3fb0ad8ad02f469ab37f3212a35cc9b2_JaffaCakes118

General

Target

3fb0ad8ad02f469ab37f3212a35cc9b2_JaffaCakes118
Size

10.8MB
MD5

3fb0ad8ad02f469ab37f3212a35cc9b2
SHA1

6dacc35ab1c9f4d914e6b5b38b679ff270def7ea
SHA256

4d2c23f2caf042dd1c3a20418260d1114da681f1b3f0a16eb24e5fd22562d22d
SHA512

c3e32d4f08a83020db496be9ea90900c673a9f98f71f497ca6695d79f860c4691fbcbd70f98c20eafb565d8280b4a53947e5f4c5715f6483529d1ad7aabec54a
SSDEEP

196608:0cKJf4QC1uS2Ij1C6NAAITWkMbvIZn0exj+uWq7BNXykmq+meb+N3:zTt11C6fITWXIh7ouWq1pS7u3

Score

8^/10

upx

Malware Config

Signatures

Patched UPX-packed file 15 IoCs

Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

resource	yara_rule
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx

UPX packed file 15 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx

Requests dangerous framework permissions 8 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Files

3fb0ad8ad02f469ab37f3212a35cc9b2_JaffaCakes118
.apk android arch:arm arch:x86

cn.henzhaoji.and

cn.henzhaoji.and.activity.WelcomeActivity

Activities

cn.henzhaoji.and.activity.WelcomeActivity

android.intent.action.MAIN

Permissions

android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_LOGS
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.WRITE_SETTINGS

Services

Android Permissions

3fb0ad8ad02f469ab37f3212a35cc9b2_JaffaCakes118

Permissions

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_LOGS

android.permission.VIBRATE

android.permission.WAKE_LOCK

android.permission.WRITE_SETTINGS

Sharing

General

Malware Config

Signatures

Files

cn.henzhaoji.and

cn.henzhaoji.and.activity.WelcomeActivity

Activities

cn.henzhaoji.and.activity.WelcomeActivity

Permissions

Services

Android Permissions

3fb0ad8ad02f469ab37f3212a35cc9b2_JaffaCakes118