630bb93f05905fe7fe63cd1625956bf2_JaffaCakes118

General

Target

630bb93f05905fe7fe63cd1625956bf2_JaffaCakes118
Size

20.0MB
MD5

630bb93f05905fe7fe63cd1625956bf2
SHA1

36bcfda7ca4b7a9fb684c4f17091735244200aa2
SHA256

1e68d2b6bb32ab1ecf7098e39aa5bf13f3fcd588f351878d35c51a85251ce73b
SHA512

db435662612f8e7ab205168ba82f3e5f2559370819ce62d9eda655f674067eb6605f5de357e41e35eec871ba46f3f1dadbad99f42e9c7331bfff77613a05e0b6
SSDEEP

393216:yf0Lrzoh+c5QhuOJqDD5jqs0NhkuxPPfBrUh872I+BEcRV9yEwWhPEj:Fsh+c6uOJuByzj1nBrUhI2pB/V9yEwWQ

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 16 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to record audio.	android.permission.RECORD_AUDIO

Files

630bb93f05905fe7fe63cd1625956bf2_JaffaCakes118
.apk android arch:arm

com.tahui.qjz

com.yj.zhuanqianbang.ui.activity.PermissionCheckActivity

Activities

com.yj.zhuanqianbang.ui.activity.PermissionCheckActivity

android.intent.action.MAIN

com.yj.zhuanqianbang.ui.activity.WeexActivity

android.intent.action.VIEW
com.alibaba.weex.protocol.openurl

cn.sharesdk.tencent.qq.ReceiveActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.REORDER_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.WAKE_LOCK
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.PACKAGE_USAGE_STATS
android.permission.BLUETOOTH
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.GET_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_UPDATES
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.READ_LOGS
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.RECEIVE_USER_PRESENT
android.Manifest.permission.INSTALL_PACKAGES
com.google.android.c2dm.permission.RECEIVE
android.permission.ACCESS_NOTIFICATION_POLICY
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
getui.permission.GetuiService.com.tahui.qjz
android.permission.CAMERA
android.permission.RECORD_AUDIO

Receivers

xcs.ert.jlj.CEW

android.intent.action.PACKAGE_ADDED

com.mx.lib.task.BroadcastManager

android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_ADDED
android.intent.action.ACTION_USER_PRESENT
android.intent.action.ACTION_PACKAGE_REMOVED
com.mx.send
android.net.wifi.STATE_CHANGE
android.net.conn.CONNECTIVITY_CHANGE

com.mdad.sdk.mduisdk.CompleteReceiver

android.intent.action.DOWNLOAD_COMPLETE
android.intent.action.DOWNLOAD_NOTIFICATION_CLICKED

com.igexin.sdk.PushReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
com.igexin.sdk.action.refreshls
android.intent.action.MEDIA_MOUNTED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.ticlock.BootUpReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_POWER_CONNECTED

com.ticlock.PackageInstallReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED

com.ticlock.AddJobCreatorReceiver

com.ticlock.com.evernote.android.job.ADD_JOB_CREATOR

com.ticlock.com.evernote.android.job.v14.PlatformAlarmReceiver

com.ticlock.com.evernote.android.job.v14.RUN_JOB
net.vrallev.android.job.v14.RUN_JOB

com.ticlock.com.evernote.android.job.JobBootReceiver

android.intent.action.BOOT_COMPLETED

Services

com.igexin.sdk.PushService

com.igexin.sdk.action.service.message

com.ticlock.com.evernote.android.job.gcm.PlatformGcmService

com.google.android.gms.gcm.ACTION_TASK_READY
bdxadsdk.jar
.apk android
demo3.jar
.apk android arch:arm

com.wx

com.tencent.xz.view.ShareActivity

Activities

com.tencent.xz.view.ShareActivity

android.intent.action.MAIN
com.wx

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.READ_LOGS
android.permission.CALL_PHONE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
gdtadv2.jar
.apk android arch:arm arch:arm64

Android Permissions

630bb93f05905fe7fe63cd1625956bf2_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.REORDER_TASKS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.WAKE_LOCK

android.permission.READ_SMS

android.permission.RECEIVE_SMS

android.permission.PACKAGE_USAGE_STATS

android.permission.BLUETOOTH

android.permission.READ_PHONE_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.GET_TASKS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_UPDATES

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.READ_LOGS

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.RECEIVE_USER_PRESENT

android.Manifest.permission.INSTALL_PACKAGES

com.google.android.c2dm.permission.RECEIVE

android.permission.ACCESS_NOTIFICATION_POLICY

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE

getui.permission.GetuiService.com.tahui.qjz

android.permission.CAMERA

android.permission.RECORD_AUDIO

Sharing

General

Malware Config

Signatures

Files

com.tahui.qjz

com.yj.zhuanqianbang.ui.activity.PermissionCheckActivity

Activities

com.yj.zhuanqianbang.ui.activity.PermissionCheckActivity

com.yj.zhuanqianbang.ui.activity.WeexActivity

cn.sharesdk.tencent.qq.ReceiveActivity

Permissions

Receivers

xcs.ert.jlj.CEW

com.mx.lib.task.BroadcastManager

com.mdad.sdk.mduisdk.CompleteReceiver

com.igexin.sdk.PushReceiver

com.ticlock.BootUpReceiver

com.ticlock.PackageInstallReceiver

com.ticlock.AddJobCreatorReceiver

com.ticlock.com.evernote.android.job.v14.PlatformAlarmReceiver

com.ticlock.com.evernote.android.job.JobBootReceiver

Services

com.igexin.sdk.PushService

com.ticlock.com.evernote.android.job.gcm.PlatformGcmService

com.wx

com.tencent.xz.view.ShareActivity

Activities

com.tencent.xz.view.ShareActivity

Permissions

Android Permissions

630bb93f05905fe7fe63cd1625956bf2_JaffaCakes118