5f378d502a32ec33363318a366847ad3_JaffaCakes118

General

Target

5f378d502a32ec33363318a366847ad3_JaffaCakes118
Size

3.5MB
MD5

5f378d502a32ec33363318a366847ad3
SHA1

caf22040498552d2c0e74c19bdca63d6e4fd9954
SHA256

73cdf6583d5d8223a074c20180936d7b192eb5b0777a07a9ef8039741936cf22
SHA512

d88f50d19c783d99e79f78c7ac8d959ddf8e8698e7410684e110e2ddeed21331d09248885e766f3dc84685d3bc20bb6d7b29b5b2e1091a9c86b0711d3f1c8bc7
SSDEEP

98304:97IdbtPWntwTKq7OElIDdUqgjBTbqUXQvISF:97I/et6lIDHCtugs

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 8 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

5f378d502a32ec33363318a366847ad3_JaffaCakes118
.apk android arch:arm arch:x86

lf.example.wubi

lf.ad.splash.adSplashActivity

Activities

lf.ad.splash.adSplashActivity

android.intent.action.MAIN

com.baidu.xshield.XshieldActivity

com.baidu.action.Xshield.VIEW

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.DISABLE_KEYGUARD
android.permission.CHANGE_WIFI_STATE
android.permission.RECORD_AUDIO
android.permission.CAMERA
android.permission.ACCESS_FINE_LOCATION
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.BROADCAST_STICKY
android.permission.READ_EXTERNAL_STORAGE
android.permission.BLUETOOTH
android.permission.READ_SETTINGS
android.permission.GET_TASKS
android.permission.READ_LOGS

Receivers

com.baidu.xshield.XshieldReceiver

com.baidu.action.Xshield.VIEW
android.intent.action.BOOT_COMPLETED

Services

com.baidu.xshield.XshieldService

com.baidu.action.Xshield.VIEW
gdtadv2.jar
.apk android

Android Permissions

5f378d502a32ec33363318a366847ad3_JaffaCakes118

Permissions

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_WIFI_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_SETTINGS

android.permission.VIBRATE

android.permission.DISABLE_KEYGUARD

android.permission.CHANGE_WIFI_STATE

android.permission.RECORD_AUDIO

android.permission.CAMERA

android.permission.ACCESS_FINE_LOCATION

com.android.browser.permission.READ_HISTORY_BOOKMARKS

android.permission.ACCESS_DOWNLOAD_MANAGER

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.BROADCAST_STICKY

android.permission.READ_EXTERNAL_STORAGE

android.permission.BLUETOOTH

android.permission.READ_SETTINGS

android.permission.GET_TASKS

android.permission.READ_LOGS

Sharing

General

Malware Config

Signatures

Files

lf.example.wubi

lf.ad.splash.adSplashActivity

Activities

lf.ad.splash.adSplashActivity

com.baidu.xshield.XshieldActivity

Permissions

Receivers

com.baidu.xshield.XshieldReceiver

Services

com.baidu.xshield.XshieldService

Android Permissions

5f378d502a32ec33363318a366847ad3_JaffaCakes118