6a3a8bc64204c4c3d95e814a7f72ac85_JaffaCakes118

General

Target

6a3a8bc64204c4c3d95e814a7f72ac85_JaffaCakes118
Size

10.0MB
MD5

6a3a8bc64204c4c3d95e814a7f72ac85
SHA1

59dbd4442ccfdf44ff54334b8afe7c142d7c4d97
SHA256

3a27c03db93c30ce802e18a0c781065019812ab5e00b4de407af68304f9bcba4
SHA512

26b4c37a8550b37e5c77a1e364accf375e983d7a2665d95ea2507a32eeaaa17dbb7056cc000a81ca2fc441260332b44c8ec4dfe54814efc92a6baece5e8dace0
SSDEEP

196608:FbatedVTtYVTCpe6xtGv4CXo3dweNDKxZ2MYl93Ql4CN:4teXtMTb6CvmWeNDeZsgl4CN

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 3 IoCs

Processes:

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to send SMS messages.	android.permission.SEND_SMS

Files

6a3a8bc64204c4c3d95e814a7f72ac85_JaffaCakes118
.apk android arch:arm

com.wangwango.rockwar

.RockWar

Activities

.RockWar

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.SEND_SMS
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_APN_SETTINGS

Receivers

com.bx.pay.SmsListener

android.provider.Telephony.SMS_RECEIVED

Services
UPPayPluginEx.apk
.apk android arch:arm

com.unionpay.uppay

com.unionpay.uppay.PayActivity

Activities

com.unionpay.uppay.PayActivity

android.intent.action.Run

com.unionpay.uppay.PayActivityEx

android.intent.action.Run
android.intent.action.VIEW

Permissions

android.webkit.permission.PLUGIN
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
com.tencent.mtt.extension.Player

Services

com.UCMobile.PayPlugin.PayPluginService

android.webkit.PLUGIN
alipay_plugin_20120428msp.apk
.apk android

com.alipay.android.app

.Cashier

Activities

.Cashier

android.intent.action.MAIN

.Alerter

android.intent.action.MAIN

.Welcome

android.intent.action.MAIN

.Updater

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.SEND_SMS
android.permission.ACCESS_COARSE_LOCATION
com.aliyun.xiaoyunmi.alipay

Receivers

.AlixReceiver

com.aliyun.xiaoyunmi.alipay_exit

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

6a3a8bc64204c4c3d95e814a7f72ac85_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.SEND_SMS

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_APN_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.wangwango.rockwar

.RockWar

Activities

.RockWar

Permissions

Receivers

com.bx.pay.SmsListener

Services

com.unionpay.uppay

com.unionpay.uppay.PayActivity

Activities

com.unionpay.uppay.PayActivity

com.unionpay.uppay.PayActivityEx

Permissions

Services

com.UCMobile.PayPlugin.PayPluginService

com.alipay.android.app

.Cashier

Activities

.Cashier

.Alerter

.Welcome

.Updater

Permissions

Receivers

.AlixReceiver

Services

.AlixService

Android Permissions

6a3a8bc64204c4c3d95e814a7f72ac85_JaffaCakes118