659f8f7a0498c09013193487234f46c5_JaffaCakes118

General

Target

659f8f7a0498c09013193487234f46c5_JaffaCakes118
Size

23.4MB
MD5

659f8f7a0498c09013193487234f46c5
SHA1

4afaf516950db402926edd25e67a8036ab93b5e7
SHA256

20b72af93d1d5212072daf7cbcb2c40426de4f91206a2a828713dcaf2ca37bdd
SHA512

11a14d942d3a7ce3a78d50efa207255e7bde50f7713ee4eebf27b2e80f6be80f33ae5f520b84fb0ae206a72f38bac0abcec8f22de7be4674bc4143d631bcaa3b
SSDEEP

393216:vitdOIqNXNYfKqxQYFysQRrOjXqGD+eaSizw90VV/krGFKYfi4i8BQPSQUF9wCY:UXjL/IRiaGD6VzwmV5yGFKYK4ipkZY

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 11 IoCs

Processes:

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Files

659f8f7a0498c09013193487234f46c5_JaffaCakes118
.apk android arch:arm

com.baidu.baidutranslate

.activity.MainActivity

Activities

.activity.MainActivity

android.intent.action.VIEW
android.intent.action.MAIN
com.baidu.baidutranslate.action.TranslateAction
android.intent.action.VIEW

.activity.ConversationActivity

android.intent.action.VIEW

.activity.PictureTranslateActivity

android.intent.action.VIEW

.activity.QuickSearchActivity

android.intent.action.VIEW

.activity.SentenceActivity

android.intent.action.VIEW

.activity.IOCFragmentActivity

android.intent.action.VIEW

com.unionpay.uppay.PayActivity

android.intent.action.Run

com.baidu.cloudsdk.social.share.handler.QQFriendShareReceiverActivity

android.intent.action.VIEW

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.BLUETOOTH
android.permission.CAMERA
android.permission.FLASHLIGHT
android.permission.INTERNET
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.RECORD_AUDIO
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.USE_CREDENTIALS
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.hardware.sensor.accelerometer
com.baidu.permission.SHARE

Receivers

com.baidu.sapi2.share.ShareReceiver

baidu.intent.action.SHARE_V6

Services

.aidl.TranslateService

com.baidu.baidutranslate.action.AidlTranslateAction

com.baidu.sapi2.share.ShareService

baidu.intent.action.account.SHARE_SERVICE
__pasys_remote_banner.jar
.apk android

Android Permissions

659f8f7a0498c09013193487234f46c5_JaffaCakes118

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.BLUETOOTH

android.permission.CAMERA

android.permission.FLASHLIGHT

android.permission.INTERNET

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_EXTERNAL_STORAGE

android.permission.READ_LOGS

android.permission.READ_PHONE_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.RECORD_AUDIO

android.permission.RECEIVE_SMS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.USE_CREDENTIALS

android.permission.VIBRATE

android.permission.WAKE_LOCK

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

android.hardware.sensor.accelerometer

com.baidu.permission.SHARE

Sharing

General

Malware Config

Signatures

Files

com.baidu.baidutranslate

.activity.MainActivity

Activities

.activity.MainActivity

.activity.ConversationActivity

.activity.PictureTranslateActivity

.activity.QuickSearchActivity

.activity.SentenceActivity

.activity.IOCFragmentActivity

com.unionpay.uppay.PayActivity

com.baidu.cloudsdk.social.share.handler.QQFriendShareReceiverActivity

Permissions

Receivers

com.baidu.sapi2.share.ShareReceiver

Services

.aidl.TranslateService

com.baidu.sapi2.share.ShareService

Android Permissions

659f8f7a0498c09013193487234f46c5_JaffaCakes118