408c41b21a68ffd9d4a95f913e27bf99_JaffaCakes118

General

Target

408c41b21a68ffd9d4a95f913e27bf99_JaffaCakes118
Size

20.9MB
MD5

408c41b21a68ffd9d4a95f913e27bf99
SHA1

43f893e0aa25c20677dbc36fdfc3d8a1e902c83b
SHA256

7ce4c57f75d00636c092f553dda734e45cbdfc6229459e7d42cbe87fb341aca5
SHA512

baffc31be7b117fd1b74890dfa4df9979982e971200da7f62ca8b94b39a889ccd996de53b492c7b23f9f9b4da407a89bec112ac0da5798a48cd486e79d3aa165
SSDEEP

393216:qPso1idhhX0uWJvnuOv2XWYhPn63qjE2PTUg+UzqU279YqxL8ICIoXyYnfTIIunH:qPN1ycuWFu+2P0qA2PJ+1U2xDxxgyYfI

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

408c41b21a68ffd9d4a95f913e27bf99_JaffaCakes118
.apk android arch:arm64 arch:arm arch:mips arch:mips64 arch:x86 arch:x64

com.yulin520.client

com.yulin520.client.activity.WelcomeActivity

Activities

com.yulin520.client.activity.WelcomeActivity

android.intent.action.MAIN

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.GET_TASKS
android.permission.CAMERA
android.permission.RESTART_PACKAGES
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.DISABLE_KEYGUARD
android.permission.ACCESS_COARSE_LOCATION
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.INTERNET
android.permission.RECORD_AUDIO
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_FINE_LOCATION
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.MODIFY_AUDIO_SETTINGS
com.google.android.c2dm.permission.RECEIVE
android.permission.READ_LOGS
android.permission.EXPAND_STATUS_BAR
android.permission.GET_TASKS
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.READ_PHONE_STATE

Receivers

com.yulin520.client.receiver.MessageBroadcastReceiver

action_notification

com.yulin520.client.receiver.InviteBroadcastReceiver

action_contact

com.yulin520.client.receiver.NoticeBroadcastReceiver

action_notice

com.easemob.chat.StartServiceReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.easemob.chat.EMGCMBroadcastReceiver

com.google.android.c2dm.intent.RECEIVE

com.easemob.chatuidemo.receiver.GCMPushBroadCast

com.easemob.sdk.push

com.easemob.chat.EMMonitorReceiver

android.intent.action.PACKAGE_REMOVED
android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT

com.yulin520.client.receiver.MyPushMessageReceiver

com.baidu.android.pushservice.action.MESSAGE
com.baidu.android.pushservice.action.RECEIVE
com.baidu.android.pushservice.action.notification.CLICK

com.baidu.android.pushservice.PushServiceReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
com.baidu.android.pushservice.action.notification.SHOW
com.baidu.android.pushservice.action.media.CLICK
android.intent.action.MEDIA_MOUNTED
android.intent.action.USER_PRESENT
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.baidu.android.pushservice.RegistrationReceiver

com.baidu.android.pushservice.action.METHOD
com.baidu.android.pushservice.action.BIND_SYNC
android.intent.action.PACKAGE_REMOVED

Services

com.baidu.android.pushservice.PushService

com.baidu.android.pushservice.action.PUSH_SERVICE

Android Permissions

408c41b21a68ffd9d4a95f913e27bf99_JaffaCakes118

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.GET_TASKS

android.permission.CAMERA

android.permission.RESTART_PACKAGES

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_DOWNLOAD_MANAGER

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.DISABLE_KEYGUARD

android.permission.ACCESS_COARSE_LOCATION

android.permission.WRITE_SETTINGS

android.permission.VIBRATE

android.permission.INTERNET

android.permission.RECORD_AUDIO

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_FINE_LOCATION

android.permission.CHANGE_WIFI_STATE

android.permission.WAKE_LOCK

android.permission.MODIFY_AUDIO_SETTINGS

com.google.android.c2dm.permission.RECEIVE

android.permission.READ_LOGS

android.permission.EXPAND_STATUS_BAR

android.permission.GET_TASKS

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.READ_PHONE_STATE

Sharing

General

Malware Config

Signatures

Files

com.yulin520.client

com.yulin520.client.activity.WelcomeActivity

Activities

com.yulin520.client.activity.WelcomeActivity

com.tencent.tauth.AuthActivity

Permissions

Receivers

com.yulin520.client.receiver.MessageBroadcastReceiver

com.yulin520.client.receiver.InviteBroadcastReceiver

com.yulin520.client.receiver.NoticeBroadcastReceiver

com.easemob.chat.StartServiceReceiver

com.easemob.chat.EMGCMBroadcastReceiver

com.easemob.chatuidemo.receiver.GCMPushBroadCast

com.easemob.chat.EMMonitorReceiver

com.yulin520.client.receiver.MyPushMessageReceiver

com.baidu.android.pushservice.PushServiceReceiver

com.baidu.android.pushservice.RegistrationReceiver

Services

com.baidu.android.pushservice.PushService

Android Permissions

408c41b21a68ffd9d4a95f913e27bf99_JaffaCakes118