privateloader | 3616b05bac621c323b81b7f5e1c1675e_JaffaCakes118

General

Target

3616b05bac621c323b81b7f5e1c1675e_JaffaCakes118
Size

24.1MB
MD5

3616b05bac621c323b81b7f5e1c1675e
SHA1

101cb88d306851bea3d2a522899a36c474326477
SHA256

ccf6238820fc753efc1c5f9c3dd11e4773ad0d5c08ae00768a59aae4b5c76090
SHA512

895b53a724b93197cb59fe45749953ae1ca89a32bab3fc73c393030b18b17e3c5ff1c109774d9c7a89e2d04686687a54b746537831e2ad70bde19bfdb9ad128a
SSDEEP

786432:Luwgb2bGUcz3Troq8pCcuP9e4LpbIGaaZ:922b43TroVIcuP9e8pEGaaZ

Score

10^/10

privateloader

Malware Config

Signatures

Privateloader family
privateloader

Requests dangerous framework permissions 8 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

3616b05bac621c323b81b7f5e1c1675e_JaffaCakes118
.apk android arch:arm arch:x86

com.panda.videoliveplatform

com.panda.videoliveplatform.activity.WelcomeActivity

Activities

com.panda.videoliveplatform.activity.WelcomeActivity

android.intent.action.MAIN

com.panda.videoliveplatform.activity.SchemeActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.CAMERA
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.VIBRATE
android.permission.WRITE_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_TASKS
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.BLUETOOTH_ADMIN
android.permission.BLUETOOTH

Receivers

tv.panda.component.WakeUpReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.panda.videoliveplatform.pandasocket.LoginReceiverForPs

com.panda.videoliveplatform.action.LOGIN
com.panda.videoliveplatform.action.LOGOUT

com.umeng.message.SystemReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED

com.umeng.message.MessageReceiver

org.agoo.android.intent.action.RECEIVE

com.umeng.message.ElectionReceiver

org.agoo.android.intent.action.ELECTION_RESULT_V4

com.umeng.message.RegistrationReceiver

com.panda.videoliveplatform.intent.action.COMMAND

com.umeng.message.UmengMessageBootReceiver

android.intent.action.BOOT_COMPLETED

Services

com.umeng.message.UmengService

com.panda.videoliveplatform.intent.action.START
com.panda.videoliveplatform.intent.action.COCKROACH
org.agoo.android.intent.action.PING_V4

com.umeng.message.UmengMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService
org.android.agoo.client.ElectionReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.messge.registercallback.action
com.umeng.message.unregistercallback.action
com.umeng.message.message.handler.action
com.umeng.message.autoupdate.handler.action

Android Permissions

3616b05bac621c323b81b7f5e1c1675e_JaffaCakes118

Permissions

android.permission.WAKE_LOCK

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.CAMERA

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.VIBRATE

android.permission.WRITE_SETTINGS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.GET_TASKS

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.RECORD_AUDIO

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.BLUETOOTH_ADMIN

android.permission.BLUETOOTH

Sharing

General

Malware Config

Signatures

Files

com.panda.videoliveplatform

com.panda.videoliveplatform.activity.WelcomeActivity

Activities

com.panda.videoliveplatform.activity.WelcomeActivity

com.panda.videoliveplatform.activity.SchemeActivity

com.tencent.tauth.AuthActivity

Permissions

Receivers

tv.panda.component.WakeUpReceiver

com.panda.videoliveplatform.pandasocket.LoginReceiverForPs

com.umeng.message.SystemReceiver

com.umeng.message.MessageReceiver

com.umeng.message.ElectionReceiver

com.umeng.message.RegistrationReceiver

com.umeng.message.UmengMessageBootReceiver

Services

com.umeng.message.UmengService

com.umeng.message.UmengMessageIntentReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

Android Permissions

3616b05bac621c323b81b7f5e1c1675e_JaffaCakes118