74bed2613c739c327dc63b4558820a1f_JaffaCakes118

General

Target

74bed2613c739c327dc63b4558820a1f_JaffaCakes118
Size

8.0MB
MD5

74bed2613c739c327dc63b4558820a1f
SHA1

e6fede77fac35df30b3e5c36bb3f88e539eef3e6
SHA256

338c5eb5401569184a17bd6daefefcbda42e523c936f69ad2e6d0a9b6204e725
SHA512

e4f57ee3afb888be62bd9a9b2d2ef5cd98a649462535a342f9c699e0e28223f90813ed80716c1b5bc19a6ef4463a63e3a7bafd425a64632e8e10487b0f9a0c2c
SSDEEP

196608:kactrDyeEqrBazMl14x0dAvQTO3Vdpa7SE0qdB3CpWbJljt4BZy0WcJFhie:kaSrmeEqrwC64ONaWF2B3CpWbB4BZy07

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE

Files

74bed2613c739c327dc63b4558820a1f_JaffaCakes118
.apk android arch:arm arch:x86

com.sapp.GUANYUNCANGYINSI

com.qihoo.util.StartActivity

Activities

com.sapp.hidelauncher.AppLockActivity

android.intent.action.MAIN

com.qihoo.util.StartActivity

android.intent.action.MAIN

com.sapp.hidelauncher.IntroActivity

android.intent.action.MAIN

com.sapp.hidelauncher.HideLauncher

android.intent.action.MAIN

com.sapp.hidelauncher.ClearDefaultLauncher

android.intent.action.MAIN

com.sapp.hidelauncher.WantHideDialog

android.intent.action.MAIN

Permissions

android.permission.SET_WALLPAPER
android.permission.SET_WALLPAPER_HINTS
android.permission.VIBRATE
android.permission.GET_ACCOUNTS
android.permission.READ_EXTERNAL_STORAGE
android.permission.GET_TASKS
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
com.android.launcher2.permission.READ_SETTINGS
com.android.launcher2.permission.WRITE_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
com.android.launcher.permission.READ_SETTINGS
com.ibingo.launcher.permission.READ_SETTINGS
com.ibingo.launcher.permission.WRITE_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.WRITE_SETTINGS
com.bbk.launcher2.permission.WRITE_SETTINGS
com.bbk.launcher2.permission.READ_SETTINGS
com.android.mylauncher.permission.READ_SETTINGS
com.android.mylauncher.permission.WRITE_SETTINGS
com.fede.launcher.permission.READ_SETTINGS
com.fede.launcher.permission.WRITE_SETTINGS
com.ztemt.launcher.permission.READ_SETTINGS
com.ztemt.launcher.permission.WRITE_SETTINGS
com.aliyun.homeshell.permission.READ_SETTINGS
com.aliyun.homeshell.permission.WRITE_SETTINGS
com.huawei.android.launcher.permission.WRITE_SETTINGS
com.huawei.android.launcher.permission.READ_SETTINGS
com.android.launcher3.permission.WRITE_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.google.android.launcher.permission.READ_SETTINGS
com.huaqin.thememgr.permission.READ_SETTINGS
com.bird.moto.launcher.permission.READ_SETTINGS
com.bird.htc4.launcher.permission.READ_SETTINGS
com.bird.htc4.launcher.permission.WRITE_SETTINGS
com.bird.moto.launcher.permission.WRITE_SETTINGS
com.bird.samsung4.launcher.permission.WRITE_SETTINGS
com.bird.samsung4.launcher.permission.READ_SETTINGS
com.huaqin.launcherEx.permission.READ_SETTINGS
com.huaqin.launcherEx.permission.WRITE_SETTINGS
com.lenovo.launcher.permission.WRITE_SETTINGS
com.lenovo.launcher.permission.READ_SETTINGS
org.adwfreak.launcher.permission.WRITE_SETTINGS
org.adwfreak.launcher.permission.READ_SETTINGS
org.adw.launcher_donut.permission.READ_SETTINGS
com.huawei.launcher2.permission.READ_SETTINGS
com.lge.launcher.permission.READ_SETTINGS
com.tencent.qqlauncher.permission.READ_SETTINGS
com.qihoo360.launcher.permission.WRITE_SETTINGS
net.qihoo.launcher.permission.READ_SETTINGS
