2b7118155807fc3944e1bbbe8f0587f2_JaffaCakes118

General

Target

2b7118155807fc3944e1bbbe8f0587f2_JaffaCakes118
Size

31.2MB
MD5

2b7118155807fc3944e1bbbe8f0587f2
SHA1

4576fc46dc914104892816a2da9f953a56698b7a
SHA256

c753ddf1252da613107d5e3a3b0aaff75a11b4f9f2ebb57ec6d4c27b400f0374
SHA512

fe3c2c3ddf0c63aabc54067085f768b3e2d9086b5daa5414308e15cba0f6cb54130e696c12e520f227285c674d565dce6676d364515da54088cc2bc9eb5842cd
SSDEEP

786432:37nh0GpHHCtdvPPcR1im/42fnjSCwHPTaRra781YreLIGdg:j6+CbvP0RL4qnj7wvTAa78oeLIGdg

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 9 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION

Files

2b7118155807fc3944e1bbbe8f0587f2_JaffaCakes118
.apk .ps1 android arch:arm polyglot

com.tencent.tmgp.xqdzz

com.tja.dynamic.LauncherActivity

Activities

com.tencent.midas.qq.APMidasQQWalletActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.tencent.tmgp.xqdzz.wxapi.WXEntryActivity

android.intent.action.VIEW

com.tja.dynamic.LauncherActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.android.service.ui.MsgManager

com.android.service.ui.msgmanager

Permissions

android.permission.INTERNET
android.permission.VIBRATE
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.CHANGE_WIFI_STATE
android.permission.GET_TASKS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.RESTART_PACKAGES
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.RESTART_PACKAGES
android.permission.GET_TASKS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.WRITE_SETTINGS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_USER_PRESENT
android.permission.ACCESS_COARSE_LOCATION
android.permission.BAIDU_LOCATION_SERVICE
android.permission.ACCES_MOCK_LOCATION

Receivers

com.tjad.BootReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED

Services

com.android.service.KeepService

com.android.service.KeepService
ysdk_hackdex.jar
.apk android

Android Permissions

2b7118155807fc3944e1bbbe8f0587f2_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.VIBRATE

android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.CHANGE_WIFI_STATE

android.permission.GET_TASKS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.RESTART_PACKAGES

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.RESTART_PACKAGES

android.permission.GET_TASKS

android.permission.READ_SMS

android.permission.SEND_SMS

android.permission.WRITE_SETTINGS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.RECEIVE_USER_PRESENT

android.permission.ACCESS_COARSE_LOCATION

android.permission.BAIDU_LOCATION_SERVICE

android.permission.ACCES_MOCK_LOCATION

Sharing

General

Malware Config

Signatures

Files

com.tencent.tmgp.xqdzz

com.tja.dynamic.LauncherActivity

Activities

com.tencent.midas.qq.APMidasQQWalletActivity

com.tencent.tauth.AuthActivity

com.tencent.tmgp.xqdzz.wxapi.WXEntryActivity

com.tja.dynamic.LauncherActivity

com.android.service.ui.MsgManager

Permissions

Receivers

com.tjad.BootReceiver

Services

com.android.service.KeepService

Android Permissions

2b7118155807fc3944e1bbbe8f0587f2_JaffaCakes118