27013e07bf09d13bcfc7bbf2887487ed_JaffaCakes118

General

Target

27013e07bf09d13bcfc7bbf2887487ed_JaffaCakes118
Size

31.7MB
MD5

27013e07bf09d13bcfc7bbf2887487ed
SHA1

add44d2786046b90bfeb700d226cfb010ac0bb06
SHA256

ba385d2ddbed5e6e101afbc3b2e09fc84c3633fa14abe8ab8281a4a18c0cc04d
SHA512

0c6e8a6e666787368cfcbf8e59842f17a8d128fc16dead7f131512e4529ca16ea26dd56ad6af2284184f0434a908da8bf995f06cda0e1f0b114c15ddff7b348b
SSDEEP

786432:z4X6aLRh6HslGXKKc9gioCQI0P4wZHZ2kEeHerMUIgyYKsaQA+:z4KaT6MlG6Kc2kX0AWHZ2kE8ePIg1jq+

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Files

27013e07bf09d13bcfc7bbf2887487ed_JaffaCakes118
.apk android arch:arm

com.ushaqi.zhuishushenqa

com.ushaqi.zhuishushenqi.ui.SplashActivity

Activities

com.ushaqi.zhuishushenqi.ui.SplashActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.ushaqi.zhuishushenqi.ui.home.HomeActivity

