4faaf0055f146a3fd4c5a3fecd04c43b_JaffaCakes118

General

Target

4faaf0055f146a3fd4c5a3fecd04c43b_JaffaCakes118
Size

22.1MB
MD5

4faaf0055f146a3fd4c5a3fecd04c43b
SHA1

26693cc55a6709c1f0552b11113768b9cde9308a
SHA256

89349bb583e7f1fec57cd1302fb77e9ec511a973ad678f793d817c38b81fa173
SHA512

01b35de39689cbc362314b5b6f447a321ae74d1551c7636ef9af7bc3981ab0110faf69bc2701017a998bb1194540b996b487b352484a3bebf63cb209a4cffddb
SSDEEP

393216:ymxX7Et2Es6vN0aIstbHniT6o6F6NqaM31udvnQSx8c9SvuOt94Vg5Oafd71BUzK:7xX7EtA6vdeY4Ng1Etx8qVgAQt1BU8x

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 8 IoCs

description	ioc
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether.	android.permission.PROCESS_OUTGOING_CALLS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

4faaf0055f146a3fd4c5a3fecd04c43b_JaffaCakes118
.apk android arch:arm arch:x86

com.gonlan.iplaymtg

com.gonlan.iplaymtg.common.StartActivity

Activities

com.gonlan.iplaymtg.common.StartActivity

android.intent.action.MAIN

com.gonlan.iplaymtg.news.ArticleActivity1

android.intent.action.VIEW

com.gonlan.iplaymtg.common.IntermediateActivity

android.intent.action.VIEW

com.gonlan.iplaymtg.bbs.activity.BBSPostListActivity

android.intent.action.VIEW

com.gonlan.iplaymtg.shop.ShopDetailActivity

android.intent.action.VIEW

com.gonlan.iplaymtg.cardtools.common.DeckActivity

android.intent.action.VIEW

com.mob.tools.MobUIShell

android.intent.action.VIEW
com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

cn.jpush.android.ui.PushActivity

cn.jpush.android.ui.PushActivity

Permissions

android.permission.WAKE_LOCK
android.permission.BLUETOOTH
com.gonlan.iplaymtg.permission.JPUSH_MESSAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.BROADCAST_STICKY
android.permission.CHANGE_WIFI_STATE
android.permission.DISABLE_KEYGUARD
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.GET_TASKS
android.permission.GET_ACCOUNTS
android.permission.INTERNET
android.permission.MANAGE_ACCOUNTS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_USER_PRESENT
android.permission.SYSTEM_ALERT_WINDOW
android.permission.VIBRATE
android.permission.WRITE_SETTINGS
android.permission.CHANGE_NETWORK_STATE
android.permission.MOUNT_FORMAT_FILESYSTEMS
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.CAMERA
android.permission.READ_PHONE_STATE
android.permission.PROCESS_OUTGOING_CALLS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE

Receivers

cn.jpush.android.service.PushReceiver

cn.jpush.android.intent.NOTIFICATION_RECEIVED_PROXY
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.gonlan.iplaymtg.common.push.JPushReceiver

cn.jpush.android.intent.REGISTRATION
cn.jpush.android.intent.UNREGISTRATION
cn.jpush.android.intent.MESSAGE_RECEIVED
cn.jpush.android.intent.NOTIFICATION_RECEIVED
cn.jpush.android.intent.NOTIFICATION_OPENED
cn.jpush.android.intent.ACTION_RICHPUSH_CALLBACK
cn.jpush.android.intent.CONNECTION

com.gonlan.iplaymtg.tool.NetworkStateReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.gzcpc.conn.CONNECTIVITY_CHANGE

com.gonlan.iplaymtg.news.radio.radio_receiver.MyPhoneStateReceiver

android.intent.action.PHONE_STATE
android.intent.action.NEW_OUTGOING_CALL

Services

cn.jpush.android.service.PushService

cn.jpush.android.intent.REGISTER
cn.jpush.android.intent.REPORT
cn.jpush.android.intent.PushService
cn.jpush.android.intent.PUSH_TIME

cn.jpush.android.service.DaemonService

cn.jpush.android.intent.DaemonService

Android Permissions

4faaf0055f146a3fd4c5a3fecd04c43b_JaffaCakes118

Permissions

android.permission.WAKE_LOCK

android.permission.BLUETOOTH

com.gonlan.iplaymtg.permission.JPUSH_MESSAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_DOWNLOAD_MANAGER

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.BROADCAST_STICKY

android.permission.CHANGE_WIFI_STATE

android.permission.DISABLE_KEYGUARD

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.GET_TASKS

android.permission.GET_ACCOUNTS

android.permission.INTERNET

android.permission.MANAGE_ACCOUNTS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.RECEIVE_USER_PRESENT

android.permission.SYSTEM_ALERT_WINDOW

android.permission.VIBRATE

android.permission.WRITE_SETTINGS

android.permission.CHANGE_NETWORK_STATE

android.permission.MOUNT_FORMAT_FILESYSTEMS

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.CAMERA

android.permission.READ_PHONE_STATE

android.permission.PROCESS_OUTGOING_CALLS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

Sharing

General

Malware Config

Signatures

Files

com.gonlan.iplaymtg

com.gonlan.iplaymtg.common.StartActivity

Activities

com.gonlan.iplaymtg.common.StartActivity

com.gonlan.iplaymtg.news.ArticleActivity1

com.gonlan.iplaymtg.common.IntermediateActivity

com.gonlan.iplaymtg.bbs.activity.BBSPostListActivity

com.gonlan.iplaymtg.shop.ShopDetailActivity

com.gonlan.iplaymtg.cardtools.common.DeckActivity

com.mob.tools.MobUIShell

cn.jpush.android.ui.PushActivity

Permissions

Receivers

cn.jpush.android.service.PushReceiver

com.gonlan.iplaymtg.common.push.JPushReceiver

com.gonlan.iplaymtg.tool.NetworkStateReceiver

com.gonlan.iplaymtg.news.radio.radio_receiver.MyPhoneStateReceiver

Services

cn.jpush.android.service.PushService

cn.jpush.android.service.DaemonService

Android Permissions

4faaf0055f146a3fd4c5a3fecd04c43b_JaffaCakes118