6e9b3200caaa1f83cb4728687723952a_JaffaCakes118

General

Target

6e9b3200caaa1f83cb4728687723952a_JaffaCakes118
Size

31.9MB
MD5

6e9b3200caaa1f83cb4728687723952a
SHA1

ab80a5224749c861e7151b0fb819e25f8cc547f0
SHA256

284629fafbaf1ea628548f732a8372ca6ca6e4ab8b5683df048ed583d9ba8863
SHA512

82c581172309cfde47e0f926a9041d1aee60a2e184a72608c47968c8036f1bef6e47acf875a9e1cc43695172d30ed128f0c1d03b651a82887df5120fa26129f0
SSDEEP

786432:3zODempPEuAg3Tb4c4Pky7+FN+JL2yQq0x3F8nA980Zc0fq7O/K:3zytEh0br48y7S+Jda80Zc0C7O/K

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

6e9b3200caaa1f83cb4728687723952a_JaffaCakes118
.apk android arch:arm

com.kiloo.subwaysurf

com.kiloo.subwaysurf.RRAndroidPluginActivity

Activities

com.kiloo.subwaysurf.RRAndroidPluginActivity

android.intent.action.MAIN

com.skynet.android.online.service.ui.OnlineServiceActivity

android.intent.action.ONLINE_SERVICE_ACTION

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.VIBRATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.SEND_SMS
android.permission.CHANGE_WIFI_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_EXTERNAL_STORAGE
android.permission.DISABLE_KEYGUARD
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher3.permission.READ_SETTINGS
com.android.launcher2.permission.READ_SETTINGS
com.android.launcher.permission.READ_SETTINGS

Receivers

com.idreamsky.push.broadcast.ConnectionChange

android.net.conn.CONNECTIVITY_CHANGE

com.idreamsky.push.service.MessageReceiver

com.skynet.push.notice.public

com.s1.lib.plugin.dynload.service.ConnectionChange

android.net.conn.CONNECTIVITY_CHANGE

Services

com.idreamsky.push.service.PushService

com.idreamsky.push.service.pushservice
com.alipay.android.app.apk
.apk android arch:arm arch:x86

com.alipay.android.app

com.alipay.android.app.pay.MainActivity

Activities

com.alipay.android.app.pay.MainActivity

android.intent.action.MAIN

com.alipay.android.app.pay.TransContainer

android.intent.action.MAIN

com.alipay.android.app.pay.HyperlinkActivity

android.intent.action.MAIN

com.alipay.android.app.pay.PageForBrowser

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_FINE_LOCATION
android.permission.RECEIVE_USER_PRESENT
android.permission.VIBRATE
android.permission.CHANGE_NETWORK_STATE
com.alipay.android.app.gphone.SHARE

Receivers

Services

com.alipay.android.app.MspService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

Android Permissions

6e9b3200caaa1f83cb4728687723952a_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.GET_TASKS

android.permission.VIBRATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.SEND_SMS

android.permission.CHANGE_WIFI_STATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.READ_EXTERNAL_STORAGE

android.permission.DISABLE_KEYGUARD

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher3.permission.READ_SETTINGS

com.android.launcher2.permission.READ_SETTINGS

com.android.launcher.permission.READ_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.kiloo.subwaysurf

com.kiloo.subwaysurf.RRAndroidPluginActivity

Activities

com.kiloo.subwaysurf.RRAndroidPluginActivity

com.skynet.android.online.service.ui.OnlineServiceActivity

com.tencent.tauth.AuthActivity

Permissions

Receivers

com.idreamsky.push.broadcast.ConnectionChange

com.idreamsky.push.service.MessageReceiver

com.s1.lib.plugin.dynload.service.ConnectionChange

Services

com.idreamsky.push.service.PushService

com.alipay.android.app

com.alipay.android.app.pay.MainActivity

Activities

com.alipay.android.app.pay.MainActivity

com.alipay.android.app.pay.TransContainer

com.alipay.android.app.pay.HyperlinkActivity

com.alipay.android.app.pay.PageForBrowser

Permissions

Receivers

Services

com.alipay.android.app.MspService

Android Permissions

6e9b3200caaa1f83cb4728687723952a_JaffaCakes118