privateloader | 251b5b19b001260d46ff43d6abd986d1_JaffaCakes118

General

Target

251b5b19b001260d46ff43d6abd986d1_JaffaCakes118
Size

24.0MB
MD5

251b5b19b001260d46ff43d6abd986d1
SHA1

e754de408becde612b9bea17da27ab43851a1bdf
SHA256

c41309b6de4635c11026c50b731d6cc2f51ae30e0c80fd64ba427e7b3fa0ae52
SHA512

8f1afd761f257a01a28108a84eedeed8c5e0a585ecb3ded44137478880cde05487d6f712fc9f56fe4866497983fd97243ebc36d0d05ea7f0efb07912a9a6bf81
SSDEEP

786432:+SgKNB7koR67HgEVoS6kzMo+dD5uPt9xusjhN0reBm:rPDWHgEVoS6w+dD5uPt9x9jhmreBm

Score

10^/10

privateloader

Malware Config

Signatures

Privateloader family
privateloader

Requests dangerous framework permissions 9 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

251b5b19b001260d46ff43d6abd986d1_JaffaCakes118
.apk android arch:arm arch:x86

com.ViperGames.StickmanDismountmod

com.unity3d.player.UnityPlayerNativeActivity

Activities

com.unity3d.player.UnityPlayerNativeActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.GET_TASKS
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
com.google.android.providers.gsf.permission.READ_GSERVICES
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.RESTART_PACKAGES
android.permission.READ_PHONE_STATE
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
android.permission.GET_TASKS
android.permission.SYSTEM_ALERT_WINDOW
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.WRITE_SETTINGS
com.lenovo.launcher.permission.READ_SETTINGS
com.lenovo.launcher.permission.WRITE_SETTINGS
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
com.android.launcher2.permission.READ_SETTINGS
com.android.launcher2.permission.WRITE_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.android.launcher3.permission.WRITE_SETTINGS
org.adw.launcher.permission.READ_SETTINGS
org.adw.launcher.permission.WRITE_SETTINGS
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.WRITE_SETTINGS
com.qihoo360.launcher.permission.READ_SETTINGS
com.qihoo360.launcher.permission.WRITE_SETTINGS
com.lge.launcher.permission.READ_SETTINGS
com.lge.launcher.permission.WRITE_SETTINGS
net.qihoo.launcher.permission.READ_SETTINGS
net.qihoo.launcher.permission.WRITE_SETTINGS
org.adwfreak.launcher.permission.READ_SETTINGS
org.adwfreak.launcher.permission.WRITE_SETTINGS
org.adw.launcher_donut.permission.READ_SETTINGS
org.adw.launcher_donut.permission.WRITE_SETTINGS
com.huawei.launcher3.permission.READ_SETTINGS
com.huawei.launcher3.permission.WRITE_SETTINGS
com.fede.launcher.permission.READ_SETTINGS
com.fede.launcher.permission.WRITE_SETTINGS
com.sec.android.app.twlauncher.settings.READ_SETTINGS
com.sec.android.app.twlauncher.settings.WRITE_SETTINGS
com.anddoes.launcher.permission.READ_SETTINGS
com.anddoes.launcher.permission.WRITE_SETTINGS
com.tencent.qqlauncher.permission.READ_SETTINGS
com.tencent.qqlauncher.permission.WRITE_SETTINGS
com.huawei.launcher2.permission.READ_SETTINGS
com.huawei.launcher2.permission.WRITE_SETTINGS
com.android.mylauncher.permission.READ_SETTINGS
com.android.mylauncher.permission.WRITE_SETTINGS
com.ebproductions.android.launcher.permission.READ_SETTINGS
com.ebproductions.android.launcher.permission.WRITE_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.WRITE_SETTINGS
telecom.mdesk.permission.READ_SETTINGS
telecom.mdesk.permission.WRITE_SETTINGS
dianxin.permission.ACCESS_LAUNCHER_DATA
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.VIBRATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
android.permission.WAKE_LOCK