org.adw.launcher.permission.READ_SETTINGS
com.qihoo360.launcher.permission.READ_SETTINGS
com.lge.launcher.permission.WRITE_SETTINGS
com.snda.launcher.permission.READ_SETTINGS
com.snda.launcher.permission.WRITE_SETTINGS
com.gau.go.permission.READ_SETTINGS
telecom.mdesk.permission.WRITE_SETTINGS
com.huawei.launcher3.permission.READ_SETTINGS
telecom.mdesk.permission.READ_SETTINGS
com.sec.android.app.twlauncher.permission.READ_SETTINGS
com.android.ContactWidget.permission.WRITE_SETTINGS
com.zte.appwidget.contact.permission.READ_SETTINGS
com.android.ContactWidget.permission.READ_SETTINGS
com.zte.appwidget.contact.permission.WRITE_SETTINGS
com.zte.mobile.Zte3DLauncher.permission.READ_SETTINGS
com.zte.mobile.Zte3DLauncher.permission.WRITE_SETTINGS
com.motorola.mmsp.motoswitch.permission.READ_SETTINGS
com.motorola.mmsp.motoswitch.permission.WRITE_SETTINGS
com.amazon.dcp.settings.permission.READ_SETTINGS
com.baidu.home.permission.READ_SETTINGS
com.baidu.home.permission.WRITE_SETTINGS
com.bird.vlauncher.permission.WRITE_SETTINGS
com.bird.vlauncher.permission.READ_SETTINGS
com.zte.mobile.ZteLauncher3D.permission.WRITE_SETTINGS
com.zte.mobile.ZteLauncher3D.permission.READ_SETTINGS
com.lewa.launcher.permission.WRITE_SETTINGS
com.lewa.launcher.permission.READ_SETTINGS
com.qihoo360.home.permission.READ_SETTINGS
com.qihoo360.home.permission.WRITE_SETTINGS
com.kingsun.launcher.permission.READ_SETTINGS
com.kingsun.launcher.permission.WRITE_SETTINGS
com.zoodles.kidmode.permission.WRITE_SETTINGS
com.zoodles.kidmode.permission.READ_SETTINGS
com.sapp.GUANYUNCANGYINSI.permission.READ_SETTINGS
com.sapp.GUANYUNCANGYINSI.permission.WRITE_SETTINGS
com.sapp.GUANYUNCANGYINSI.permission.RECEIVE_LAUNCH_BROADCASTS
android.permission.READ_PHONE_STATE
android.permission.BATTERY_STATS
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_PACKAGE_SIZE
android.permission.BROADCAST_STICKY
android.permission.SYSTEM_ALERT_WINDOW
android.permission.REORDER_TASKS
android.permission.WAKE_LOCK
android.permission.DISABLE_KEYGUARD
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
android.permission.ACCESS_FINE_LOCATION
android.permission.WRITE_SETTINGS
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.ACCESS_WEATHERCLOCK_PROVIDER
android.permission.SEND_SMS
android.permission.ACCESS_COARSE_LOCATION
android.permission.CALL_PHONE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
com.YXXD201405281234090668WUa2FeV4su.android.permission.SERVICE
com.YXXD201405281234090668WUa2FeV4su.android.permission.CLIENT
com.YXXD201405281234090668WUa2FeV4su.android.permission.VOTE

Receivers

com.sapp.GUANYUNCANGYINSI.PreloadReceiver

com.sapp.GUANYUNCANGYINSI.action.PRELOAD_WORKSPACE

com.sapp.GUANYUNCANGYINSI.InstallShortcutReceiver

com.android.launcher.action.INSTALL_SHORTCUT

com.sapp.GUANYUNCANGYINSI.UninstallShortcutReceiver

com.android.launcher.action.UNINSTALL_SHORTCUT

com.sapp.GUANYUNCANGYINSI.UserInitializeReceiver

android.intent.action.USER_INITIALIZE

com.sapp.GUANYUNCANGYINSI.PackageChangedReceiver

android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_REMOVED

com.tgx.pullsdk.AutoConsultReceiver

com.YXXD201312101228520683S9GMyBqg6E.android.intent.action.BROADCAST_VOTE

com.tgx.pullsdk.StaticReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.sapp.hidelauncher.lock.LockScreenUserPresentReciver

