privateloader | 2b88a087c08012cb81a1e5e4059d6ef7_JaffaCakes118

General

Target

2b88a087c08012cb81a1e5e4059d6ef7_JaffaCakes118
Size

30.3MB
MD5

2b88a087c08012cb81a1e5e4059d6ef7
SHA1

0f29972316364536d94e35bb4156e41790d0afcc
SHA256

2460d37c3da7b17d042cae66777d4f6ad63c27caca25222d28edb00604abb8e9
SHA512

930527f9f4d46948b9c99b3dfede67d26bc826e69b180b3dec34b99f0a4d54883b622058a2ca8fdc6bc24fd942a6f286473d807960352d8c8a759f8734766248
SSDEEP

786432:08LMd8qMMOPlaOs4PmEAlbBA/ZNLGuA2oyEcd:02MD3OPlaOs4PVAlbBikXId

Score

10^/10

privateloader

Malware Config

Signatures

Privateloader family
privateloader

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

2b88a087c08012cb81a1e5e4059d6ef7_JaffaCakes118
.apk android arch:arm arch:x86

com.vitotechnology.SolarWalk2

com.vitotechnology.common.GooglePlayBillingActivity

Activities

com.vitotechnology.common.GooglePlayBillingActivity

com.vitotechnology.SolarWalk2.MESSAGE
android.intent.action.MAIN
android.intent.action.VIEW

com.facebook.unity.FBUnityAppLinkActivity

android.intent.action.VIEW

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.GET_ACCOUNTS
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
disabled_com.android.vending.CHECK_LICENSE
com.android.vending.BILLING
android.permission.BROADCAST_STICKY
android.permission.VIBRATE
com.vitotechnology.SolarWalk2.permission.C2D_MESSAGE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_EXTERNAL_STORAGE
com.sec.android.provider.badge.permission.READ
com.sec.android.provider.badge.permission.WRITE
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.UPDATE_SHORTCUT
com.sonyericsson.home.permission.BROADCAST_BADGE
com.sonymobile.home.permission.PROVIDER_INSERT_BADGE
com.anddoes.launcher.permission.UPDATE_COUNT
com.majeur.launcher.permission.UPDATE_BADGE
com.huawei.android.launcher.permission.CHANGE_BADGE
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.WRITE_SETTINGS
android.permission.READ_APP_BADGE
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
me.everything.badger.permission.BADGE_COUNT_READ
me.everything.badger.permission.BADGE_COUNT_WRITE
com.google.android.c2dm.permission.RECEIVE

Receivers

universal.tools.notifications.ScheduledNotificationsRestorer

android.intent.action.BOOT_COMPLETED

com.onesignal.GcmBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.onesignal.BootUpReceiver

android.intent.action.ACTION_BOOT_COMPLETED
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.onesignal.UpgradeReceiver

android.intent.action.MY_PACKAGE_REPLACED

Services

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

Android Permissions

2b88a087c08012cb81a1e5e4059d6ef7_JaffaCakes118

Permissions

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.GET_ACCOUNTS

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

disabled_com.android.vending.CHECK_LICENSE

com.android.vending.BILLING

android.permission.BROADCAST_STICKY

android.permission.VIBRATE

com.vitotechnology.SolarWalk2.permission.C2D_MESSAGE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_EXTERNAL_STORAGE

com.sec.android.provider.badge.permission.READ

com.sec.android.provider.badge.permission.WRITE

com.htc.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.UPDATE_SHORTCUT

com.sonyericsson.home.permission.BROADCAST_BADGE

com.sonymobile.home.permission.PROVIDER_INSERT_BADGE

com.anddoes.launcher.permission.UPDATE_COUNT

com.majeur.launcher.permission.UPDATE_BADGE

com.huawei.android.launcher.permission.CHANGE_BADGE

com.huawei.android.launcher.permission.READ_SETTINGS

com.huawei.android.launcher.permission.WRITE_SETTINGS

android.permission.READ_APP_BADGE

com.oppo.launcher.permission.READ_SETTINGS

com.oppo.launcher.permission.WRITE_SETTINGS

me.everything.badger.permission.BADGE_COUNT_READ

me.everything.badger.permission.BADGE_COUNT_WRITE

com.google.android.c2dm.permission.RECEIVE

Sharing

General

Malware Config

Signatures

Files

com.vitotechnology.SolarWalk2

com.vitotechnology.common.GooglePlayBillingActivity

Activities

com.vitotechnology.common.GooglePlayBillingActivity

com.facebook.unity.FBUnityAppLinkActivity

Permissions

Receivers

universal.tools.notifications.ScheduledNotificationsRestorer

com.onesignal.GcmBroadcastReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.onesignal.BootUpReceiver

com.onesignal.UpgradeReceiver

Services

com.google.firebase.iid.FirebaseInstanceIdService

Android Permissions

2b88a087c08012cb81a1e5e4059d6ef7_JaffaCakes118