3b6a18666c7c2cd5609f15d369f410e3_JaffaCakes118

General

Target

3b6a18666c7c2cd5609f15d369f410e3_JaffaCakes118
Size

10.7MB
MD5

3b6a18666c7c2cd5609f15d369f410e3
SHA1

5c2afc6b710ab5acce75831b9b69d1aad2b73c6b
SHA256

e72802c025e032aca983398c10e2b978165952be1ae640704d05e930f5969fcc
SHA512

ce6ed8a7c8bbfcf0003c32add4618fc16aa06d16273a179def30fdf0b3ff45d20a2c82a0661791a530a2b21dfff15e99bbed2a3a5b3e1e52b9df8a1cc04ba160
SSDEEP

196608:dZNxKOyRROCIu6m9ohoX6D023CHC+1pQc1nsNCG+d450QiVhyYOyuUGRRl:JLcROCIu6m9ou7DjOdDiVlaUY

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE
Required by quick settings tile services to bind with the system. Allows apps to add custom tiles to the quick settings menu.	android.permission.BIND_QUICK_SETTINGS_TILE

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS

Files

3b6a18666c7c2cd5609f15d369f410e3_JaffaCakes118
.apk android arch:arm

com.njh.biubiu

com.njh.ping.core.business.LauncherActivity

Activities

com.njh.ping.detail.fragment.LaunchVPNActivity

android.intent.action.MAIN

com.njh.ping.core.business.LauncherActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.njh.ping.core.business.navi.RedirectActivity

android.intent.action.VIEW

Permissions

android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.CHANGE_NETWORK_STATE
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
com.android.launcher2.permission.READ_SETTINGS
com.android.launcher2.permission.WRITE_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.android.launcher3.permission.WRITE_SETTINGS
com.qihoo360.launcher.permission.READ_SETTINGS
com.qihoo360.launcher.permission.WRITE_SETTINGS
net.qihoo.launcher.permission.READ_SETTINGS
net.qihoo.launcher.permission.WRITE_SETTINGS
com.huawei.launcher3.permission.READ_SETTINGS
com.huawei.launcher3.permission.WRITE_SETTINGS
com.huawei.launcher2.permission.READ_SETTINGS
com.huawei.launcher2.permission.WRITE_SETTINGS
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.WRITE_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
com.miui.mihome2.permission.READ_SETTINGS
com.miui.mihome2.permission.WRITE_SETTINGS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.PACKAGE_USAGE_STATS
android.permission.BLUETOOTH
android.permission.READ_SETTINGS
android.permission.VIBRATE
com.njh.biubiu.permission.MIPUSH_RECEIVE
com.meizu.flyme.push.permission.RECEIVE
com.njh.biubiu.push.permission.MESSAGE
com.meizu.c2dm.permission.RECEIVE
com.njh.biubiu.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE

Receivers

com.njh.ping.core.libraries.notification.receiver.RtNotificationReceiver

com.njh.ping.action.notification.click
com.njh.ping.action.notification.show
com.njh.ping.action.notification.dismiss

com.taobao.accs.EventReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.taobao.accs.ServiceReceiver

com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO

com.taobao.agoo.AgooCommondReceiver

com.njh.biubiu.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED

com.njh.biubiu.MeiZuPushMsgReceiver

com.meizu.flyme.push.intent.MESSAGE
com.meizu.flyme.push.intent.REGISTER.FEEDBACK
com.meizu.flyme.push.intent.UNREGISTER.FEEDBACK
com.meizu.c2dm.intent.REGISTRATION
com.meizu.c2dm.intent.RECEIVE

org.android.agoo.huawei.HuaweiPushReceiver

com.huawei.android.push.intent.REGISTRATION
com.huawei.android.push.intent.RECEIVE
com.huawei.android.push.intent.CLICK
com.huawei.intent.action.PUSH_STATE

com.huawei.hms.support.api.push.PushEventReceiver

com.huawei.intent.action.PUSH

com.xiaomi.push.service.receivers.NetworkStatusReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.xiaomi.push.service.receivers.PingReceiver

com.xiaomi.push.PING_TIMER

org.android.agoo.xiaomi.MiPushBroadcastReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.MESSAGE_ARRIVED
com.xiaomi.mipush.ERROR

com.meizu.cloud.pushsdk.SystemReceiver

com.meizu.cloud.pushservice.action.PUSH_SERVICE_START

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.njh.vpncore.android.OnBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.MY_PACKAGE_REPLACED

