3d608eaf4de1958a255569d4397eb99f_JaffaCakes118

General

Target

3d608eaf4de1958a255569d4397eb99f_JaffaCakes118
Size

7.5MB
MD5

3d608eaf4de1958a255569d4397eb99f
SHA1

ef702fd9d8327c9b7f2bc6875b46f1c3e92b09a6
SHA256

8d6f4cbfe1fd16fea693e35060e6aaa37e0a815ec2bb522fb599dec52dd11448
SHA512

fb3ea7ba3f0cc952410ab80640aab902ee92a616df2c55eb3c35b4240bf9e5ec6253963207084f593f30902a1a91ce21f773525fd391cf6c94eda2835154a0f1
SSDEEP

196608:DOoCao/uGjW2aWgrBgLnzBc1Z2vuKqzvUSTfIbfY:SjX/LgrBWG2vuKM9rIfY

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 13 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to access data from sensors that the user uses to measure what is happening inside their body, such as heart rate.	android.permission.BODY_SENSORS
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

3d608eaf4de1958a255569d4397eb99f_JaffaCakes118
.apk android arch:arm64 arch:arm arch:x86

com.lssmd.time

zql.app_jinnang.me.SplashActivity

Activities

cn.jpush.android.ui.PushActivity

cn.jpush.android.ui.PushActivity

zql.app_jinnang.me.SplashActivity

android.intent.action.MAIN

Permissions

android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.CAMERA
com.huanxicai.kaijiangyc.permission.JPUSH_MESSAGE
android.permission.RECEIVE_USER_PRESENT
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.WRITE_SETTINGS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.READ_SMS
android.permission.BODY_SENSORS
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.RECEIVE_BOOT_COMPLETED
com.lssmd.time.permission.JPUSH_MESSAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.CHANGE_NETWORK_STATE

Receivers

com.simplepeng.updaterlibrary.DownloadReceiver

android.intent.action.DOWNLOAD_COMPLETE

zql.app_jinnang.me.broadcast.AppInstallReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_REMOVED

cn.jpush.android.service.PushReceiver

cn.jpush.android.intent.NOTIFICATION_RECEIVED_PROXY
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.avos.avoscloud.AVBroadcastReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE

Services

cn.jpush.android.service.PushService

cn.jpush.android.intent.REGISTER
cn.jpush.android.intent.REPORT
cn.jpush.android.intent.PushService
cn.jpush.android.intent.PUSH_TIME

cn.jpush.android.service.DaemonService

cn.jpush.android.intent.DaemonService

Android Permissions

3d608eaf4de1958a255569d4397eb99f_JaffaCakes118

Permissions

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CAMERA

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.CAMERA

com.huanxicai.kaijiangyc.permission.JPUSH_MESSAGE

android.permission.RECEIVE_USER_PRESENT

android.permission.VIBRATE

android.permission.WAKE_LOCK

android.permission.READ_PHONE_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.WRITE_SETTINGS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.READ_SMS

android.permission.BODY_SENSORS

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.RECEIVE_BOOT_COMPLETED

com.lssmd.time.permission.JPUSH_MESSAGE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.CHANGE_NETWORK_STATE

Sharing

General

Malware Config

Signatures

Files

com.lssmd.time

zql.app_jinnang.me.SplashActivity

Activities

cn.jpush.android.ui.PushActivity

zql.app_jinnang.me.SplashActivity

Permissions

Receivers

com.simplepeng.updaterlibrary.DownloadReceiver

zql.app_jinnang.me.broadcast.AppInstallReceiver

cn.jpush.android.service.PushReceiver

com.avos.avoscloud.AVBroadcastReceiver

Services

cn.jpush.android.service.PushService

cn.jpush.android.service.DaemonService

Android Permissions

3d608eaf4de1958a255569d4397eb99f_JaffaCakes118