5c2756176057188f2c86f42d673908b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5c2756176057188f2c86f42d673908b5_JaffaCakes118
Size

7.5MB
MD5

5c2756176057188f2c86f42d673908b5
SHA1

38130cd842528c30c84fca583b7ca7811f7d9448
SHA256

fe74387f448c46fc5854c5e86417f8f01abb17002709f239c7cc1a0b8e859686
SHA512

0083282f3c3b75c22e61974b06ea13b0a827d98ae9828f485148faab9c37c289a5c937feff6c5bb213ecb4f5486f14041775e3546dd172397495c9b78117461f
SSDEEP

196608:JjslEqRX6EBmlqI6F308r8Tf9vbRWBsc+Sk2HO:JjsaqRqhraEnfhRTc6N

Score

8^/10

upx

Malware Config

Signatures

Patched UPX-packed file 1 IoCs

Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

resource	yara_rule
sample	patched_upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Files

5c2756176057188f2c86f42d673908b5_JaffaCakes118
.apk android arch:arm

com.lovetv.lxlive

com.lovetv.ui.LiveUI

Activities

com.lovetv.ui.LiveUI

android.intent.action.MAIN

Permissions

android.permission.GET_TASKS
android.permission.INTERNET
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_COARSE_UPDATES
android.permission.SYSTEM_ALERT_WINDOW
android.permission.VIBRATE
android.permission.READ_LOGS
android.permission.ACCESS_FINE_LOCATION
android.permission.WRITE_SETTINGS

Services
LiveHelper.jar
.apk android
ad_adview.jar
.apk android
gdtadv2.jar
.apk android
parser.jar
.apk android
plugin.jar
.apk android

Android Permissions

5c2756176057188f2c86f42d673908b5_JaffaCakes118

Permissions

android.permission.GET_TASKS

android.permission.INTERNET

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_COARSE_UPDATES

android.permission.SYSTEM_ALERT_WINDOW

android.permission.VIBRATE

android.permission.READ_LOGS

android.permission.ACCESS_FINE_LOCATION

android.permission.WRITE_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.lovetv.lxlive

com.lovetv.ui.LiveUI

Activities

com.lovetv.ui.LiveUI

Permissions

Services

Android Permissions

5c2756176057188f2c86f42d673908b5_JaffaCakes118