6a572658b27226d40240990c72d8ee7b_JaffaCakes118

General

Target

6a572658b27226d40240990c72d8ee7b_JaffaCakes118
Size

5.6MB
MD5

6a572658b27226d40240990c72d8ee7b
SHA1

4256a5ab19859090728f0e4356ad00089e599aad
SHA256

5689671d166dfb4859b1b9cc02d7af2f3dc6ace98f564a53993f9a2789a4c4a0
SHA512

9af82856352cec6b2576f475fed926e780f5910395e3f06555ca48457555882b317dda1d171458e63870a79277083adcf61a394cf408531090c423d359d1d65b
SSDEEP

98304:GmhUGP+HiqMqE+xZR3mrAf0qUoS03IiTypyVO2Dd+sFqjn:GMqQAzQAzUoSbkypyVOein

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

Processes:

description	ioc
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Files

6a572658b27226d40240990c72d8ee7b_JaffaCakes118
.apk android

com.google.android.gsf.login

AccountIntroActivity

Activities

AccountIntroActivity

com.google.android.accounts.AccountIntro
android.intent.action.MAIN

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.BACKUP
android.permission.BROADCAST_STICKY
android.permission.CHANGE_COMPONENT_ENABLED_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.DUMP
android.permission.GET_ACCOUNTS
android.permission.INTERNET
android.permission.MANAGE_ACCOUNTS
android.permission.PERSISTENT_ACTIVITY
android.permission.READ_CONTACTS
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.READ_PROFILE
android.permission.READ_SYNC_SETTINGS
android.permission.READ_SYNC_STATS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SUBSCRIBED_FEEDS_READ
android.permission.SUBSCRIBED_FEEDS_WRITE
android.permission.USE_CREDENTIALS
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.WRITE_CONTACTS
android.permission.WRITE_PROFILE
android.permission.WRITE_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
com.android.vending.INTENT_VENDING_ONLY
com.google.android.googleapps.permission.ACCESS_GOOGLE_PASSWORD
com.google.android.googleapps.permission.GOOGLE_AUTH
com.google.android.googleapps.permission.GOOGLE_AUTH.ALL_SERVICES
com.google.android.googleapps.permission.GOOGLE_AUTH.YouTubeUser
com.google.android.googleapps.permission.GOOGLE_AUTH.mail
com.google.android.googleapps.permission.GOOGLE_AUTH.youtube
com.google.android.googleapps.permission.GOOGLE_MAIL_SWITCH
com.google.android.gtalkservice.permission.GTALK_SERVICE
com.google.android.gtalkservice.permission.SEND_HEARTBEAT
com.google.android.permission.BROADCAST_DATA_MESSAGE
com.google.android.providers.gsf.permission.READ_GSERVICES
com.google.android.providers.settings.permission.READ_GSETTINGS
com.google.android.providers.settings.permission.WRITE_GSETTINGS
com.google.android.providers.talk.permission.READ_ONLY
com.google.android.providers.talk.permission.WRITE_ONLY
com.android.vending.billing.BILLING_ACCOUNT_SERVICE
com.android.vending.billing.ADD_CREDIT_CARD
com.android.vending.billing.IBillingAccountService.BIND2
com.android.vending.TOS_ACKED
com.android.chrome.TOS_ACKED

Receivers

com.google.android.gsf.login.DevicePolicyActivatedReceiver

com.google.android.apps.enterprise.dmagent.AUTO_REGISTRATION_FINISHED

Services

com.google.android.gsf.loginservice.GoogleLoginService

android.accounts.AccountAuthenticator
com.google.android.gsf.action.GET_GLS

6a572658b27226d40240990c72d8ee7b_JaffaCakes118

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.BACKUP

android.permission.BROADCAST_STICKY

android.permission.CHANGE_COMPONENT_ENABLED_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.DUMP

android.permission.GET_ACCOUNTS

android.permission.INTERNET

android.permission.MANAGE_ACCOUNTS

android.permission.PERSISTENT_ACTIVITY

android.permission.READ_CONTACTS

android.permission.READ_LOGS

android.permission.READ_PHONE_STATE

android.permission.READ_PROFILE

android.permission.READ_SYNC_SETTINGS

android.permission.READ_SYNC_STATS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.SUBSCRIBED_FEEDS_READ

android.permission.SUBSCRIBED_FEEDS_WRITE

android.permission.USE_CREDENTIALS

android.permission.VIBRATE

android.permission.WAKE_LOCK

android.permission.WRITE_CONTACTS

android.permission.WRITE_PROFILE

android.permission.WRITE_SETTINGS

android.permission.WRITE_SYNC_SETTINGS

com.android.vending.INTENT_VENDING_ONLY

com.google.android.googleapps.permission.ACCESS_GOOGLE_PASSWORD

com.google.android.googleapps.permission.GOOGLE_AUTH

com.google.android.googleapps.permission.GOOGLE_AUTH.ALL_SERVICES

com.google.android.googleapps.permission.GOOGLE_AUTH.YouTubeUser

com.google.android.googleapps.permission.GOOGLE_AUTH.mail

com.google.android.googleapps.permission.GOOGLE_AUTH.youtube

com.google.android.googleapps.permission.GOOGLE_MAIL_SWITCH

com.google.android.gtalkservice.permission.GTALK_SERVICE

com.google.android.gtalkservice.permission.SEND_HEARTBEAT

com.google.android.permission.BROADCAST_DATA_MESSAGE

com.google.android.providers.gsf.permission.READ_GSERVICES

com.google.android.providers.settings.permission.READ_GSETTINGS

com.google.android.providers.settings.permission.WRITE_GSETTINGS

com.google.android.providers.talk.permission.READ_ONLY

com.google.android.providers.talk.permission.WRITE_ONLY

com.android.vending.billing.BILLING_ACCOUNT_SERVICE

com.android.vending.billing.ADD_CREDIT_CARD

com.android.vending.billing.IBillingAccountService.BIND2

com.android.vending.TOS_ACKED

com.android.chrome.TOS_ACKED

Sharing

General

Malware Config

Signatures

Files

com.google.android.gsf.login

AccountIntroActivity

Activities

AccountIntroActivity

Permissions

Receivers

com.google.android.gsf.login.DevicePolicyActivatedReceiver

Services

com.google.android.gsf.loginservice.GoogleLoginService

Android Permissions

6a572658b27226d40240990c72d8ee7b_JaffaCakes118