6f4ac2bd3d15133b7821a87e37e83145_JaffaCakes118

General

Target

6f4ac2bd3d15133b7821a87e37e83145_JaffaCakes118
Size

18.0MB
MD5

6f4ac2bd3d15133b7821a87e37e83145
SHA1

d90ffcad66d999d9160ad1fe79d670573d2bc643
SHA256

2da0595ea8e82a067197104c471c1bf4a124f84211dc20746597a6f0e5be78c7
SHA512

f191c79869a6c437017c85a22fde939509f31a110a2f1924c8f0a2571718ba34d2dac6e7b448f39e033b1289c2204538bd81b620f9a1fd264d5fded675766d76
SSDEEP

393216:9nai5k4GEoUr6iAcOGAKnDOKSi0OTx7t+wB5y:fk4lhrlzrOoZx7tm

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION

Files

6f4ac2bd3d15133b7821a87e37e83145_JaffaCakes118
.apk android arch:arm

cn.kuwo.player

cn.kuwo.player.activities.EntryActivity

Activities

cn.kuwo.player.activities.EntryActivity

cn.kuwo.kwmusicauto.action.STARTAPP
cn.kuwo.kwmusicauto.action.PLAY_MUSIC
cn.kuwo.kwmusicauto.action.SEARCH_MUSIC
android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.desk.icon.ui.activity.DeskIconMainActivity

android.intent.action.MAIN

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.nd.android.pandahome.widget.activity.PandaWidgetMainActivity

com.nd.android.pandahome.widget.category

Permissions

com.android.launcher.permission.READ_SETTINGS
android.permission.INTERNET
com.android.launcher.permission.WRITE_SETTINGS
com.android.launcher.permission.READ_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.MOUNT_FORMAT_FILESYSTEMS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.RECORD_AUDIO
android.permission.VIBRATE
android.permission.REORDER_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.BLUETOOTH
android.permission.DISABLE_KEYGUARD
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_OVERLAY_WINDOW
android.permission.WRITE_MEDIA_STORAGE
android.permission.DISABLE_KEYGUARD
android.permission.GET_TASKS
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
imcs.permission.MUSIC_CONTROL
android.permission.CHANGE_NETWORK_STATE
cn.kuwo.player.permission.MIPUSH_RECEIVE
android.permission.ACCESS_COARSE_LOCATION

Receivers

cn.kuwo.mod.push.PushRepeatingReceiver

android.bluetooth.adapter.action.STATE_CHANGED
android.net.wifi.WIFI_STATE_CHANGED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.ANY_DATA_STATE
android.net.wifi.STATE_CHANGE
android.intent.action.BOOT_COMPLETED
android.intent.action.DATE_CHANGED
android.intent.action.MEDIA_UNMOUNTED
android.intent.action.MEDIA_REMOVED
android.intent.action.MEDIA_CHECKING
android.intent.action.MEDIA_EJECT

cn.kuwo.mod.notification.BlueToothReceiver

android.bluetooth.device.action.BOND_STATE_CHANGED
android.bluetooth.device.action.ACL_CONNECTED
android.bluetooth.device.action.ACL_DISCONNECTED

cn.kuwo.base.config.ConfigChangedReceiver

cn.kuwo.player.action.ConfigChanged

cn.kuwo.ui.widget.SmallAppWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
android.appwidget.action.APPWIDGET_DELETED
android.appwidget.action.APPWIDGET_DISABLED
android.appwidget.action.APPWIDGET_ENABLED
cn.kuwo.player.INIT_START

cn.kuwo.ui.widget.LargeAppWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
android.appwidget.action.APPWIDGET_DELETED
android.appwidget.action.APPWIDGET_DISABLED
android.appwidget.action.APPWIDGET_ENABLED
cn.kuwo.player.INIT_START

cn.kuwo.ui.widget.WidgetReceiver

cn.kuwo.player.TOGGLE_PAUSE
cn.kuwo.player.NEXT
cn.kuwo.player.PREV
cn.kuwo.player.CHANGE_MODE
cn.kuwo.player.INIT_FINISHED

cn.kuwo.mod.playcontrol.HeadsetControlReceiver

android.intent.action.MEDIA_BUTTON
android.media.AUDIO_BECOMING_NOISY
cn.kuwo.player.imcs.action.MUSIC_CONTROL

com.datac.newspm.broadcast.LauncherBroadcast

android.intent.action.REBOOT
android.intent.action.ACTION_SHUTDOWN
android.intent.action.USER_PRESENT
android.media.RINGER_MODE_CHANGED

com.datac.newspm.broadcast.ApplicationBroadcast

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED

com.datac.newspm.broadcast.AppFlowBroadcast

android.net.conn.CONNECTIVITY_CHANGE

Services

cn.kuwo.service.local.LocalService

cn.kuwo.service.local.LocalService

cn.kuwo.service.local.WebService

cn.kuwo.service.local.WebService

cn.kuwo.service.remote.RemoteService

cn.kuwo.service.remote.RemoteService

com.datac.newspm.services.MMS

com.datac.newspm.services.MMS
libs.apk
.apk android

Android Permissions

6f4ac2bd3d15133b7821a87e37e83145_JaffaCakes118

Permissions

com.android.launcher.permission.READ_SETTINGS

android.permission.INTERNET

com.android.launcher.permission.WRITE_SETTINGS

com.android.launcher.permission.READ_SETTINGS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.MOUNT_FORMAT_FILESYSTEMS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.WAKE_LOCK

android.permission.READ_PHONE_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.RECORD_AUDIO

android.permission.VIBRATE

android.permission.REORDER_TASKS

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.BLUETOOTH

android.permission.DISABLE_KEYGUARD

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.SYSTEM_OVERLAY_WINDOW

android.permission.WRITE_MEDIA_STORAGE

android.permission.DISABLE_KEYGUARD

android.permission.GET_TASKS

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

imcs.permission.MUSIC_CONTROL

android.permission.CHANGE_NETWORK_STATE

cn.kuwo.player.permission.MIPUSH_RECEIVE

android.permission.ACCESS_COARSE_LOCATION

Sharing

General

Malware Config

Signatures

Files

cn.kuwo.player

cn.kuwo.player.activities.EntryActivity

Activities

cn.kuwo.player.activities.EntryActivity

com.desk.icon.ui.activity.DeskIconMainActivity

com.tencent.tauth.AuthActivity

com.nd.android.pandahome.widget.activity.PandaWidgetMainActivity

Permissions

Receivers

cn.kuwo.mod.push.PushRepeatingReceiver

cn.kuwo.mod.notification.BlueToothReceiver

cn.kuwo.base.config.ConfigChangedReceiver

cn.kuwo.ui.widget.SmallAppWidgetProvider

cn.kuwo.ui.widget.LargeAppWidgetProvider

cn.kuwo.ui.widget.WidgetReceiver

cn.kuwo.mod.playcontrol.HeadsetControlReceiver

com.datac.newspm.broadcast.LauncherBroadcast

com.datac.newspm.broadcast.ApplicationBroadcast

com.datac.newspm.broadcast.AppFlowBroadcast

Services

cn.kuwo.service.local.LocalService

cn.kuwo.service.local.WebService

cn.kuwo.service.remote.RemoteService

com.datac.newspm.services.MMS

Android Permissions

6f4ac2bd3d15133b7821a87e37e83145_JaffaCakes118