6eb9f3ad05408d99680f326d07d17a43_JaffaCakes118

General

Target

6eb9f3ad05408d99680f326d07d17a43_JaffaCakes118
Size

7.5MB
MD5

6eb9f3ad05408d99680f326d07d17a43
SHA1

f65aece0b21d29601291c8585dc361d7dbdcd55b
SHA256

10384255c298d073bb93dea288b6d88fa83ea722a81c1b15cc784e5042fb6696
SHA512

e41b86cfa6dd2d4b2032cb05a4f39a25e2d8cf478d45d21f597ea72e9e3ece93618d0b871457324245f0f4bf806fa444b2c35cc66f5783231a972877d923c5d9
SSDEEP

196608:qlTTb1VF4n6s2iwQEZY7BkZatBOfd8ocnJoLrQA0AxoPG3nZTbXkAG:wTTbju6piwQBNkM2X3QQxoExLkv

Score

6^/10

Malware Config

Signatures

Declares broadcast receivers with permission to handle system events 1 IoCs

Processes:

description	ioc
Required by device admin receivers to bind with the system. Allows apps to manage device administration features.	android.permission.BIND_DEVICE_ADMIN

Requests dangerous framework permissions 6 IoCs

Processes:

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS

Files

6eb9f3ad05408d99680f326d07d17a43_JaffaCakes118
.apk android arch:arm arch:mips arch:x86

com.zuimeia.suite.magiclocker

com.zuimeia.suite.magiclocker.SplashActivity

Activities

com.zuimeia.suite.magiclocker.SplashActivity

android.intent.action.MAIN

com.zuimeia.suite.magiclocker.MainActivity

com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

io.presage.activities.PresageActivity

io.presage.intent.action.LAUNCH_WEBVIEW

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_OVERLAY_WINDOW
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.REORDER_TASKS
android.permission.GET_TASKS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.zuimeia.suite.magiclocker.permission.MIPUSH_RECEIVE
android.permission.VIBRATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.READ_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.USE_CREDENTIALS

Receivers

com.zuimeia.suite.magiclocker.receiver.BootCompletedReceiver

android.intent.action.BOOT_COMPLETED

com.zuimeia.suite.magiclocker.receiver.PackageReplacedReceiver

android.intent.action.MY_PACKAGE_REPLACED

com.zuimeia.suite.magiclocker.receiver.SwitchLockOnOffSettingReceiver

com.zuimeia.suite.magiclocker_switch_setting_receiver

com.zuimeia.suite.magiclocker.receiver.SwitchWakeupSettingReceiver

com.zuimeia.suite.magiclocker_switch_wakeup_setting_receiver

com.zuimeia.suite.magiclocker.receiver.ScreenLockDeviceAdminReceiver

android.app.action.DEVICE_ADMIN_ENABLED

com.xiaomi.push.service.receivers.NetworkStatusReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.xiaomi.push.service.receivers.PingReceiver

com.xiaomi.push.PING_TIMER

com.zuimeia.suite.magiclocker.receiver.PushMsgReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.ERROR

io.presage.receivers.BootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.DATE_CHANGED
io.presage.receivers.BootReceiver.RESTART_SERVICE

com.google.android.gms.wallet.EnableWalletOptimizationReceiver

com.google.android.gms.wallet.ENABLE_WALLET_OPTIMIZATION

Services

6eb9f3ad05408d99680f326d07d17a43_JaffaCakes118

Permissions

android.permission.SYSTEM_ALERT_WINDOW

android.permission.SYSTEM_OVERLAY_WINDOW

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.READ_PHONE_STATE

android.permission.REORDER_TASKS

android.permission.GET_TASKS

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WAKE_LOCK

com.android.browser.permission.READ_HISTORY_BOOKMARKS

com.android.browser.permission.WRITE_HISTORY_BOOKMARKS

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.zuimeia.suite.magiclocker.permission.MIPUSH_RECEIVE

android.permission.VIBRATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.READ_EXTERNAL_STORAGE

android.permission.GET_ACCOUNTS

android.permission.USE_CREDENTIALS

Sharing

General

Malware Config

Signatures

Files

com.zuimeia.suite.magiclocker

com.zuimeia.suite.magiclocker.SplashActivity

Activities

com.zuimeia.suite.magiclocker.SplashActivity

com.zuimeia.suite.magiclocker.MainActivity

io.presage.activities.PresageActivity

Permissions

Receivers

com.zuimeia.suite.magiclocker.receiver.BootCompletedReceiver

com.zuimeia.suite.magiclocker.receiver.PackageReplacedReceiver

com.zuimeia.suite.magiclocker.receiver.SwitchLockOnOffSettingReceiver

com.zuimeia.suite.magiclocker.receiver.SwitchWakeupSettingReceiver

com.zuimeia.suite.magiclocker.receiver.ScreenLockDeviceAdminReceiver

com.xiaomi.push.service.receivers.NetworkStatusReceiver

com.xiaomi.push.service.receivers.PingReceiver

com.zuimeia.suite.magiclocker.receiver.PushMsgReceiver

io.presage.receivers.BootReceiver

com.google.android.gms.wallet.EnableWalletOptimizationReceiver

Services

Android Permissions

6eb9f3ad05408d99680f326d07d17a43_JaffaCakes118