Overview

overview

7

Static

static

6

70c3578fb0...18.apk

android-9-x86

7

70c3578fb0...18.apk

android-11-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    70c3578fb0fe5b234bb07628e501a81e_JaffaCakes118

  • Size

    23.3MB

  • MD5

    70c3578fb0fe5b234bb07628e501a81e

  • SHA1

    7e1457432d8a6b28f496731a9fa1d0a32a045ac5

  • SHA256

    2750f0a4174abcf1e03e44bad0374f94ce4b4e742ff673435bfd99116adca135

  • SHA512

    95d5b7e72a20226104183ddb39f644d22727ce8fc83da546dada9429a1789b8104067990f4e83de2d2aaad84d969d3dacde1a0776995869019c519e7daf39991

  • SSDEEP

    393216:uWpYf6LlkafLzTgWRQBNBCdYBYEJ0ioZz45mIDitWfpb9NzjdnMN/c0+yL1Rfcjx:u8YQrqBDC1tY5nitWfpb9Nlz0+EbUsv2

Score
6/10

Malware Config

Signatures

  • Declares services with permission to bind to the system 2 IoCs

Files

  • 70c3578fb0fe5b234bb07628e501a81e_JaffaCakes118
    .apk android arch:arm64 arch:arm arch:x86 arch:x64

    com.expressvpn.vpn

    com.expressvpn.vpn.ui.SplashActivity


Android Permissions

70c3578fb0fe5b234bb07628e501a81e_JaffaCakes118

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.INTERNET

android.permission.FOREGROUND_SERVICE

android.permission.RECEIVE_BOOT_COMPLETED

com.android.vending.BILLING

android.permission.VIBRATE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.WAKE_LOCK

com.google.android.c2dm.permission.RECEIVE