4a846be7acb92e6c7541b56910b8e769_JaffaCakes118

General

Target

4a846be7acb92e6c7541b56910b8e769_JaffaCakes118
Size

13.1MB
MD5

4a846be7acb92e6c7541b56910b8e769
SHA1

86867cfed8a71cd2087a80c632e5a7796aac8719
SHA256

0d2d7cb76dcf643fa8542d1c49382399f621804754328d8327f35eb4c4cea2ed
SHA512

f5f4ca2bb3705af7ccbc2d422b5b9169124b0f62e6321a1feafd3e7f2156d02d01049d07c624a9d9ec8df2ea2c4f1fc1c55b1d0b0b51700109f2387dcb3680d3
SSDEEP

393216:UduwIDoaxopHClaTHHTC5VRM60ntNla4/7yenZtGz:9oaKMaTn2RR8tNla4j3ZK

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

4a846be7acb92e6c7541b56910b8e769_JaffaCakes118
.apk android arch:arm

com.ezjoynetwork.icecrushchina.qihu

.GameApp

Activities

.GameApp

android.intent.action.MAIN

mm.purchasesdk.iapservice.BillingLayoutActivity

com.ezjoynetwork.icecrushchina.qihu.com.mmiap.activity

safiap.framework.ui.UpdateHintActivity

safiap.framework.ACTION_TO_INSTALL
safiap.framework.ACTION_TO_INSTALL_IAP
safiap.framework.ACTION_NETWORK_ERROR_IAP
safiap.framework.ACTION_NETWORK_ERROR_FRAMEWORK

cn.cmgame.billing.api.GameOpenActivity

android.intent.action.CHINAMOBILE_OMS_GAME

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.SEND_SMS
android.permission.READ_CONTACTS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.DISABLE_KEYGUARD
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_SMS
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.GET_TASKS
android.permission.READ_EXTERNAL_STORAGE
android.permission.RECEIVE_SMS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.RESTART_PACKAGES
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.VIBRATE

Receivers

safiap.framework.CheckUpdateReceiver

safiap.framework.ACTION_CANCEL_NOTIFICATION
safiap.GET_SHARED_DATA
safiap.framework.ACTION_SET_TIMER

cn.play.dserv.DsReceiver

cn.play.dservice
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED

com.ezjoynetwork.service.BootCompleteReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON

com.qihoo.psdk.local.QBootReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE

Services

mm.purchasesdk.iapservice.PurchaseService

com.ezjoynetwork.icecrushchina.qihu.purchaseservice.BIND

safiap.framework.SafFrameworkManager

safiap.framework.sdk.ISAFFramework
safiap.framework.ACTION_START_DOWNLOAD
safiap.framework.ACTION_CHECK_UPDATE

com.unicom.wostore.unipay.paysecurity.SecurityServiceFramework

com.ezjoynetwork.icecrushchina.qihu.unicom.wostore.unipay.securityserviceframework

com.qihoo.psdk.remote.QRemoteService

com.qihoo.psdk.service.action.remote

com.qihoo.psdk.local.QLocalService

com.qihoo.psdk.service.action.local
unicom_resource.dat
.apk android

com.unicom.resourcepro

Android Permissions

4a846be7acb92e6c7541b56910b8e769_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WAKE_LOCK

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.GET_ACCOUNTS

android.permission.SEND_SMS

android.permission.READ_CONTACTS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.DISABLE_KEYGUARD

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_SMS

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.GET_TASKS

android.permission.READ_EXTERNAL_STORAGE

android.permission.RECEIVE_SMS

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.RESTART_PACKAGES

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.VIBRATE

Sharing

General

Malware Config

Signatures

Files

com.ezjoynetwork.icecrushchina.qihu

.GameApp

Activities

.GameApp

mm.purchasesdk.iapservice.BillingLayoutActivity

safiap.framework.ui.UpdateHintActivity

cn.cmgame.billing.api.GameOpenActivity

Permissions

Receivers

safiap.framework.CheckUpdateReceiver

cn.play.dserv.DsReceiver

com.ezjoynetwork.service.BootCompleteReceiver

com.qihoo.psdk.local.QBootReceiver

Services

mm.purchasesdk.iapservice.PurchaseService

safiap.framework.SafFrameworkManager

com.unicom.wostore.unipay.paysecurity.SecurityServiceFramework

com.qihoo.psdk.remote.QRemoteService

com.qihoo.psdk.local.QLocalService

com.unicom.resourcepro

Android Permissions

4a846be7acb92e6c7541b56910b8e769_JaffaCakes118