android.intent.action.VIEW

com.ushaqi.zhuishushenqi.ui.post.PostDetailActivity

android.intent.action.VIEW

com.ushaqi.zhuishushenqi.reader.txt.ReaderTxtActivity

com.ushaqi.zhuishushenqi.ACTION_READ_TXT

com.ushaqi.zhuishushenqi.ui.AdWebViewActivity

com.ushaqi.zhuishushenqi.ui.activity.webview

com.ushaqi.zhuishushenqi.ui.user.BindPhoneActivity

android.intent.action.VIEW

com.ushaqi.zhuishushenqi.ui.DisclaimerActivity

.ui.DisclaimerActivity

com.mob.tools.MobUIShell

android.intent.action.VIEW

com.ushaqi.zhuishushenqi.wxapi.WXPayEntryActivity

android.intent.action.VIEW

com.ushaqi.zhuishushenqi.pay.qqpay.QQPayCallbackActivity

android.intent.action.VIEW

com.maxthon.main.InitActivity

android.intent.action.VIEW

com.maxthon.proxy.MgeWebViewActivity

android.intent.action.VIEW

com.maxthon.proxy.MgeActivity

com.open.game.shortcutbox

com.maxthon.proxy.ShortcutActivity

com.open.gamecenter.shortcutbox

com.chukong.cocosplay.GameActivity

com.chukong.cocosplay.VIEW

com.chukong.cocosplay.GameLandscapeActivity

com.chukong.cocosplay.VIEW

com.chukong.cocosplay.runtime.CocosRuntimeActivity

com.chukong.cocosplay.VIEW

com.chukong.cocosplay.LoadActivity

com.chukong.cocosplay.VIEW

com.chukong.cocosplay.LoadFragmentActivity

com.chukong.cocosplay.VIEW

Permissions

android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.VIBRATE
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
android.permission.WAKE_LOCK
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
com.android.launcher2.permission.READ_SETTINGS
com.android.launcher2.permission.WRITE_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.android.launcher3.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_org.adw.launcher.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_org.adw.launcher.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_com.htc.launcher.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_com.htc.launcher.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_com.qihoo360.launcher.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_com.qihoo360.launcher.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_com.lge.launcher.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_com.lge.launcher.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_net.qihoo.launcher.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_net.qihoo.launcher.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_org.adwfreak.launcher.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_org.adwfreak.launcher.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_org.adw.launcher_donut.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_org.adw.launcher_donut.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_com.huawei.launcher3.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_com.huawei.launcher3.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_com.fede.launcher.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_com.fede.launcher.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_com.sec.android.app.twlauncher.settings.READ_SETTINGS
com.ushaqi.zhuishushenqa_com.sec.android.app.twlauncher.settings.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_com.anddoes.launcher.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_com.anddoes.launcher.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_com.tencent.qqlauncher.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_com.tencent.qqlauncher.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_com.huawei.launcher2.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_com.huawei.launcher2.permission.WRITE_SETTINGS
com.android.mylauncher.permission.READ_SETTINGS
com.android.mylauncher.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_com.ebproductions.android.launcher.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_com.ebproductions.android.launcher.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_com.oppo.launcher.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_com.oppo.launcher.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_com.miui.mihome2.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_com.miui.mihome2.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_com.huawei.android.launcher.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_com.huawei.android.launcher.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_telecom.mdesk.permission.READ_SETTINGS
com.ushaqi.zhuishushenqa_telecom.mdesk.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_dianxin.permission.ACCESS_LAUNCHER_DATA
android.permission.CHANGE_NETWORK_STATE
android.permission.RESTART_PACKAGES
android.permission.WRITE_SETTINGS
com.ushaqi.zhuishushenqa_com.meizu.flyme.push.permission.RECEIVE
com.ushaqi.zhuishushenqa_com.meizu.c2dm.permission.RECEIVE
com.ushaqi.zhuishushenqa.push.permission.MESSAGE
android.permission.FLASHLIGHT
com.ushaqi.zhuishushenqa_com.sec.android.provider.badge.permission.READ
com.ushaqi.zhuishushenqa_com.sec.android.provider.badge.permission.WRITE
com.ushaqi.zhuishushenqa_com.htc.launcher.permission.UPDATE_SHORTCUT
com.ushaqi.zhuishushenqa_com.sonyericsson.home.permission.BROADCAST_BADGE
com.ushaqi.zhuishushenqa_com.sonymobile.home.permission.PROVIDER_INSERT_BADGE
com.ushaqi.zhuishushenqa_com.anddoes.launcher.permission.UPDATE_COUNT
com.ushaqi.zhuishushenqa_com.majeur.launcher.permission.UPDATE_BADGE
com.ushaqi.zhuishushenqa_com.huawei.android.launcher.permission.CHANGE_BADGE
android.permission.READ_APP_BADGE
com.ushaqi.zhuishushenqa_me.everything.badger.permission.BADGE_COUNT_READ
com.ushaqi.zhuishushenqa_me.everything.badger.permission.BADGE_COUNT_WRITE

Receivers

com.ushaqi.zhuishushenqi.pay.weixin.AppRegister

com.tencent.mm.plugin.openapi.Intent.ACTION_REFRESH_WXAPP

com.ushaqi.zhuishushenqi.event.DownloadCompleteReceiver

android.intent.action.DOWNLOAD_COMPLETE

com.ushaqi.zhuishushenqi.event.AppInstalledReceiver

android.intent.action.PACKAGE_ADDED

com.ushaqi.zhuishushenqi.event.ClickDownloadItemReceiver

android.intent.action.DOWNLOAD_NOTIFICATION_CLICKED

com.ushaqi.zhuishushenqi.download.ConnectionChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.iBookStar.activityComm.AppInstallReceiver

android.intent.action.PACKAGE_ADDED
com.ushaqi.zhuishushenqi.download.complete
com.ushaqi.zhuishushenqi.install.complete

com.igexin.sdk.PushReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
com.igexin.sdk.action.refreshls
android.intent.action.MEDIA_MOUNTED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.meizu.cloud.pushsdk.SystemReceiver

com.meizu.cloud.pushservice.action.PUSH_SERVICE_START

com.igexin.sdk.FlymePushReceiver

com.meizu.flyme.push.intent.MESSAGE
com.meizu.flyme.push.intent.REGISTER.FEEDBACK
com.meizu.flyme.push.intent.UNREGISTER.FEEDBACK
com.meizu.c2dm.intent.REGISTRATION
com.meizu.c2dm.intent.RECEIVE

com.igexin.sdk.MiuiPushReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.MESSAGE_ARRIVED
com.xiaomi.mipush.ERROR

com.igexin.sdk.HmsPushReceiver

com.huawei.android.push.intent.REGISTRATION
com.huawei.android.push.intent.RECEIVE
com.huawei.android.push.intent.CLICK
com.huawei.intent.action.PUSH_STATE

com.huawei.hms.support.api.push.PushEventReceiver

com.huawei.intent.action.PUSH

com.maxthon.proxy.MgeResetServerReceiver

com.maxthon.mge.MgePaymentReset

com.maxthon.proxy.GeneralReceiver

com.maxthon.mge.GeneralReceiver

Services

com.igexin.sdk.PushService

com.igexin.sdk.action.service.message

Android Permissions

27013e07bf09d13bcfc7bbf2887487ed_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.VIBRATE

