2bb406c59fc759657dc5d3de25c4dff7_JaffaCakes118

General

Target

2bb406c59fc759657dc5d3de25c4dff7_JaffaCakes118
Size

7.2MB
MD5

2bb406c59fc759657dc5d3de25c4dff7
SHA1

0ceb571364512e560ea57d19fb3eefafc4cc7365
SHA256

ebc81dff64acf02b8f96632b9c17252da5c43bb7ddc322e705867b5914a7cd33
SHA512

861d59413094c3256169742123b1bc929a761fa8f0ec7e2d9765d63f2ce4c6ef4444cb3c459df4db305483086b7226d26c72ad8684b41fb8972a006dfbe880df
SSDEEP

98304:pThapY9D+3nIUPOu86t1o2E7cVnsZymt1gBr9gzL6S82xLxPy/SYNlh3O8tLhW+H:B4Y9i3IGL8syzPEBhULFJ6KYxVM+TtJ7

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

2bb406c59fc759657dc5d3de25c4dff7_JaffaCakes118
.apk android arch:x64 arch:arm64 arch:x86 arch:mips64 arch:arm arch:mips

ir.ashpaz.mobileapp

ir.ashpaz.mobileapp.MainActivity

Activities

ir.ashpaz.mobileapp.MainActivity

android.intent.action.MAIN
android.intent.action.SEARCH
android.intent.action.VIEW

ir.ashpaz.mobileapp.RssActivity

ir.ashpaz.mobileapp.RssActivity

ir.ashpaz.mobileapp.ListActivity

ir.ashpaz.mobileapp.ListActivity

ir.ashpaz.mobileapp.SearchActivity

ir.ashpaz.mobileapp.SearchActivity

ir.ashpaz.mobileapp.PageActivity

ir.ashpaz.mobileapp.PageActivity

ir.ashpaz.mobileapp.WebActivity

ir.ashpaz.mobileapp.WebActivity

ir.ashpaz.mobileapp.HtmlActivity

ir.ashpaz.mobileapp.HtmlActivity

ir.ashpaz.mobileapp.BookmarksActivity

ir.ashpaz.mobileapp.BookmarksActivity

ir.ashpaz.mobileapp.SettingActivity

ir.ashpaz.mobileapp.SettingActivity

ir.ashpaz.mobileapp.UpdateActivity

ir.ashpaz.mobileapp.UpdateActivity

ir.ashpaz.mobileapp.AudioPlayer

ir.ashpaz.mobileapp.AudioPlayer

ir.ashpaz.mobileapp.JoAppVideoPlayer

ir.ashpaz.mobileapp.JoAppVideoPlayer

ir.ashpaz.mobileapp.ImageViewActivity

ir.ashpaz.mobileapp.ImageViewActivity

ir.ashpaz.mobileapp.GalleryActivity

ir.ashpaz.mobileapp.GalleryActivity

ir.ashpaz.mobileapp.PayActivity

ir.ashpaz.mobileapp.PayActivity

ir.ashpaz.mobileapp.PayActivityHP

ir.ashpaz.mobileapp.PayActivityHP

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_COARSE_LOCATION
android.permission.READ_PHONE_STATE

Receivers

co.ronash.pushe.receiver.UpdateReceiver

android.intent.action.PACKAGE_REPLACED

co.ronash.pushe.receiver.BootAndScreenReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

co.ronash.pushe.receiver.ConnectivityReceiver

android.net.conn.CONNECTIVITY_CHANGE

co.ronash.pushe.receiver.AddReceiver

com.evernote.android.job.ADD_JOB_CREATOR

co.ronash.pushe.receiver.AppChangeReceiver

android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_FULLY_REMOVED

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.v14.RUN_JOB
net.vrallev.android.job.v14.RUN_JOB

com.evernote.android.job.JobBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.MY_PACKAGE_REPLACED

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

ir.ashpaz.mobileapp.MyPushListener

co.ronash.pushe.RECEIVE

co.ronash.pushe.service.ScreenStateService

co.ronash.pushe.service.ScreenStateService

com.evernote.android.job.gcm.PlatformGcmService

com.google.android.gms.gcm.ACTION_TASK_READY

co.ronash.pushe.fcm.FcmService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

ir.adad.notification.notification.AdadNotificationActionIntentService

ir.adad.notification.actions.adad_notification_action.click
ir.adad.notification.actions.adad_notification_action.delete

Android Permissions

2bb406c59fc759657dc5d3de25c4dff7_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_COARSE_LOCATION

android.permission.READ_PHONE_STATE

Sharing

General

Malware Config

Signatures

Files

ir.ashpaz.mobileapp

ir.ashpaz.mobileapp.MainActivity

Activities

ir.ashpaz.mobileapp.MainActivity

ir.ashpaz.mobileapp.RssActivity

ir.ashpaz.mobileapp.ListActivity

ir.ashpaz.mobileapp.SearchActivity

ir.ashpaz.mobileapp.PageActivity

ir.ashpaz.mobileapp.WebActivity

ir.ashpaz.mobileapp.HtmlActivity

ir.ashpaz.mobileapp.BookmarksActivity

ir.ashpaz.mobileapp.SettingActivity

ir.ashpaz.mobileapp.UpdateActivity

ir.ashpaz.mobileapp.AudioPlayer

ir.ashpaz.mobileapp.JoAppVideoPlayer

ir.ashpaz.mobileapp.ImageViewActivity

ir.ashpaz.mobileapp.GalleryActivity

ir.ashpaz.mobileapp.PayActivity

ir.ashpaz.mobileapp.PayActivityHP

Permissions

Receivers

co.ronash.pushe.receiver.UpdateReceiver

co.ronash.pushe.receiver.BootAndScreenReceiver

co.ronash.pushe.receiver.ConnectivityReceiver

co.ronash.pushe.receiver.AddReceiver

co.ronash.pushe.receiver.AppChangeReceiver

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.JobBootReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

ir.ashpaz.mobileapp.MyPushListener

co.ronash.pushe.service.ScreenStateService

com.evernote.android.job.gcm.PlatformGcmService

co.ronash.pushe.fcm.FcmService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.iid.FirebaseInstanceIdService

ir.adad.notification.notification.AdadNotificationActionIntentService

Android Permissions

2bb406c59fc759657dc5d3de25c4dff7_JaffaCakes118