6e4b32fd70af981e51d1dc019bc8e734_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6e4b32fd70af981e51d1dc019bc8e734_JaffaCakes118
Size

12.3MB
MD5

6e4b32fd70af981e51d1dc019bc8e734
SHA1

41a0cd3fe31110e3f5f95dfd495947eae8ccfaaa
SHA256

b584429c7909dd1a03eaec9caa71a3d9811481ea6ed8d0f016f0d0d73234c440
SHA512

b3318988ae28fb1d7b0b1c4458116b9e54ba0b871b7b167f2f69a2dec7ccd87f855e68f288a8887ddfc0ad37c92d864d0f514538bff2912f71903ff53c377ec6
SSDEEP

393216:20dlpS71B6PxvEdCsOtC4bBpMdT0slTKUTzcRRD:dSZB60FkCKBmJ0GTKNR

Score

6^/10

Malware Config

Signatures

Declares broadcast receivers with permission to handle system events 1 IoCs

Processes:

description	ioc
Required by device admin receivers to bind with the system. Allows apps to manage device administration features.	android.permission.BIND_DEVICE_ADMIN

Declares services with permission to bind to the system 3 IoCs

Processes:

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE

Requests dangerous framework permissions 10 IoCs

Processes:

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS

Files

6e4b32fd70af981e51d1dc019bc8e734_JaffaCakes118
.apk android arch:arm arch:x86

com.mobiletool.appstore

com.sogou.androidtool.SplashActivity

Activities

com.sogou.androidtool.SplashActivity

android.intent.action.MAIN
com.mobiletool.appstore.action.main

com.sogou.androidtool.activity.SdkRedirectActivity

com.mobiletool.appstore.action.sdk

com.sogou.androidtool.SliderTabPagerActivity

android.intent.action.VIEW
com.mobiletool.appstore.action.backtomarket
android.intent.action.SEND
android.intent.action.SENDTO

com.sogou.androidtool.details.AppDetailsActivity

com.mobiletool.appstore.action.appdetail
android.intent.action.VIEW

com.sogou.androidtool.TopicDetailsActivity

com.mobiletool.appstore.action.specialdetail

com.sogou.androidtool.AppNewsActivity

com.mobiletool.appstore.action.topicdetail

com.sogou.androidtool.WebPushActivity

com.mobiletool.appstore.action.wap

com.sogou.androidtool.search.MultiSearchResultActivity

android.intent.action.VIEW

com.sogou.androidtool.update.AppManageActivity

com.mobiletool.appstore.action.update

com.sogou.androidtool.activity.UrlHandleActivity

com.mobiletool.appstore.highspeed
com.mobiletool.appstore.browser.highspeed
com.mobiletool.appstore.action.extend
com.mobiletool.appstore.action.download

