3916390b257b774f556dbe673fb1022a_JaffaCakes118

General

Target

3916390b257b774f556dbe673fb1022a_JaffaCakes118
Size

18.8MB
MD5

3916390b257b774f556dbe673fb1022a
SHA1

40d74cb8cc409e9a46d1a619abad8e58b234b890
SHA256

c530655d16fce0625a451be636d5643c1246d864de18151056888be89402a711
SHA512

6db73135cfa6ee87f48bc054df63ab62a93987307b4ca26c6f9619a7f3a4b620eaa168c53a4073c8016fe6891fa39e7d6afbffe184c47ae23585fa2f2a13e08d
SSDEEP

393216:D1sLh2/lGwKAuS7FMZc/BTaGIA6Se2EOVkKEWdd8Am+CnMgLVjkkorZ7BNkh:D1sLh2/MxS5f/BTiHSTPkKpd9cBjbq7E

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by remote views services to bind with the system. Allows apps to share and display views across different processes.	android.permission.BIND_REMOTEVIEWS

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

3916390b257b774f556dbe673fb1022a_JaffaCakes118
.apk android arch:arm64 arch:arm arch:x86

ru.ntv.client

ru.ntv.client.ui.activities.ActivitySplash

Activities

ru.ntv.client.ui.activities.ActivitySplash

android.intent.action.MAIN
android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.MAIN
android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.VIBRATE
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE
ru.ntv.client.permission.C2D_MESSAGE

Receivers

ru.ntv.client.ui.widget.WidgetMain

android.appwidget.action.APPWIDGET_UPDATE
android.net.conn.CONNECTIVITY_CHANGE

com.my.tracker.campaign.CampaignReceiver

com.android.vending.INSTALL_REFERRER

com.yandex.metrica.MetricaEventHandler

com.android.vending.INSTALL_REFERRER

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

ru.ntv.client.model.push.GcmService

com.google.firebase.MESSAGING_EVENT

ru.ntv.client.model.push.IDListenerService

com.google.firebase.INSTANCE_ID_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.yandex.metrica.MetricaService

com.yandex.metrica.IMetricaService

com.yandex.metrica.ConfigurationService

com.yandex.metrica.configuration.ACTION_START

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

Android Permissions

3916390b257b774f556dbe673fb1022a_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.VIBRATE

android.permission.WAKE_LOCK

com.google.android.c2dm.permission.RECEIVE

ru.ntv.client.permission.C2D_MESSAGE

Sharing

General

Malware Config

Signatures

Files

ru.ntv.client

ru.ntv.client.ui.activities.ActivitySplash

Activities

ru.ntv.client.ui.activities.ActivitySplash

Permissions

Receivers

ru.ntv.client.ui.widget.WidgetMain

com.my.tracker.campaign.CampaignReceiver

com.yandex.metrica.MetricaEventHandler

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

ru.ntv.client.model.push.GcmService

ru.ntv.client.model.push.IDListenerService

com.google.firebase.messaging.FirebaseMessagingService

com.yandex.metrica.MetricaService

com.yandex.metrica.ConfigurationService

com.google.firebase.iid.FirebaseInstanceIdService

Android Permissions

3916390b257b774f556dbe673fb1022a_JaffaCakes118