61357d54d21cb90e6fa70dc2962c532b_JaffaCakes118

General

Target

61357d54d21cb90e6fa70dc2962c532b_JaffaCakes118
Size

7.3MB
MD5

61357d54d21cb90e6fa70dc2962c532b
SHA1

264303e22b8fb1c6e33f2a8deb3af4a110af39b7
SHA256

f570555f8b0761c947ac4d76e2f57ab6f9508a27ee72fc699107f9b9eaa26d6a
SHA512

599aef3480d6c47544c7949e64ea0fdfbefa97761dec3e96babcc504a7948d8605f6d71b8103a6d800d8f3f9aeff9f4ae70fedb6551986fd5258ed94ec42f130
SSDEEP

196608:31zeARHQ7+8Ei5OmQYkGl8WYfVyUmO0ISB1El+K:lzeE8DQRWY0q0I2y5

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
Required by remote views services to bind with the system. Allows apps to share and display views across different processes.	android.permission.BIND_REMOTEVIEWS

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

61357d54d21cb90e6fa70dc2962c532b_JaffaCakes118
.apk android arch:arm

com.xiongmao.notes

it.feio.android.omninotes.StartActivity

Activities

it.feio.android.omninotes.StartActivity

android.intent.action.MAIN

it.feio.android.omninotes.MainActivity

android.intent.action.SEARCH
com.google.android.gm.action.AUTO_SEND
android.intent.action.SEND
android.intent.action.SEND_MULTIPLE
android.intent.action.VIEW

it.feio.android.omninotes.ShortcutActivity

android.intent.action.CREATE_SHORTCUT

it.feio.android.omninotes.widget.WidgetConfigurationActivity

android.appwidget.action.APPWIDGET_CONFIGURE

Permissions

android.permission.INTERNET
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECORD_AUDIO
android.permission.READ_EXTERNAL_STORAGE
com.android.alarm.permission.SET_ALARM
com.google.android.apps.photos.permission.GOOGLE_PHOTOS
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
android.permission.MANAGE_DOCUMENTS
com.pushbullet.android.permission.READ_MESSAGING_EXTENSION_DATA
com.pushbullet.android.permission.SEND_MESSAGES
com.google.android.providers.gsf.permission.READ_GSERVICES
com.google.android.gms.permission.ACTIVITY_RECOGNITION
android.permission.WAKE_LOCK

Receivers

it.feio.android.omninotes.receiver.BootCompleteReceiver

android.intent.action.BOOT_COMPLETED

it.feio.android.omninotes.widget.SimpleWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE

it.feio.android.omninotes.widget.ListWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE

Services

it.feio.android.omninotes.services.NotificationListener

android.service.notification.NotificationListenerService

it.feio.android.omninotes.extensions.ONDashClockExtension

com.google.android.apps.dashclock.Extension

it.feio.android.omninotes.extensions.PushBulletExtension

com.pushbullet.android.extension.MessagingExtension

Android Permissions

61357d54d21cb90e6fa70dc2962c532b_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.VIBRATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.RECORD_AUDIO

android.permission.READ_EXTERNAL_STORAGE

com.android.alarm.permission.SET_ALARM

com.google.android.apps.photos.permission.GOOGLE_PHOTOS

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

android.permission.MANAGE_DOCUMENTS

com.pushbullet.android.permission.READ_MESSAGING_EXTENSION_DATA

com.pushbullet.android.permission.SEND_MESSAGES

com.google.android.providers.gsf.permission.READ_GSERVICES

com.google.android.gms.permission.ACTIVITY_RECOGNITION

android.permission.WAKE_LOCK

Sharing

General

Malware Config

Signatures

Files

com.xiongmao.notes

it.feio.android.omninotes.StartActivity

Activities

it.feio.android.omninotes.StartActivity

it.feio.android.omninotes.MainActivity

it.feio.android.omninotes.ShortcutActivity

it.feio.android.omninotes.widget.WidgetConfigurationActivity

Permissions

Receivers

it.feio.android.omninotes.receiver.BootCompleteReceiver

it.feio.android.omninotes.widget.SimpleWidgetProvider

it.feio.android.omninotes.widget.ListWidgetProvider

Services

it.feio.android.omninotes.services.NotificationListener

it.feio.android.omninotes.extensions.ONDashClockExtension

it.feio.android.omninotes.extensions.PushBulletExtension

Android Permissions

61357d54d21cb90e6fa70dc2962c532b_JaffaCakes118