Receivers

com.abc.abc.PushDemoReceiver

com.igexin.sdk.action.nXAcT9p7AU6AL0ZwiznQ71

com.igexin.getuiext.service.PayloadReceiver

com.igexin.sdk.action.7fjUl2Z3LH6xYy7NQK4ni4
com.igexin.sdk.action.nXAcT9p7AU6AL0ZwiznQ71

com.igexin.sdk.PushReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
com.igexin.sdk.action.refreshls
android.intent.action.MEDIA_MOUNTED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.igexin.sdk.PushManagerReceiver

com.igexin.sdk.action.pushmanager

com.igexin.download.DownloadReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.abc.abc.GameRecBroadcast

android.intent.action.DOWNLOAD_COMPLETE

com.example.client.demo.tcp.receiver.NotificationReceiver

android.intent.action.DOWNLOAD_COMPLETE
Notification.Delete

com.example.client.demo.tcp.receiver.ConnectivityAlarmReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_RESTARTED

com.example.client.demo.tcp.receiver.BootAlarmReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_EJECT
com.example.client.demo.tcp.service
android.intent.action.PACKAGE_RESTARTED

com.example.statistics.TimeChangeReceiver

android.intent.action.TIME_TICK
android.intent.action.PACKAGE_RESTARTED

Services

com.example.client.demo.tcp.service.OnlineService

com.example.client.demo.tcp.service.OnlineService

Android Permissions

251b5b19b001260d46ff43d6abd986d1_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.VIBRATE

android.permission.GET_TASKS

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

com.google.android.providers.gsf.permission.READ_GSERVICES

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.RESTART_PACKAGES

android.permission.READ_PHONE_STATE

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_WIFI_STATE

android.permission.GET_TASKS

android.permission.SYSTEM_ALERT_WINDOW

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

com.huawei.android.launcher.permission.READ_SETTINGS

com.huawei.android.launcher.permission.WRITE_SETTINGS

com.lenovo.launcher.permission.READ_SETTINGS

com.lenovo.launcher.permission.WRITE_SETTINGS

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.WRITE_SETTINGS

com.android.launcher2.permission.READ_SETTINGS

com.android.launcher2.permission.WRITE_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

com.android.launcher3.permission.WRITE_SETTINGS

org.adw.launcher.permission.READ_SETTINGS

org.adw.launcher.permission.WRITE_SETTINGS

com.htc.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.WRITE_SETTINGS

com.qihoo360.launcher.permission.READ_SETTINGS

com.qihoo360.launcher.permission.WRITE_SETTINGS

com.lge.launcher.permission.READ_SETTINGS

com.lge.launcher.permission.WRITE_SETTINGS

net.qihoo.launcher.permission.READ_SETTINGS

net.qihoo.launcher.permission.WRITE_SETTINGS

org.adwfreak.launcher.permission.READ_SETTINGS

org.adwfreak.launcher.permission.WRITE_SETTINGS

org.adw.launcher_donut.permission.READ_SETTINGS

org.adw.launcher_donut.permission.WRITE_SETTINGS

com.huawei.launcher3.permission.READ_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.ViperGames.StickmanDismountmod

com.unity3d.player.UnityPlayerNativeActivity

Activities

com.unity3d.player.UnityPlayerNativeActivity

Permissions

Receivers

com.abc.abc.PushDemoReceiver

com.igexin.getuiext.service.PayloadReceiver

com.igexin.sdk.PushReceiver

com.igexin.sdk.PushManagerReceiver

com.igexin.download.DownloadReceiver

com.abc.abc.GameRecBroadcast

com.example.client.demo.tcp.receiver.NotificationReceiver

com.example.client.demo.tcp.receiver.ConnectivityAlarmReceiver

com.example.client.demo.tcp.receiver.BootAlarmReceiver

com.example.statistics.TimeChangeReceiver

Services

com.example.client.demo.tcp.service.OnlineService

Android Permissions

251b5b19b001260d46ff43d6abd986d1_JaffaCakes118