409a8051dfe0a43514de7e5e7123542e_JaffaCakes118

General

Target

409a8051dfe0a43514de7e5e7123542e_JaffaCakes118
Size

31.8MB
MD5

409a8051dfe0a43514de7e5e7123542e
SHA1

6fd3541567cb4643507956b7fdcdac74faf90ac2
SHA256

bc35b13d6eb5d6df06f0ed0979b665df0ec67a3561a5f2fec6d4284e54b116ab
SHA512

f04c6bb916bede197e73612f85dc1410eaa0f4e2d632db4fca7150ce895a509ffab496094463a1da4e6ebbf358ff78bba12486af76f2c8e9671b25a9eb73a0c2
SSDEEP

786432:25DJlCaBYZ/4BPk4MEiitCDj+XUazxGP13M/EfMWkyLbKvXEa23fYdh:25DvXYGBPkPEiitYihGd3M/EfMWTbKPf

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

409a8051dfe0a43514de7e5e7123542e_JaffaCakes118
.apk android arch:arm

com.h8games.helixjump

com.aiming.mdt.VdAd

Activities

com.aiming.mdt.VdAd

android.intent.action.MAIN

com.h8games.helixjump.UnityPlayerActivity

android.intent.action.VIEW

com.unity.purchasing.googleplay.VRPurchaseActivity

com.google.vr.vrcore.ACTION_NONE

io.presage.mraid.browser.ShortcutActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
com.google.android.c2dm.permission.RECEIVE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.WAKE_LOCK
com.android.vending.BILLING
com.android.alarm.permission.SET_ALARM
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.VIBRATE

Receivers

com.tenjin.android.TenjinReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.vungle.warren.NetworkStateReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

com.fyber.inneractive.sdk.mraid.IAMraidKit

com.fyber.inneractive.sdk.intent.action.REGISTER_KIT

com.fyber.inneractive.sdk.nativead.IANativeKit

com.fyber.inneractive.sdk.intent.action.REGISTER_KIT

com.fyber.inneractive.sdk.video.IAVideoKit

com.fyber.inneractive.sdk.intent.action.REGISTER_KIT

com.tapjoy.InstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

Services

Android Permissions

409a8051dfe0a43514de7e5e7123542e_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

com.google.android.c2dm.permission.RECEIVE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.WAKE_LOCK

com.android.vending.BILLING

com.android.alarm.permission.SET_ALARM

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.VIBRATE

Sharing

General

Malware Config

Signatures

Files

com.h8games.helixjump

com.aiming.mdt.VdAd

Activities

com.aiming.mdt.VdAd

com.h8games.helixjump.UnityPlayerActivity

com.unity.purchasing.googleplay.VRPurchaseActivity

io.presage.mraid.browser.ShortcutActivity

Permissions

Receivers

com.tenjin.android.TenjinReferrerReceiver

com.vungle.warren.NetworkStateReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.fyber.inneractive.sdk.mraid.IAMraidKit

com.fyber.inneractive.sdk.nativead.IANativeKit

com.fyber.inneractive.sdk.video.IAVideoKit

com.tapjoy.InstallReferrerReceiver

Services

Android Permissions

409a8051dfe0a43514de7e5e7123542e_JaffaCakes118