66757a09f84227a99bfa431038d7af22_JaffaCakes118

General

Target

66757a09f84227a99bfa431038d7af22_JaffaCakes118
Size

30.6MB
MD5

66757a09f84227a99bfa431038d7af22
SHA1

ee503c1c80fb33d3291e7967a41ba1b63530b127
SHA256

2a4e47ae7a56820f48e7e850ffb97d903dccc85f2147173193f331c3cd5d08f3
SHA512

009e39530733fbe2c215cda4290f2888c0608a1248b5198804f1f914890a2bc9e63282da5aa1904504e97e56919ebb75b4d7c5108d0d5f7739e3b688060385ef
SSDEEP

786432:B84Y5zEeOrRzuQIVf3B0z9rHFn3+YypD0h+tUL:e4YtBOrRtmMrHB+JpIw4

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

66757a09f84227a99bfa431038d7af22_JaffaCakes118
.apk android arch:arm64 arch:arm arch:mips arch:x86 arch:x64

mobi.infolife.ezweather.widget.weather.location.app.pro

mobi.info.ezweather.mahawidget.activity.WeatherMainActivity

Activities

mobi.info.ezweather.mahawidget.activity.WeatherMainActivity

android.intent.action.MAIN
com.amber.lib.locker.start.main
com.amber.lib.widget.click.rootview
com.amber.lib.basewidget.notification.start.main
com.amber.lib.newspush.start.main

com.amber.lib.basewidget.otheractivity.settings.SettingsActivity

com.amber.lib.locker.start.setting

com.amber.lib.widget.store.ui.store.AmberWidgetStoreActivity

com.amber.lib.widget.start.store

com.amber.lib.store.activity.WidgetStoreActivity

com.amber.lib.widget.start.store

com.amber.lib.widget.AddWidgetSuccessActivity

android.appwidget.action.APPWIDGET_CONFIGURE

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.WAKE_LOCK
android.permission.SYSTEM_ALERT_WINDOW
android.permission.SET_WALLPAPER
android.permission.RECEIVE_BOOT_COMPLETED
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.google.android.c2dm.permission.RECEIVE

Receivers

com.amber.lib.basewidget.pop.receiver.NotificationEventReceiver

notification.action.weather_condition_click
notification.action.weather_condition_cancel
notification.action.temp_change_push_click
notification.action.aqi_click
notification.action.aqi_cancel

com.amber.lib.basewidget.lwp.receiver.PackageReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.MY_PACKAGE_REPLACED

com.amber.lib.store.receiver.ApplyStoreWidgetReceiver

store.apply.widget

com.amber.lib.widget.WidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
android.appwidget.action.APPWIDGET_DELETED
android.appwidget.action.APPWIDGET_UPDATE_OPTIONS
android.appwidget.action.APPWIDGET_DISABLED
android.appwidget.action.APPWIDGET_RESTORED

com.amber.lib.widget.render.WidgetActionReceiver

widget.action.apply_for_amber
widget.action.download_amber
widget.action.more_skin

com.amber.lib.applive.assist.BootCompletedReceiver

android.intent.action.BOOT_COMPLETED

com.amber.lib.applive.assist.receiver.OtherReceiver

android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.TIME_TICK

com.amber.lib.appuser.ReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.amber.lib.weatherdata.core.SDKSyncBroadcastReceiver

com.amber.lib.weatherdata.sync.Data
com.amber.lib.weatherdata.sync.WeatherUnit
com.amber.lib.weatherdata.sync.SDKConfig

com.amber.lib.weatherdata.core.SDKInstallBroadcastReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_REMOVED

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

com.facebook.sdk.ACTION_CURRENT_ACCESS_TOKEN_CHANGED

Services

com.amber.lib.applive.assist.gcm.PlatformGcmService

com.google.android.gms.gcm.ACTION_TASK_READY

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

Android Permissions

66757a09f84227a99bfa431038d7af22_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.WAKE_LOCK

android.permission.SYSTEM_ALERT_WINDOW

android.permission.SET_WALLPAPER

android.permission.RECEIVE_BOOT_COMPLETED

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

com.google.android.c2dm.permission.RECEIVE

Sharing

General

Malware Config

Signatures

Files

mobi.infolife.ezweather.widget.weather.location.app.pro

mobi.info.ezweather.mahawidget.activity.WeatherMainActivity

Activities

mobi.info.ezweather.mahawidget.activity.WeatherMainActivity

com.amber.lib.basewidget.otheractivity.settings.SettingsActivity

com.amber.lib.widget.store.ui.store.AmberWidgetStoreActivity

com.amber.lib.store.activity.WidgetStoreActivity

com.amber.lib.widget.AddWidgetSuccessActivity

Permissions

Receivers

com.amber.lib.basewidget.pop.receiver.NotificationEventReceiver

com.amber.lib.basewidget.lwp.receiver.PackageReceiver

com.amber.lib.store.receiver.ApplyStoreWidgetReceiver

com.amber.lib.widget.WidgetProvider

com.amber.lib.widget.render.WidgetActionReceiver

com.amber.lib.applive.assist.BootCompletedReceiver

com.amber.lib.applive.assist.receiver.OtherReceiver

com.amber.lib.appuser.ReferrerReceiver

com.amber.lib.weatherdata.core.SDKSyncBroadcastReceiver

com.amber.lib.weatherdata.core.SDKInstallBroadcastReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.facebook.CurrentAccessTokenExpirationBroadcastReceiver

Services

com.amber.lib.applive.assist.gcm.PlatformGcmService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.iid.FirebaseInstanceIdService

Android Permissions

66757a09f84227a99bfa431038d7af22_JaffaCakes118