232201b39504bf76fc3975879e4a769a_JaffaCakes118

General

Target

232201b39504bf76fc3975879e4a769a_JaffaCakes118
Size

13.9MB
MD5

232201b39504bf76fc3975879e4a769a
SHA1

d4add6df24de0782573f50ab9782b9f9d3c79a66
SHA256

7c2897746162c375d7accc6c8e17544d08a8f89a4ec91f5c72db4b217c936f34
SHA512

532e51b37ab73a7ce34fa47bd5266b868f73cfef545fdfea9b5d570867f1549429d7b7c6873ce3b2f9ecfc325ab19e0addf3b33c3fa78ee5c9a706fe0b4766a0
SSDEEP

393216:l3NkxtWt3NRdydQl1U0zspvqka90zTOShQJ+N78C8:l3NkxtsdhX0POsQg7l8

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION

Files

232201b39504bf76fc3975879e4a769a_JaffaCakes118
.apk android arch:arm64 arch:arm arch:x86

nuozhijia.j5

.andjia.Welcome

Activities

.andjia.Welcome

android.intent.action.MAIN

com.umeng.qq.tencent.AuthActivity

android.intent.action.VIEW

com.sina.weibo.sdk.share.WbShareTransActivity

com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

Permissions

android.permission.DISABLE_KEYGUARD
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.VIBRATE
android.permission.MOUNT_FORMAT_FILESYSTEMS
android.permission.GET_TASKS
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.RECORD_AUDIO
android.permission.USE_CREDENTIALS
android.permission.MANAGE_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
com.android.launcher.permission.READ_SETTINGS
android.permission.BROADCAST_STICKY
android.permission.WRITE_SETTINGS
android.permission.BLUETOOTH
android.permission.CALL_PHONE
android.permission.BLUETOOTH_ADMIN
android.permission.READ_LOGS
android.permission.ACCESS_COARSE_LOCATION
nuozhijia.j5.permission.MIPUSH_RECEIVE

Receivers

com.easemob.chat.EMMonitorReceiver

android.intent.action.PACKAGE_REMOVED
android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT

.helper.BrocastReceive

com.closeQuestion

.helper.BrocastReceive

UpdateChatRocard

.DemoMessageReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.MESSAGE_ARRIVED
com.xiaomi.mipush.ERROR

com.xiaomi.push.service.receivers.NetworkStatusReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.xiaomi.push.service.receivers.PingReceiver

com.xiaomi.push.PING_TIMER

Services

Android Permissions

232201b39504bf76fc3975879e4a769a_JaffaCakes118

Permissions

android.permission.DISABLE_KEYGUARD

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CAMERA

android.permission.VIBRATE

android.permission.MOUNT_FORMAT_FILESYSTEMS

android.permission.GET_TASKS

android.permission.CHANGE_WIFI_STATE

android.permission.WAKE_LOCK

android.permission.READ_PHONE_STATE

android.permission.RECORD_AUDIO

android.permission.USE_CREDENTIALS

android.permission.MANAGE_ACCOUNTS

android.permission.AUTHENTICATE_ACCOUNTS

com.android.launcher.permission.READ_SETTINGS

android.permission.BROADCAST_STICKY

android.permission.WRITE_SETTINGS

android.permission.BLUETOOTH

android.permission.CALL_PHONE

android.permission.BLUETOOTH_ADMIN

android.permission.READ_LOGS

android.permission.ACCESS_COARSE_LOCATION

nuozhijia.j5.permission.MIPUSH_RECEIVE

Sharing

General

Malware Config

Signatures

Files

nuozhijia.j5

.andjia.Welcome

Activities

.andjia.Welcome

com.umeng.qq.tencent.AuthActivity

com.sina.weibo.sdk.share.WbShareTransActivity

Permissions

Receivers

com.easemob.chat.EMMonitorReceiver

.helper.BrocastReceive

.helper.BrocastReceive

.DemoMessageReceiver

com.xiaomi.push.service.receivers.NetworkStatusReceiver

com.xiaomi.push.service.receivers.PingReceiver

Services

Android Permissions

232201b39504bf76fc3975879e4a769a_JaffaCakes118