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

com.htc.launcher.permission.READ_SETTINGS
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher2.permission.READ_SETTINGS
com.android.launcher2.permission.WRITE_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.android.launcher3.permission.WRITE_SETTINGS
org.adw.launcher.permission.READ_SETTINGS
org.adw.launcher.permission.WRITE_SETTINGS
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.WRITE_SETTINGS
com.qihoo360.launcher.permission.READ_SETTINGS
com.qihoo360.launcher.permission.WRITE_SETTINGS
com.lge.launcher.permission.READ_SETTINGS
com.lge.launcher.permission.WRITE_SETTINGS
net.qihoo.launcher.permission.READ_SETTINGS
net.qihoo.launcher.permission.WRITE_SETTINGS
org.adwfreak.launcher.permission.READ_SETTINGS
org.adwfreak.launcher.permission.WRITE_SETTINGS
org.adw.launcher_donut.permission.READ_SETTINGS
org.adw.launcher_donut.permission.WRITE_SETTINGS
com.fede.launcher.permission.READ_SETTINGS
com.fede.launcher.permission.WRITE_SETTINGS
com.sec.android.app.twlauncher.settings.READ_SETTINGS
com.sec.android.app.twlauncher.settings.WRITE_SETTINGS
com.anddoes.launcher.permission.READ_SETTINGS
com.anddoes.launcher.permission.WRITE_SETTINGS
com.tencent.qqlauncher.permission.READ_SETTINGS
com.tencent.qqlauncher.permission.WRITE_SETTINGS
com.huawei.launcher.permission.READ_SETTINGS
com.huawei.launcher.permission.WRITE_SETTINGS
com.huawei.launcher2.permission.READ_SETTINGS
com.huawei.launcher2.permission.WRITE_SETTINGS
com.huawei.launcher3.permission.READ_SETTINGS
com.huawei.launcher3.permission.WRITE_SETTINGS
com.android.mylauncher.permission.READ_SETTINGS
com.android.mylauncher.permission.WRITE_SETTINGS
com.ebproductions.android.launcher.permission.READ_SETTINGS
com.ebproductions.android.launcher.permission.WRITE_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.WRITE_SETTINGS
telecom.mdesk.permission.READ_SETTINGS
telecom.mdesk.permission.WRITE_SETTINGS
dianxin.permission.ACCESS_LAUNCHER_DATA
com.yulong.android.launcher.permission.READ_SETTINGS
com.yulong.android.launcher.permission.WRITE_SETTINGS
com.yulong2.android.launcher.permission.READ_SETTINGS
com.yulong2.android.launcher.permission.WRITE_SETTINGS
com.yulong3.android.launcher.permission.READ_SETTINGS
com.yulong3.android.launcher.permission.WRITE_SETTINGS
com.bbk.launcher2.permission.READ_SETTINGS
com.bbk.launcher2.permission.WRITE_SETTINGS
com.fx.launcher.permission.WRITE_SETTINGS
com.fx.launcher.permission.READ_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.ACCESS_NETWORK_STATE
android.permission.GET_PACKAGE_SIZE
android.permission.CLEAR_APP_CACHE
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_TASKS
android.permission.BLUETOOTH_ADMIN
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.BLUETOOTH
android.permission.ACCESS_FINE_LOCATION
android.permission.WRITE_SETTINGS
android.permission.ACCESS_GPS
android.permission.ACCESS_LOCATION
android.permission.READ_SYNC_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
android.permission.VIBRATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECORD_AUDIO
android.permission.INTERNET
android.permission.BATTERY_STATS
android.permission.CHANGE_CONFIGURATION
android.permission.SYSTEM_ALERT_WINDOW
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.WAKE_LOCK
android.permission.ACCESS_ALL_DOWNLOADS
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.ACCESS_DOWNLOAD_MANAGER_ADVANCED
android.permission.SEND_DOWNLOAD_COMPLETED_INTENTS
android.permission.DOWNLOAD_CACHE_NON_PURGEABLE
android.permission.CAMERA
android.permission.FLASHLIGHT
android.permission.SET_WALLPAPER
android.permission.BROADCAST_STICKY
android.permission.DISABLE_KEYGUARD
android.permission.ACCESS_MTK_MMHW
com.sec.android.provider.badge.permission.READ
com.sec.android.provider.badge.permission.WRITE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.RESTART_PACKAGES
android.permission.WRITE_APN_SETTING
android.permission.RAISED_THREAD_PRIORITY
android.permission.READ_PROFILE
android.permission.READ_LOGS
android.permission.MANAGE_DEVICE_ADMINS
android.permission.SYSTEM_OVERLAY_WINDOW
android.permission.PACKAGE_USAGE_STATS
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
com.mobiletool.appstore.permission.MIPUSH_RECEIVE

Receivers

com.sogou.androidtool.receiver.NetChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.sogou.androidtool.receiver.SelfUpdateNotificationCancelReceiver

selfupdate_notification_cancelled

com.sogou.androidtool.downloads.DownloadReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.DOWNLOAD_WAKEUP
android.intent.action.DOWNLOAD_NOTIFY
android.intent.action.ERROR_NOTIFY
android.intent.action.DOWNLOAD_WAKEUP.sogou
android.intent.action.MEDIA_MOUNTED

com.sogou.androidtool.receiver.GpsNetworkReceiver

android.intent.action.CONFIGURATION_CHANGED
android.net.conn.CONNECTIVITY_CHANGE

com.sogou.androidtool.receiver.BootReceiver

android.intent.action.ACTION_SHUTDOWN
android.intent.action.BOOT_COMPLETED

com.sogou.androidtool.receiver.SdkNetChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.sogou.androidtool.receiver.PingbackDateChangeReceiver