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

android.permission.WAKE_LOCK

android.permission.READ_EXTERNAL_STORAGE

android.permission.SYSTEM_ALERT_WINDOW

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.WRITE_SETTINGS

com.android.launcher2.permission.READ_SETTINGS

com.android.launcher2.permission.WRITE_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

com.android.launcher3.permission.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_org.adw.launcher.permission.READ_SETTINGS

com.ushaqi.zhuishushenqa_org.adw.launcher.permission.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_com.htc.launcher.permission.READ_SETTINGS

com.ushaqi.zhuishushenqa_com.htc.launcher.permission.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_com.qihoo360.launcher.permission.READ_SETTINGS

com.ushaqi.zhuishushenqa_com.qihoo360.launcher.permission.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_com.lge.launcher.permission.READ_SETTINGS

com.ushaqi.zhuishushenqa_com.lge.launcher.permission.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_net.qihoo.launcher.permission.READ_SETTINGS

com.ushaqi.zhuishushenqa_net.qihoo.launcher.permission.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_org.adwfreak.launcher.permission.READ_SETTINGS

com.ushaqi.zhuishushenqa_org.adwfreak.launcher.permission.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_org.adw.launcher_donut.permission.READ_SETTINGS

com.ushaqi.zhuishushenqa_org.adw.launcher_donut.permission.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_com.huawei.launcher3.permission.READ_SETTINGS

com.ushaqi.zhuishushenqa_com.huawei.launcher3.permission.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_com.fede.launcher.permission.READ_SETTINGS

com.ushaqi.zhuishushenqa_com.fede.launcher.permission.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_com.sec.android.app.twlauncher.settings.READ_SETTINGS

com.ushaqi.zhuishushenqa_com.sec.android.app.twlauncher.settings.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_com.anddoes.launcher.permission.READ_SETTINGS

com.ushaqi.zhuishushenqa_com.anddoes.launcher.permission.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_com.tencent.qqlauncher.permission.READ_SETTINGS

com.ushaqi.zhuishushenqa_com.tencent.qqlauncher.permission.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_com.huawei.launcher2.permission.READ_SETTINGS

com.ushaqi.zhuishushenqa_com.huawei.launcher2.permission.WRITE_SETTINGS

com.android.mylauncher.permission.READ_SETTINGS

com.android.mylauncher.permission.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_com.ebproductions.android.launcher.permission.READ_SETTINGS

com.ushaqi.zhuishushenqa_com.ebproductions.android.launcher.permission.WRITE_SETTINGS

com.ushaqi.zhuishushenqa_com.oppo.launcher.permission.READ_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.ushaqi.zhuishushenqa

com.ushaqi.zhuishushenqi.ui.SplashActivity

Activities

com.ushaqi.zhuishushenqi.ui.SplashActivity

com.ushaqi.zhuishushenqi.ui.home.HomeActivity

com.ushaqi.zhuishushenqi.ui.post.PostDetailActivity

com.ushaqi.zhuishushenqi.reader.txt.ReaderTxtActivity

com.ushaqi.zhuishushenqi.ui.AdWebViewActivity

com.ushaqi.zhuishushenqi.ui.user.BindPhoneActivity

com.ushaqi.zhuishushenqi.ui.DisclaimerActivity

com.mob.tools.MobUIShell

com.ushaqi.zhuishushenqi.wxapi.WXPayEntryActivity

com.ushaqi.zhuishushenqi.pay.qqpay.QQPayCallbackActivity

com.maxthon.main.InitActivity

com.maxthon.proxy.MgeWebViewActivity

com.maxthon.proxy.MgeActivity

com.maxthon.proxy.ShortcutActivity

com.chukong.cocosplay.GameActivity

com.chukong.cocosplay.GameLandscapeActivity

com.chukong.cocosplay.runtime.CocosRuntimeActivity

com.chukong.cocosplay.LoadActivity

com.chukong.cocosplay.LoadFragmentActivity

Permissions

Receivers

com.ushaqi.zhuishushenqi.pay.weixin.AppRegister

com.ushaqi.zhuishushenqi.event.DownloadCompleteReceiver

com.ushaqi.zhuishushenqi.event.AppInstalledReceiver

com.ushaqi.zhuishushenqi.event.ClickDownloadItemReceiver

com.ushaqi.zhuishushenqi.download.ConnectionChangeReceiver

com.iBookStar.activityComm.AppInstallReceiver

com.igexin.sdk.PushReceiver

com.meizu.cloud.pushsdk.SystemReceiver

com.igexin.sdk.FlymePushReceiver

com.igexin.sdk.MiuiPushReceiver

com.igexin.sdk.HmsPushReceiver

com.huawei.hms.support.api.push.PushEventReceiver

com.maxthon.proxy.MgeResetServerReceiver

com.maxthon.proxy.GeneralReceiver

Services

com.igexin.sdk.PushService

Android Permissions

27013e07bf09d13bcfc7bbf2887487ed_JaffaCakes118