6b2bd00a825c4a4d980f5008c20df656_JaffaCakes118

General

Target

6b2bd00a825c4a4d980f5008c20df656_JaffaCakes118
Size

30.3MB
MD5

6b2bd00a825c4a4d980f5008c20df656
SHA1

a2fa11989364a2be0746acb034b7a22c7f3beec0
SHA256

20ec0caddfb8f926e7d53b950c77dfd630c4405e529e52868ddcd0a263ca41d4
SHA512

02545a874813f01218207fd6dcd55a613ad13d32f81c9193ab2f5721dbbe38c3b8a5e5b49fb60efdbdc7b5569464362f040831e2b6c5a1fab89db4dcbe23c0d2
SSDEEP

786432:/Y7geeus9B2/kjtmTbKAU60Js0uHD/IPUK/rXWYrdK:CJsj2/kjtmHKh6iDuj/iU21dK

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 19 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES

Files

6b2bd00a825c4a4d980f5008c20df656_JaffaCakes118
.apk android arch:arm arch:mips arch:x86

com.dykj.wishshare

com.stkj.f4c.ui.guide.LaunchActivity

Activities

com.stkj.f4c.ui.guide.LaunchActivity

android.intent.action.MAIN

com.stkj.f4c.ui.home.HomeActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.stkj.f4c.presenter.me.FakeActivity

android.intent.action.VIEW

com.tencent.smtt.sdk.VideoActivity

com.tencent.smtt.tbs.video.PLAY

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECEIVE_USER_PRESENT
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.CAMERA
android.permission.PACKAGE_USAGE_STATS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.DISABLE_KEYGUARD
android.permission.GET_TASKS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.CAMERA
android.permission.VIBRATE
android.permission.RECORD_AUDIO
android.permission.WAKE_LOCK
com.huawei.android.launcher.permission.CHANGE_BADGE
cn.rongcloud.im.permission.MIPUSH_RECEIVE
cn.rongcloud.im.permission.C2D_MESSAGE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.REQUEST_INSTALL_PACKAGES
com.meizu.flyme.push.permission.RECEIVE
cn.rongcloud.im.push.permission.MESSAGE
com.meizu.c2dm.permission.RECEIVE
android.permission.CHANGE_WIFI_STATE
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.RESTART_PACKAGES
android.permission.CHANGE_NETWORK_STATE
android.permission.MODIFY_AUDIO_SETTINGS

Receivers

com.stkj.f4c.processor.keeplive.WakeUpReceiver

android.intent.action.USER_PRESENT
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
com.xdandroid.hellodaemon.CANCEL_JOB_ALARM_SUB

com.stkj.f4c.processor.keeplive.WakeUpReceiver$WakeUpAutoStartReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.stkj.f4c.push.PushNotifyBrocastRecive

com.stkj.push.recive

com.stkj.f4c.push.SessionNotifyBrocastReceive

com.stkj.session.receive

com.stkj.f4c.push.RongPushMessageReceive

io.rong.push.intent.MESSAGE_ARRIVED
io.rong.push.intent.MI_MESSAGE_ARRIVED
io.rong.push.intent.MESSAGE_CLICKED
io.rong.push.intent.MI_MESSAGE_CLICKED
io.rong.push.intent.THIRD_PARTY_PUSH_STATE

com.xiaomi.push.service.receivers.NetworkStatusReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.xiaomi.push.service.receivers.PingReceiver

com.xiaomi.push.PING_TIMER

io.rong.push.platform.MiMessageReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.MESSAGE_ARRIVED
com.xiaomi.mipush.ERROR

io.rong.push.platform.HMSReceiver

com.huawei.android.push.intent.REGISTRATION
com.huawei.android.push.intent.RECEIVE
com.huawei.android.push.intent.CLICK
com.huawei.intent.action.PUSH_STATE

com.huawei.hms.support.api.push.PushEventReceiver

com.huawei.intent.action.PUSH

io.rong.push.platform.MeiZuReceiver

com.meizu.flyme.push.intent.MESSAGE
com.meizu.flyme.push.intent.REGISTER.FEEDBACK
com.meizu.flyme.push.intent.UNREGISTER.FEEDBACK
com.meizu.c2dm.intent.REGISTRATION
com.meizu.c2dm.intent.RECEIVE

com.taobao.accs.EventReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.taobao.accs.ServiceReceiver

com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO

com.taobao.agoo.AgooCommondReceiver

com.dykj.wishshare.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED

io.rong.push.PushReceiver

io.rong.push.intent.action.HEART_BEAT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