android.intent.action.DATE_CHANGED

com.sogou.androidtool.receiver.OtherAppReceiver

android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_ADDED

com.sogou.androidtool.shortcut.AppUninstallReceiver

android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_ADDED

com.sogou.androidtool.receiver.SDCardReceiver

android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_UNMOUNTED

com.sogou.androidtool.notification.NotificationReceiver

android.intent.action.PUSH_NOTIFY_ALARM
android.intent.action.IMEDIATE_NOTIFY_ALARM
android.intent.action.UPDATE_NOTIFICATION

com.sogou.androidtool.receiver.KeepServiceReceiver

android.intent.action.ACTION_SHUTDOWN
android.intent.action.BOOT_COMPLETED
android.intent.action.CONFIGURATION_CHANGED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.SCREEN_ON
android.intent.action.SCREEN_OFF

com.sogou.udp.push.SystemReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
android.intent.action.PACKAGE_REMOVED

com.sogou.udp.push.PushServiceReceiver

com.sogou.pushservice.action.METHOD

com.sogou.androidtool.notification.weather.WeatherNotifyServiceReceiver

com.mobiletool.appstore.service.weathernotifyreceiver

com.sogou.androidtool.receiver.DevicePolicyReceiver

android.app.action.DEVICE_ADMIN_ENABLED

com.taobao.accs.EventReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.taobao.accs.ServiceReceiver

com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO

com.taobao.agoo.AgooCommondReceiver

com.mobiletool.appstore.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED

org.android.agoo.xiaomi.MiPushBroadcastReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.ERROR

org.android.agoo.huawei.HuaWeiReceiver

com.huawei.android.push.intent.REGISTRATION
com.huawei.android.push.intent.RECEIVE
com.huawei.intent.action.PUSH
com.huawei.intent.action.PUSH_STATE

Services

com.sogou.androidtool.service.BackgroundService

com.mobiletool.appstore.action.BackgroundService

com.sogou.androidtool.service.CoreService

com.mobiletool.appstore.action.service

com.sogou.androidtool.service.NotifyWeatherService

com.mobiletool.appstore.service.weatherservice

com.sogou.passportsdk.service.PassportService

com.sogou.passport.service.aidl

com.sogou.androidtool.service.SgToolAccessibilityService

android.accessibilityservice.AccessibilityService

com.sogou.androidtool.service.SgToolVpnService

android.net.VpnService

com.sogou.androidtool.lockscreen.NotificationFilter

android.service.notification.NotificationListenerService

com.taobao.accs.ChannelService

com.taobao.accs.intent.action.SERVICE
com.taobao.accs.intent.action.ELECTION

com.taobao.accs.data.MsgDistributeService

com.taobao.accs.intent.action.RECEIVE

org.android.agoo.accs.AgooService

com.taobao.accs.intent.action.RECEIVE

com.umeng.message.UmengIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.XiaomiIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.UmengMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.messge.registercallback.action
com.umeng.message.enablecallback.action
com.umeng.message.disablecallback.action
com.umeng.message.message.handler.action
com.umeng.message.message.sendmessage.action

6e4b32fd70af981e51d1dc019bc8e734_JaffaCakes118

Permissions

com.htc.launcher.permission.READ_SETTINGS

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher2.permission.READ_SETTINGS

com.android.launcher2.permission.WRITE_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

