34d4cf861ec50fbd4e10744d27a65e18_JaffaCakes118

General

Target

34d4cf861ec50fbd4e10744d27a65e18_JaffaCakes118
Size

24.9MB
MD5

34d4cf861ec50fbd4e10744d27a65e18
SHA1

3589506e0f7614747038bb392f892d21d1afc997
SHA256

7ce807994b0fda293419e6ba9a2971a2196c517b50755adc2890b06f6f9d2257
SHA512

e608e2feb2fe252d4318aae5b97b5317c5456258083b27a4aba8d9916a8e4da5f7c045f0bb0c56b02594cff290184a618c76bd1b1be95d7a6c8423016732e794
SSDEEP

786432:vjjFy1LQPVskaNl+lTHGWaec0bWREpbjSNAXMf:vY1LETTa+0SMf

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Files

34d4cf861ec50fbd4e10744d27a65e18_JaffaCakes118
.apk android arch:arm

cn.sparkgame.AllMen.MM

com.vicky.gameplugin.LewanPluginActivity

Activities

com.vicky.gameplugin.LewanPluginActivity

android.intent.action.MAIN

mm.purchasesdk.iapservice.BillingLayoutActivity

cn.sparkgame.AllMen.MM.com.mmiap.activity

safiap.framework.ui.UpdateHintActivity

safiap.framework.ACTION_TO_INSTALL
safiap.framework.ACTION_TO_INSTALL_IAP
safiap.framework.ACTION_NETWORK_ERROR_IAP
safiap.framework.ACTION_NETWORK_ERROR_FRAMEWORK

neo.proxy.ToolActivity

com.secneo.proxy.action.CUSTOM

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS

Receivers

safiap.framework.CheckUpdateReceiver

safiap.framework.ACTION_CANCEL_NOTIFICATION
safiap.GET_SHARED_DATA
safiap.framework.ACTION_SET_TIMER

neo.proxy.DistributeReceiver

android.intent.action.ACTION_POWER_CONNECTED
com.secneo.plugin.action.HOURLY
com.secneo.plugin.action.DAILY
com.secneo.plugin.action.APP_STARTED
android.net.conn.CONNECTIVITY_CHANGE
com.secneo.proxy.action.CUSTOM

Services

mm.purchasesdk.iapservice.PurchaseService

com.aspire.purchaseservice.BIND
cn.sparkgame.AllMen.MM.purchaseservice.BIND
android.intent.action.MAIN

safiap.framework.SafFrameworkManager

safiap.framework.sdk.ISAFFramework
safiap.framework.ACTION_START_DOWNLOAD
safiap.framework.ACTION_CHECK_UPDATE
7723box_pjz.apk
.apk android arch:arm

com.upgadata.up7723

com.upgadata.up7723.home.MainActivity

Activities

com.upgadata.up7723.home.MainActivity

android.intent.action.MAIN

Permissions

android.permission.GET_PACKAGE_SIZE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.VIBRATE
android.permission.WRITE_SETTINGS

Receivers

com.upgadata.up7723.apps.BootReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.umeng.message.RegistrationReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED

com.umeng.message.UmengBroadcastReceiver

org.agoo.android.intent.action.RECEIVE
com.upgadata.up7723.intent.action.COMMAND
org.agoo.android.intent.action.RE_ELECTION_V2

Services

com.upgadata.up7723.http.download.DownloadService

download.service.action

com.umeng.message.UmengService

com.upgadata.up7723.intent.action.START
com.upgadata.up7723.intent.action.COCKROACH
org.agoo.android.intent.action.PING

org.android.agoo.service.ElectionService

org.agoo.android.intent.action.ELECTION_V2
container.apk
.apk android

Android Permissions

34d4cf861ec50fbd4e10744d27a65e18_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.SYSTEM_ALERT_WINDOW

android.permission.GET_TASKS

android.permission.WRITE_SETTINGS

Sharing

General

Malware Config

Signatures

Files

cn.sparkgame.AllMen.MM

com.vicky.gameplugin.LewanPluginActivity

Activities

com.vicky.gameplugin.LewanPluginActivity

mm.purchasesdk.iapservice.BillingLayoutActivity

safiap.framework.ui.UpdateHintActivity

neo.proxy.ToolActivity

Permissions

Receivers

safiap.framework.CheckUpdateReceiver

neo.proxy.DistributeReceiver

Services

mm.purchasesdk.iapservice.PurchaseService

safiap.framework.SafFrameworkManager

com.upgadata.up7723

com.upgadata.up7723.home.MainActivity

Activities

com.upgadata.up7723.home.MainActivity

Permissions

Receivers

com.upgadata.up7723.apps.BootReceiver

com.umeng.message.RegistrationReceiver

com.umeng.message.UmengBroadcastReceiver

Services

com.upgadata.up7723.http.download.DownloadService

com.umeng.message.UmengService

org.android.agoo.service.ElectionService

Android Permissions

34d4cf861ec50fbd4e10744d27a65e18_JaffaCakes118