Services

com.taobao.accs.ChannelService

com.taobao.accs.intent.action.SERVICE

com.taobao.accs.data.MsgDistributeService

com.taobao.accs.intent.action.RECEIVE

org.android.agoo.accs.AgooService

com.taobao.accs.intent.action.RECEIVE

com.taobao.agoo.TaobaoMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService

com.njh.ping.core.service.PingAgooService

org.agoo.android.intent.action.RECEIVE

org.android.agoo.gcm.AgooFirebaseInstanceIDService

com.google.firebase.INSTANCE_ID_EVENT

org.android.agoo.gcm.AgooFirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.njh.vpncore.core.OpenVPNService

android.net.VpnService

com.njh.vpncore.android.OpenVPNTileService

android.service.quicksettings.action.QS_TILE

Android Permissions

3b6a18666c7c2cd5609f15d369f410e3_JaffaCakes118

Permissions

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

android.permission.CHANGE_NETWORK_STATE

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.WRITE_SETTINGS

com.android.launcher2.permission.READ_SETTINGS

com.android.launcher2.permission.WRITE_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

com.android.launcher3.permission.WRITE_SETTINGS

com.qihoo360.launcher.permission.READ_SETTINGS

com.qihoo360.launcher.permission.WRITE_SETTINGS

net.qihoo.launcher.permission.READ_SETTINGS

net.qihoo.launcher.permission.WRITE_SETTINGS

com.huawei.launcher3.permission.READ_SETTINGS

com.huawei.launcher3.permission.WRITE_SETTINGS

com.huawei.launcher2.permission.READ_SETTINGS

com.huawei.launcher2.permission.WRITE_SETTINGS

com.huawei.android.launcher.permission.READ_SETTINGS

com.huawei.android.launcher.permission.WRITE_SETTINGS

com.oppo.launcher.permission.READ_SETTINGS

com.oppo.launcher.permission.WRITE_SETTINGS

com.miui.mihome2.permission.READ_SETTINGS

com.miui.mihome2.permission.WRITE_SETTINGS

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WAKE_LOCK

android.permission.READ_PHONE_STATE

android.permission.GET_TASKS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.PACKAGE_USAGE_STATS

android.permission.BLUETOOTH

android.permission.READ_SETTINGS

android.permission.VIBRATE

com.njh.biubiu.permission.MIPUSH_RECEIVE

com.meizu.flyme.push.permission.RECEIVE

com.njh.biubiu.push.permission.MESSAGE

com.meizu.c2dm.permission.RECEIVE

com.njh.biubiu.permission.C2D_MESSAGE

com.google.android.c2dm.permission.RECEIVE

Sharing

General

Malware Config

Signatures

Files

com.njh.biubiu

com.njh.ping.core.business.LauncherActivity

Activities

com.njh.ping.detail.fragment.LaunchVPNActivity

com.njh.ping.core.business.LauncherActivity

com.njh.ping.core.business.navi.RedirectActivity

Permissions

Receivers

com.njh.ping.core.libraries.notification.receiver.RtNotificationReceiver

com.taobao.accs.EventReceiver

com.taobao.accs.ServiceReceiver

com.taobao.agoo.AgooCommondReceiver

com.njh.biubiu.MeiZuPushMsgReceiver

org.android.agoo.huawei.HuaweiPushReceiver

com.huawei.hms.support.api.push.PushEventReceiver

com.xiaomi.push.service.receivers.NetworkStatusReceiver

com.xiaomi.push.service.receivers.PingReceiver

org.android.agoo.xiaomi.MiPushBroadcastReceiver

com.meizu.cloud.pushsdk.SystemReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.njh.vpncore.android.OnBootReceiver

Services

com.taobao.accs.ChannelService

com.taobao.accs.data.MsgDistributeService

org.android.agoo.accs.AgooService

com.taobao.agoo.TaobaoMessageIntentReceiverService

com.njh.ping.core.service.PingAgooService

org.android.agoo.gcm.AgooFirebaseInstanceIDService

org.android.agoo.gcm.AgooFirebaseMessagingService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.iid.FirebaseInstanceIdService

com.njh.vpncore.core.OpenVPNService

com.njh.vpncore.android.OpenVPNTileService

Android Permissions

3b6a18666c7c2cd5609f15d369f410e3_JaffaCakes118