679ca256a909c1fd7018f093a97eec0d_JaffaCakes118

General

Target

679ca256a909c1fd7018f093a97eec0d_JaffaCakes118
Size

8.9MB
MD5

679ca256a909c1fd7018f093a97eec0d
SHA1

effe6a98a2653ee35770247af2fdfe4e75c61e81
SHA256

018efbf2ed6517ddf37129c611500c72c61b604b0924e9d53cf4b35d8298db6e
SHA512

5b0742a81c6ef3731be462bd415f38e15c2848a61b9134f1538a286d10fafa273dfdab2c9774a1ad7710ce669cc9324d0f68628c1ad4a03d4f9cb853a2ccf996
SSDEEP

196608:kC7DOEYdNW24mghAxoYzLvLZRaBH5MwGbu2tO9AX4PP6H:kyJwNB8AxoYzLvL7aB6wGaqOpP6

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 3 IoCs

Processes:

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

679ca256a909c1fd7018f093a97eec0d_JaffaCakes118
.apk android arch:arm

com.crting.bloomytown

com.crting.sanlitun.sanLiTunActivity

Activities

com.crting.sanlitun.sanLiTunActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.SET_WALLPAPER
android.permission.VIBRATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.RESTART_PACKAGES
android.permission.GET_TASKS
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS

Receivers

com.crting.sanlitun.utility.bloomyTownReceiver

com.crting.sanlitun.sanLiTunActivity

com.mobile.app.utils.GESoftInspector

android.intent.action.PACKAGE_ADDED

Services
Alipay_msp_2.5.2_0426.apk
.apk android

com.alipay.android.app

.Cashier

Activities

.Cashier

android.intent.action.MAIN

.Alerter

android.intent.action.MAIN

.Welcome

android.intent.action.MAIN

.Updater

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.SEND_SMS
android.permission.ACCESS_COARSE_LOCATION
com.aliyun.xiaoyunmi.alipay

Receivers

.AlixReceiver

com.aliyun.xiaoyunmi.alipay_exit

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

679ca256a909c1fd7018f093a97eec0d_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.SET_WALLPAPER

android.permission.VIBRATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.RESTART_PACKAGES

android.permission.GET_TASKS

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.browser.permission.WRITE_HISTORY_BOOKMARKS

Sharing

General

Malware Config

Signatures

Files

com.crting.bloomytown

com.crting.sanlitun.sanLiTunActivity

Activities

com.crting.sanlitun.sanLiTunActivity

Permissions

Receivers

com.crting.sanlitun.utility.bloomyTownReceiver

com.mobile.app.utils.GESoftInspector

Services

com.alipay.android.app

.Cashier

Activities

.Cashier

.Alerter

.Welcome

.Updater

Permissions

Receivers

.AlixReceiver

Services

.AlixService

Android Permissions

679ca256a909c1fd7018f093a97eec0d_JaffaCakes118