Services

io.rong.push.platform.RongFirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

io.rong.push.platform.RongFirebaseInstanceIDService

com.google.firebase.INSTANCE_ID_EVENT

com.taobao.accs.ChannelService

com.taobao.accs.intent.action.SERVICE
com.taobao.accs.intent.action.ELECTION

com.taobao.accs.data.MsgDistributeService

com.taobao.accs.intent.action.RECEIVE

org.android.agoo.accs.AgooService

com.taobao.accs.intent.action.RECEIVE

com.umeng.message.UmengIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.XiaomiIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.UmengMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.messge.registercallback.action
com.umeng.message.enablecallback.action
com.umeng.message.disablecallback.action
com.umeng.message.message.handler.action
com.umeng.message.message.sendmessage.action

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

com.ss.android.socialbase.downloader.remote
gdtadv2.jar
.apk android arch:arm arch:arm64

Android Permissions

6b2bd00a825c4a4d980f5008c20df656_JaffaCakes118

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.ACCESS_FINE_LOCATION

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.SEND_SMS

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.RECEIVE_SMS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.RECEIVE_USER_PRESENT

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.CAMERA

android.permission.PACKAGE_USAGE_STATS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.DISABLE_KEYGUARD

android.permission.GET_TASKS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.CAMERA

android.permission.VIBRATE

android.permission.RECORD_AUDIO

android.permission.WAKE_LOCK

com.huawei.android.launcher.permission.CHANGE_BADGE

cn.rongcloud.im.permission.MIPUSH_RECEIVE

cn.rongcloud.im.permission.C2D_MESSAGE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.REQUEST_INSTALL_PACKAGES

com.meizu.flyme.push.permission.RECEIVE

cn.rongcloud.im.push.permission.MESSAGE

com.meizu.c2dm.permission.RECEIVE

android.permission.CHANGE_WIFI_STATE

android.permission.BROADCAST_PACKAGE_ADDED

android.permission.BROADCAST_PACKAGE_CHANGED

android.permission.BROADCAST_PACKAGE_INSTALL

android.permission.BROADCAST_PACKAGE_REPLACED

android.permission.RESTART_PACKAGES

android.permission.CHANGE_NETWORK_STATE

android.permission.MODIFY_AUDIO_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.dykj.wishshare

com.stkj.f4c.ui.guide.LaunchActivity

Activities

com.stkj.f4c.ui.guide.LaunchActivity

com.stkj.f4c.ui.home.HomeActivity

com.tencent.tauth.AuthActivity

com.stkj.f4c.presenter.me.FakeActivity

com.tencent.smtt.sdk.VideoActivity

Permissions

Receivers

com.stkj.f4c.processor.keeplive.WakeUpReceiver

com.stkj.f4c.processor.keeplive.WakeUpReceiver$WakeUpAutoStartReceiver

com.stkj.f4c.push.PushNotifyBrocastRecive

com.stkj.f4c.push.SessionNotifyBrocastReceive

com.stkj.f4c.push.RongPushMessageReceive

com.xiaomi.push.service.receivers.NetworkStatusReceiver

com.xiaomi.push.service.receivers.PingReceiver

io.rong.push.platform.MiMessageReceiver

io.rong.push.platform.HMSReceiver

com.huawei.hms.support.api.push.PushEventReceiver

io.rong.push.platform.MeiZuReceiver

com.taobao.accs.EventReceiver

com.taobao.accs.ServiceReceiver

com.taobao.agoo.AgooCommondReceiver

io.rong.push.PushReceiver

Services

io.rong.push.platform.RongFirebaseMessagingService

io.rong.push.platform.RongFirebaseInstanceIDService

com.taobao.accs.ChannelService

com.taobao.accs.data.MsgDistributeService

org.android.agoo.accs.AgooService

com.umeng.message.UmengIntentService

com.umeng.message.XiaomiIntentService

com.umeng.message.UmengMessageIntentReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

Android Permissions

6b2bd00a825c4a4d980f5008c20df656_JaffaCakes118