503d51c4ee816c43168a4ca15212c164_JaffaCakes118

General

Target

503d51c4ee816c43168a4ca15212c164_JaffaCakes118
Size

11.0MB
MD5

503d51c4ee816c43168a4ca15212c164
SHA1

c155ab8e82bc5687a7498405cf0f269a718b9fea
SHA256

e7cbc970ec865cbff06b0c7ca5f24ca127489be2e17b1383904299c5e96a8151
SHA512

358e7087885921b8a8c28fd2b5b2acc3af9c4273c2ae5c82b11eca3af2f0a27337e9d367a92b6669ad58e1d8579a645025a2a19b8cc464bceac0f1fdfda789e9
SSDEEP

196608:hlOn+TTChMiXL+C4qj024CiDayXYIluM94rt9cGOLT4J:Gn+TTgdXiCTQpCZyXY04LcGkTS

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to record audio.	android.permission.RECORD_AUDIO

Files

503d51c4ee816c43168a4ca15212c164_JaffaCakes118
.apk android arch:arm arch:mips arch:x86

com.mhealth37.BloodPressure

com.mhealth37.butler.bloodpressure.activity.LogoActivity

Activities

com.mhealth37.butler.bloodpressure.activity.LogoActivity

android.intent.action.MAIN

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.mhealth37.butler.bloodpressure.alarm.HandleSetAlarm

android.intent.action.SET_ALARM

com.hanyou.leyusdk.HelloWebView

com.hanyou.leyusdk.HelloWebView

Permissions

android.webkit.permission.PLUGIN
android.permission.CHANGE_NETWORK_STATE
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_MOCK_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CAMERA
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.GET_TASKS
com.mhealth37.BloodPressure.permission.MIPUSH_RECEIVE

Receivers

com.mhealth37.butler.bloodpressure.service.MessageReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.ERROR

com.xiaomi.push.service.receivers.NetworkStatusReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.xiaomi.push.service.receivers.PingReceiver

com.xiaomi.push.PING_TIMER

com.mhealth37.butler.bloodpressure.alarm.AlarmReceiver

com.mhealth37.BloodPressure.ALARM_ALERT
alarm_killed
cancel_snooze

com.mhealth37.butler.bloodpressure.alarm.AlarmInitReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED
android.intent.action.LOCALE_CHANGED

com.mhealth37.butler.bloodpressure.service.BootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT
android.media.RINGER_MODE_CHANGED

Services

com.mhealth37.butler.bloodpressure.alarm.AlarmKlaxon

com.mhealth37.BloodPressure.ALARM_ALERT

Android Permissions

503d51c4ee816c43168a4ca15212c164_JaffaCakes118

Permissions

android.webkit.permission.PLUGIN

android.permission.CHANGE_NETWORK_STATE

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_MOCK_LOCATION

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.CAMERA

android.permission.READ_LOGS

android.permission.READ_PHONE_STATE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.VIBRATE

android.permission.WAKE_LOCK

android.permission.GET_TASKS

android.permission.RECORD_AUDIO

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.GET_TASKS

com.mhealth37.BloodPressure.permission.MIPUSH_RECEIVE

Sharing

General

Malware Config

Signatures

Files

com.mhealth37.BloodPressure

com.mhealth37.butler.bloodpressure.activity.LogoActivity

Activities

com.mhealth37.butler.bloodpressure.activity.LogoActivity

com.tencent.tauth.AuthActivity

com.mhealth37.butler.bloodpressure.alarm.HandleSetAlarm

com.hanyou.leyusdk.HelloWebView

Permissions

Receivers

com.mhealth37.butler.bloodpressure.service.MessageReceiver

com.xiaomi.push.service.receivers.NetworkStatusReceiver

com.xiaomi.push.service.receivers.PingReceiver

com.mhealth37.butler.bloodpressure.alarm.AlarmReceiver

com.mhealth37.butler.bloodpressure.alarm.AlarmInitReceiver

com.mhealth37.butler.bloodpressure.service.BootReceiver

Services

com.mhealth37.butler.bloodpressure.alarm.AlarmKlaxon

Android Permissions

503d51c4ee816c43168a4ca15212c164_JaffaCakes118