com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

com.sina.weibo.sdk.share.WbShareToStoryActivity

com.sina.weibo.sdk.action.ACTION_SDK_REQ_STORY

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
com.google.android.providers.gsf.permission.READ_GSERVICES
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.GET_TASKS
android.permission.REQUEST_INSTALL_PACKAGES
getui.permission.GetuiService.cn.dxy.android.aspirin
com.coloros.mcs.permission.RECIEVE_MCS_MESSAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.READ_LOGS
android.permission.CAMERA
android.permission.CHANGE_NETWORK_STATE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.google.android.c2dm.permission.RECEIVE
android.permission.WRITE_SETTINGS
com.meizu.flyme.push.permission.RECEIVE
com.meizu.c2dm.permission.RECEIVE
cn.dxy.android.aspirin.push.permission.MESSAGE
cn.dxy.android.aspirin.permission.C2D_MESSAGE
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.RESTART_PACKAGES
cn.dxy.android.aspirin.permission.MIPUSH_RECEIVE

Receivers

cn.dxy.android.aspirin.ui.service.PushMessageReceiver

cn.dxy.getui.push.RECEIVE_MESSAGE
cn.dxy.getui.push.CLICK_MESSAGE
cn.dxy.oppo.push.CLICK_MESSAGE
cn.dxy.vivo.push.CLICK_MESSAGE

cn.dxy.android.aspirin.stat.DXYSSOStatReceiver

cn.dxy.intent.action.DXY_STATICS_ACTION

android.support.v4.media.session.MediaButtonReceiver

android.intent.action.MEDIA_BUTTON

com.igexin.sdk.PushReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
com.igexin.sdk.action.refreshls
android.intent.action.MEDIA_MOUNTED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

cn.dxy.library.getui.VivoPushMessageReceiver

com.vivo.pushclient.action.RECEIVE

com.bugtags.library.BugtagsReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.igexin.sdk.HmsPushReceiver

com.huawei.android.push.intent.REGISTRATION
com.huawei.android.push.intent.RECEIVE
com.huawei.android.push.intent.CLICK
com.huawei.intent.action.PUSH_STATE

com.huawei.hms.support.api.push.PushEventReceiver

com.huawei.intent.action.PUSH

com.meizu.cloud.pushsdk.SystemReceiver

com.meizu.cloud.pushservice.action.PUSH_SERVICE_START

com.igexin.sdk.FlymePushReceiver

com.meizu.flyme.push.intent.MESSAGE
com.meizu.flyme.push.intent.REGISTER.FEEDBACK
com.meizu.flyme.push.intent.UNREGISTER.FEEDBACK
com.meizu.c2dm.intent.REGISTRATION
com.meizu.c2dm.intent.RECEIVE

com.igexin.sdk.MiuiPushReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.MESSAGE_ARRIVED
com.xiaomi.mipush.ERROR

Services

cn.dxy.aspirin.lecture.audioplay.MusicService

android.media.browse.MediaBrowserService

com.igexin.sdk.PushService

com.igexin.sdk.action.service.message

com.coloros.mcssdk.PushService

com.coloros.mcs.action.RECEIVE_MCS_MESSAGE

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.getui.gtc.GtcService

com.getui.gtc.sdk.service.action

Android Permissions

1ef8edba3d960e5fadd2799e33fb4587_JaffaCakes118

Permissions

android.permission.SYSTEM_ALERT_WINDOW

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.WAKE_LOCK

com.google.android.providers.gsf.permission.READ_GSERVICES

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE

android.permission.GET_TASKS

android.permission.REQUEST_INSTALL_PACKAGES

getui.permission.GetuiService.cn.dxy.android.aspirin

com.coloros.mcs.permission.RECIEVE_MCS_MESSAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.READ_LOGS

android.permission.CAMERA

android.permission.CHANGE_NETWORK_STATE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

com.google.android.c2dm.permission.RECEIVE

android.permission.WRITE_SETTINGS

com.meizu.flyme.push.permission.RECEIVE

com.meizu.c2dm.permission.RECEIVE

cn.dxy.android.aspirin.push.permission.MESSAGE

cn.dxy.android.aspirin.permission.C2D_MESSAGE

android.permission.BROADCAST_PACKAGE_ADDED

android.permission.BROADCAST_PACKAGE_CHANGED

android.permission.BROADCAST_PACKAGE_INSTALL

android.permission.BROADCAST_PACKAGE_REPLACED

android.permission.RESTART_PACKAGES

cn.dxy.android.aspirin.permission.MIPUSH_RECEIVE

Sharing

General

Malware Config

Signatures

Files

cn.dxy.android.aspirin

cn.dxy.android.aspirin.startup.StartupActivity

Activities

cn.dxy.android.aspirin.startup.StartupActivity

com.tencent.tauth.AuthActivity

cn.dxy.library.getui.OfflineLauncherActivity

cn.dxy.library.getui.OppoLauncherActivity

com.sina.weibo.sdk.share.WbShareTransActivity

com.sina.weibo.sdk.share.WbShareToStoryActivity

Permissions

Receivers

cn.dxy.android.aspirin.ui.service.PushMessageReceiver

cn.dxy.android.aspirin.stat.DXYSSOStatReceiver

android.support.v4.media.session.MediaButtonReceiver

com.igexin.sdk.PushReceiver

cn.dxy.library.getui.VivoPushMessageReceiver

com.bugtags.library.BugtagsReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.igexin.sdk.HmsPushReceiver

com.huawei.hms.support.api.push.PushEventReceiver

com.meizu.cloud.pushsdk.SystemReceiver

com.igexin.sdk.FlymePushReceiver

com.igexin.sdk.MiuiPushReceiver

Services

cn.dxy.aspirin.lecture.audioplay.MusicService

com.igexin.sdk.PushService

com.coloros.mcssdk.PushService

com.google.firebase.iid.FirebaseInstanceIdService

com.getui.gtc.GtcService

Android Permissions

1ef8edba3d960e5fadd2799e33fb4587_JaffaCakes118