com.android.launcher3.permission.WRITE_SETTINGS

org.adw.launcher.permission.READ_SETTINGS

org.adw.launcher.permission.WRITE_SETTINGS

com.htc.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.WRITE_SETTINGS

com.qihoo360.launcher.permission.READ_SETTINGS

com.qihoo360.launcher.permission.WRITE_SETTINGS

com.lge.launcher.permission.READ_SETTINGS

com.lge.launcher.permission.WRITE_SETTINGS

net.qihoo.launcher.permission.READ_SETTINGS

net.qihoo.launcher.permission.WRITE_SETTINGS

org.adwfreak.launcher.permission.READ_SETTINGS

org.adwfreak.launcher.permission.WRITE_SETTINGS

org.adw.launcher_donut.permission.READ_SETTINGS

org.adw.launcher_donut.permission.WRITE_SETTINGS

com.fede.launcher.permission.READ_SETTINGS

com.fede.launcher.permission.WRITE_SETTINGS

com.sec.android.app.twlauncher.settings.READ_SETTINGS

com.sec.android.app.twlauncher.settings.WRITE_SETTINGS

com.anddoes.launcher.permission.READ_SETTINGS

com.anddoes.launcher.permission.WRITE_SETTINGS

com.tencent.qqlauncher.permission.READ_SETTINGS

com.tencent.qqlauncher.permission.WRITE_SETTINGS

com.huawei.launcher.permission.READ_SETTINGS

com.huawei.launcher.permission.WRITE_SETTINGS

com.huawei.launcher2.permission.READ_SETTINGS

com.huawei.launcher2.permission.WRITE_SETTINGS

com.huawei.launcher3.permission.READ_SETTINGS

com.huawei.launcher3.permission.WRITE_SETTINGS

com.android.mylauncher.permission.READ_SETTINGS

com.android.mylauncher.permission.WRITE_SETTINGS

com.ebproductions.android.launcher.permission.READ_SETTINGS

com.ebproductions.android.launcher.permission.WRITE_SETTINGS

com.oppo.launcher.permission.READ_SETTINGS

com.oppo.launcher.permission.WRITE_SETTINGS

com.huawei.android.launcher.permission.READ_SETTINGS

com.huawei.android.launcher.permission.WRITE_SETTINGS

telecom.mdesk.permission.READ_SETTINGS

telecom.mdesk.permission.WRITE_SETTINGS

dianxin.permission.ACCESS_LAUNCHER_DATA

com.yulong.android.launcher.permission.READ_SETTINGS

com.yulong.android.launcher.permission.WRITE_SETTINGS

com.yulong2.android.launcher.permission.READ_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.mobiletool.appstore

com.sogou.androidtool.SplashActivity

Activities

com.sogou.androidtool.SplashActivity

com.sogou.androidtool.activity.SdkRedirectActivity

com.sogou.androidtool.SliderTabPagerActivity

com.sogou.androidtool.details.AppDetailsActivity

com.sogou.androidtool.TopicDetailsActivity

com.sogou.androidtool.AppNewsActivity

com.sogou.androidtool.WebPushActivity

com.sogou.androidtool.search.MultiSearchResultActivity

com.sogou.androidtool.update.AppManageActivity

com.sogou.androidtool.activity.UrlHandleActivity

com.tencent.tauth.AuthActivity

Permissions

Receivers

com.sogou.androidtool.receiver.NetChangeReceiver

com.sogou.androidtool.receiver.SelfUpdateNotificationCancelReceiver

com.sogou.androidtool.downloads.DownloadReceiver

com.sogou.androidtool.receiver.GpsNetworkReceiver

com.sogou.androidtool.receiver.BootReceiver

com.sogou.androidtool.receiver.SdkNetChangeReceiver

com.sogou.androidtool.receiver.PingbackDateChangeReceiver

com.sogou.androidtool.receiver.OtherAppReceiver

com.sogou.androidtool.shortcut.AppUninstallReceiver

com.sogou.androidtool.receiver.SDCardReceiver

com.sogou.androidtool.notification.NotificationReceiver

com.sogou.androidtool.receiver.KeepServiceReceiver

com.sogou.udp.push.SystemReceiver

com.sogou.udp.push.PushServiceReceiver

com.sogou.androidtool.notification.weather.WeatherNotifyServiceReceiver

com.sogou.androidtool.receiver.DevicePolicyReceiver

com.taobao.accs.EventReceiver

com.taobao.accs.ServiceReceiver

com.taobao.agoo.AgooCommondReceiver

org.android.agoo.xiaomi.MiPushBroadcastReceiver

org.android.agoo.huawei.HuaWeiReceiver

Services

com.sogou.androidtool.service.BackgroundService

com.sogou.androidtool.service.CoreService

com.sogou.androidtool.service.NotifyWeatherService

com.sogou.passportsdk.service.PassportService

com.sogou.androidtool.service.SgToolAccessibilityService

com.sogou.androidtool.service.SgToolVpnService

com.sogou.androidtool.lockscreen.NotificationFilter

com.taobao.accs.ChannelService

com.taobao.accs.data.MsgDistributeService

org.android.agoo.accs.AgooService

com.umeng.message.UmengIntentService

com.umeng.message.XiaomiIntentService

com.umeng.message.UmengMessageIntentReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

Android Permissions

6e4b32fd70af981e51d1dc019bc8e734_JaffaCakes118