437c0450662b871213d1c6a63923dad8_JaffaCakes118

General

Target

437c0450662b871213d1c6a63923dad8_JaffaCakes118
Size

31.6MB
MD5

437c0450662b871213d1c6a63923dad8
SHA1

fb87a2ed7324b27e7674812d5df4b0986af535aa
SHA256

13440cf44e7c2b81681e32cd94f2463ccd3ffc01dfd5ec753362a97ed3ebf363
SHA512

08486c6a080b1dcd897edd757e486598ed0e30954c1e71eff86aa9b9c484236075704d0647c648efe689a8718999e723151db250224319e5724fdb14088918dd
SSDEEP

786432:23QzlVLSWUqwFcXVEWnBWW3LUQoOI6FN1KGSlnyXm23o9LJdP5:rSrFcGQBB9Slny2io1Jdh

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 13 IoCs

description	ioc
Allows an application to record audio.	android.permission.RECORD_AUDIO
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

437c0450662b871213d1c6a63923dad8_JaffaCakes118
.apk android arch:arm64 arch:arm arch:x86

com.net.jiubao.merchants

com.net.jiubao.merchants.main.ui.activity.StartActivity

Activities

com.net.jiubao.merchants.main.ui.activity.StartActivity

android.intent.action.MAIN

com.net.jiubao.merchants.main.ui.activity.MainActivity

android.intent.action.VIEW
jpush.testAction

com.net.jiubao.merchants.wxapi.WXPayEntryActivity

android.intent.action.VIEW

cn.jpush.android.ui.PushActivity

cn.jpush.android.ui.PushActivity

com.mob.tools.MobUIShell

com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

cn.sharesdk.tencent.qq.ReceiveActivity

android.intent.action.VIEW

Permissions

android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.RECORD_AUDIO
android.permission.WAKE_LOCK
android.permission.ACCESS_WIFI_STATE
android.permission.READ_LOGS
android.permission.CAMERA
android.permission.FLASHLIGHT
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.GET_TASKS
android.permission.MANAGE_ACCOUNTS
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.BLUETOOTH
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.BROADCAST_STICKY
android.permission.BLUETOOTH_ADMIN
android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_OVERLAY_WINDOW
android.permission.ACCESS_COARSE_LOCATION
android.permission.CHANGE_WIFI_STATE
android.permission.WRITE_SETTINGS
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.CHANGE_NETWORK_STATE
android.permission.REORDER_TASKS
android.permission.FOREGROUND_SERVICE
android.permission.RECEIVE_USER_PRESENT
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERACT_ACROSS_USERS
com.net.jiubao.merchants.permission.JPUSH_MESSAGE

Receivers

com.netease.nimlib.service.NimReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE

com.net.jiubao.merchants.base.library.receiver.JPushReceiver

cn.jpush.android.intent.REGISTRATION
cn.jpush.android.intent.MESSAGE_RECEIVED
cn.jpush.android.intent.NOTIFICATION_RECEIVED
cn.jpush.android.intent.NOTIFICATION_OPENED
cn.jpush.android.intent.CONNECTION

com.net.jiubao.merchants.base.library.receiver.MyJPushMessageReceiver

cn.jpush.android.intent.RECEIVE_MESSAGE

cn.jpush.android.service.PushReceiver

cn.jpush.android.intent.NOTIFICATION_RECEIVED_PROXY
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

Services

cn.jpush.android.service.DaemonService

cn.jpush.android.intent.DaemonService

com.blankj.utilcode.util.MessengerUtils$ServerService

com.net.jiubao.merchants.messenger

cn.jpush.android.service.PushService

cn.jpush.android.intent.REGISTER
cn.jpush.android.intent.REPORT
cn.jpush.android.intent.PushService
cn.jpush.android.intent.PUSH_TIME

Android Permissions

437c0450662b871213d1c6a63923dad8_JaffaCakes118

Permissions

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.RECORD_AUDIO

android.permission.WAKE_LOCK

android.permission.ACCESS_WIFI_STATE

android.permission.READ_LOGS

android.permission.CAMERA

android.permission.FLASHLIGHT

android.permission.READ_PHONE_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.VIBRATE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.GET_TASKS

android.permission.MANAGE_ACCOUNTS

android.permission.GET_ACCOUNTS

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.BLUETOOTH

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.BROADCAST_STICKY

android.permission.BLUETOOTH_ADMIN

android.permission.SYSTEM_ALERT_WINDOW

android.permission.SYSTEM_OVERLAY_WINDOW

android.permission.ACCESS_COARSE_LOCATION

android.permission.CHANGE_WIFI_STATE

android.permission.WRITE_SETTINGS

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.CHANGE_NETWORK_STATE

android.permission.REORDER_TASKS

android.permission.FOREGROUND_SERVICE

android.permission.RECEIVE_USER_PRESENT

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.INTERACT_ACROSS_USERS

com.net.jiubao.merchants.permission.JPUSH_MESSAGE

Sharing

General

Malware Config

Signatures

Files

com.net.jiubao.merchants

com.net.jiubao.merchants.main.ui.activity.StartActivity

Activities

com.net.jiubao.merchants.main.ui.activity.StartActivity

com.net.jiubao.merchants.main.ui.activity.MainActivity

com.net.jiubao.merchants.wxapi.WXPayEntryActivity

cn.jpush.android.ui.PushActivity

com.mob.tools.MobUIShell

cn.sharesdk.tencent.qq.ReceiveActivity

Permissions

Receivers

com.netease.nimlib.service.NimReceiver

com.net.jiubao.merchants.base.library.receiver.JPushReceiver

com.net.jiubao.merchants.base.library.receiver.MyJPushMessageReceiver

cn.jpush.android.service.PushReceiver

Services

cn.jpush.android.service.DaemonService

com.blankj.utilcode.util.MessengerUtils$ServerService

cn.jpush.android.service.PushService

Android Permissions

437c0450662b871213d1c6a63923dad8_JaffaCakes118