49642027e6fa63c9bfa1f67469cd5a98_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

49642027e6fa63c9bfa1f67469cd5a98_JaffaCakes118
Size

8.8MB
MD5

49642027e6fa63c9bfa1f67469cd5a98
SHA1

cf993906088cf01089ffb2b2b6d7c50dccedd0cb
SHA256

f02085475810940c4d6b4dc625447eea55988e8166f679cb06f28649ddad9c28
SHA512

e0cde2378641c963011faad0bab2df9de1f25d3f6362129b0d160111cbc6717f0fa15079b3757a05eee8e1900d2fdc093f3e718bf198091d6a8568eec585deb6
SSDEEP

196608:0OVK71clqT83Iazj8MW1g5GOLF9/3t2BH95B2X58BQvYQGqwn:0OVccoA3f8MW1gUOLF9/3t2BH9D22BGY

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 14 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE

Files

49642027e6fa63c9bfa1f67469cd5a98_JaffaCakes118
.apk android arch:arm arch:x86

com.zht.zncy

com.sp2p.activity.SplashActivity

Activities

com.sp2p.activity.SplashActivity

android.intent.action.MAIN

com.sp2p.activity.MyfocusedActivity

android.intent.action.PICK

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.VIBRATE
android.permission.CALL_PHONE
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_CONTACTS
android.permission.SEND_SMS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.DISABLE_KEYGUARD
android.permission.ACCESS_COARSE_LOCATION
android.permission.CALL_PHONE
android.permission.GET_TASKS

Receivers

com.sp2p.receiver.DownloadComplete

android.intent.action.DOWNLOAD_COMPLETE

Services
ips_p2plugin.apk
.apk android arch:arm arch:x86

com.ips.p2p

.activity.BaseActivity

Activities

Permissions

android.permission.READ_LOGS
android.permission.INTERNET
android.permission.CALL_PHONE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
org.simalliance.openmobileapi.SMARTCARD
android.permission.NFC
UPPayPluginEx.apk
.apk android arch:arm64 arch:arm arch:mips arch:x86

com.unionpay.uppay

com.unionpay.uppay.PayActivity

Activities

com.unionpay.uppay.PayActivity

android.intent.action.Run
android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
org.simalliance.openmobileapi.SMARTCARD
com.tencent.mtt.extension.Player
android.webkit.permission.PLUGIN
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.NFC

Services

com.UCMobile.PayPlugin.PayPluginService

android.webkit.PLUGIN
plugin-deploy.jar
.apk android

Android Permissions

49642027e6fa63c9bfa1f67469cd5a98_JaffaCakes118

Permissions

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.VIBRATE

android.permission.CALL_PHONE

android.permission.ACCESS_WIFI_STATE

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_CONTACTS

android.permission.SEND_SMS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_SETTINGS

android.permission.VIBRATE

android.permission.ACCESS_DOWNLOAD_MANAGER

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.DISABLE_KEYGUARD

android.permission.ACCESS_COARSE_LOCATION

android.permission.CALL_PHONE

android.permission.GET_TASKS

Sharing

General

Malware Config

Signatures

Files

com.zht.zncy

com.sp2p.activity.SplashActivity

Activities

com.sp2p.activity.SplashActivity

com.sp2p.activity.MyfocusedActivity

com.tencent.tauth.AuthActivity

Permissions

Receivers

com.sp2p.receiver.DownloadComplete

Services

com.ips.p2p

.activity.BaseActivity

Activities

Permissions

com.unionpay.uppay

com.unionpay.uppay.PayActivity

Activities

com.unionpay.uppay.PayActivity

Permissions

Services

com.UCMobile.PayPlugin.PayPluginService

Android Permissions

49642027e6fa63c9bfa1f67469cd5a98_JaffaCakes118