429c5dd37428c148af889c9faa9e3813_JaffaCakes118

General

Target

429c5dd37428c148af889c9faa9e3813_JaffaCakes118
Size

15.6MB
MD5

429c5dd37428c148af889c9faa9e3813
SHA1

4152f74abffc8bbef026db052ce4128fd10e4b10
SHA256

ac0164aa8d055ae9e4ac30d7e2ea441d858a26e1c6e6f229bb8eb7420834e3d6
SHA512

7d58f5302745ffdf8ce46b995d7addf7b83a35732ea2e10be817a3f94c90fd40af9451e7cdaf387ee271f5f42f6948d295b9bd2fe1331698f0d0dca7f2c5d32c
SSDEEP

393216:P2td5f0Q9Ihkc0d7H6w7PjtPyvl960w6Sce5dv4C:KsgcaLJPot96rK3C

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

429c5dd37428c148af889c9faa9e3813_JaffaCakes118
.apk android arch:arm arch:mips arch:x86

tc.tangcha.book

.TangchaActivity

Activities

.TangchaActivity

android.intent.action.MAIN

.activity.BookShortcutCreatorActivity

android.intent.action.CREATE_SHORTCUT

.activity.ReadingActivity

android.intent.action.MAIN

Permissions

android.permission.VIBRATE
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE

Receivers

.receiver.TangchaReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
tc.tangcha.book.UPDATE_ACTION

.receiver.AudioBecomingNoisyReceiver

android.media.AUDIO_BECOMING_NOISY

Services
Alipay_msp_online.apk
.apk android arch:arm

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

android.intent.action.MAIN

.activity.Alerter

android.intent.action.MAIN

.activity.Welcome

android.intent.action.MAIN

.activity.Updater

android.intent.action.MAIN

.activity.PageForBrowser

android.intent.action.VIEW

.activity.CertBiz

android.intent.action.MAIN

.activity.MessageActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
com.aliyun.xiaoyunmi.alipay

Receivers

.AlixReceiver

com.aliyun.xiaoyunmi.alipay_exit

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

Android Permissions

429c5dd37428c148af889c9faa9e3813_JaffaCakes118

Permissions

android.permission.VIBRATE

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

Sharing

General

Malware Config

Signatures

Files

tc.tangcha.book

.TangchaActivity

Activities

.TangchaActivity

.activity.BookShortcutCreatorActivity

.activity.ReadingActivity

Permissions

Receivers

.receiver.TangchaReceiver

.receiver.AudioBecomingNoisyReceiver

Services

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

.activity.Alerter

.activity.Welcome

.activity.Updater

.activity.PageForBrowser

.activity.CertBiz

.activity.MessageActivity

Permissions

Receivers

.AlixReceiver

Services

.AlixService

Android Permissions

429c5dd37428c148af889c9faa9e3813_JaffaCakes118