android.intent.action.USER_PRESENT

com.tgx.pullsdk.AutoConsultReceiver

com.YXXD201405281234090668WUa2FeV4su.android.intent.action.BROADCAST_VOTE

com.tgx.pullsdk.StaticReceiver

android.net.conn.CONNECTIVITY_CHANGE

Services

com.tgx.pullsdk.ProtectService

com.YXXD201312101228520683S9GMyBqg6E.android.intent.action.SHARED_SERVICE

com.tgx.pullsdk.ProtectService

com.YXXD201405281234090668WUa2FeV4su.android.intent.action.SHARED_SERVICE

com.sapp.hidelauncher.notif.NotificationAccessibilityListener

android.accessibilityservice.AccessibilityService

com.sapp.hidelauncher.notif.NotificationListener

android.service.notification.NotificationListenerService

com.sapp.hidelauncher.builtinwidget.weather.WeatherUpdateService

com.sapp.hidelauncher.ACTION_UPDATE_WEATHER

Android Permissions

74bed2613c739c327dc63b4558820a1f_JaffaCakes118

Permissions

android.permission.SET_WALLPAPER

android.permission.SET_WALLPAPER_HINTS

android.permission.VIBRATE

android.permission.GET_ACCOUNTS

android.permission.READ_EXTERNAL_STORAGE

android.permission.GET_TASKS

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

com.android.launcher2.permission.READ_SETTINGS

com.android.launcher2.permission.WRITE_SETTINGS

com.android.launcher.permission.WRITE_SETTINGS

com.android.launcher.permission.READ_SETTINGS

com.ibingo.launcher.permission.READ_SETTINGS

com.ibingo.launcher.permission.WRITE_SETTINGS

com.oppo.launcher.permission.WRITE_SETTINGS

com.oppo.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.WRITE_SETTINGS

com.bbk.launcher2.permission.WRITE_SETTINGS

com.bbk.launcher2.permission.READ_SETTINGS

com.android.mylauncher.permission.READ_SETTINGS

com.android.mylauncher.permission.WRITE_SETTINGS

com.fede.launcher.permission.READ_SETTINGS

com.fede.launcher.permission.WRITE_SETTINGS

com.ztemt.launcher.permission.READ_SETTINGS

com.ztemt.launcher.permission.WRITE_SETTINGS

com.aliyun.homeshell.permission.READ_SETTINGS

com.aliyun.homeshell.permission.WRITE_SETTINGS

com.huawei.android.launcher.permission.WRITE_SETTINGS

com.huawei.android.launcher.permission.READ_SETTINGS

com.android.launcher3.permission.WRITE_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

com.google.android.launcher.permission.READ_SETTINGS

com.huaqin.thememgr.permission.READ_SETTINGS

com.bird.moto.launcher.permission.READ_SETTINGS

com.bird.htc4.launcher.permission.READ_SETTINGS

com.bird.htc4.launcher.permission.WRITE_SETTINGS

com.bird.moto.launcher.permission.WRITE_SETTINGS

com.bird.samsung4.launcher.permission.WRITE_SETTINGS

com.bird.samsung4.launcher.permission.READ_SETTINGS

com.huaqin.launcherEx.permission.READ_SETTINGS

com.huaqin.launcherEx.permission.WRITE_SETTINGS

com.lenovo.launcher.permission.WRITE_SETTINGS

com.lenovo.launcher.permission.READ_SETTINGS

org.adwfreak.launcher.permission.WRITE_SETTINGS

org.adwfreak.launcher.permission.READ_SETTINGS

org.adw.launcher_donut.permission.READ_SETTINGS

com.huawei.launcher2.permission.READ_SETTINGS

com.lge.launcher.permission.READ_SETTINGS

com.tencent.qqlauncher.permission.READ_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.sapp.GUANYUNCANGYINSI

com.qihoo.util.StartActivity

Activities

com.sapp.hidelauncher.AppLockActivity

com.qihoo.util.StartActivity

com.sapp.hidelauncher.IntroActivity

com.sapp.hidelauncher.HideLauncher

com.sapp.hidelauncher.ClearDefaultLauncher

com.sapp.hidelauncher.WantHideDialog

Permissions

Receivers

com.sapp.GUANYUNCANGYINSI.PreloadReceiver

com.sapp.GUANYUNCANGYINSI.InstallShortcutReceiver

com.sapp.GUANYUNCANGYINSI.UninstallShortcutReceiver

com.sapp.GUANYUNCANGYINSI.UserInitializeReceiver

com.sapp.GUANYUNCANGYINSI.PackageChangedReceiver

com.tgx.pullsdk.AutoConsultReceiver

com.tgx.pullsdk.StaticReceiver

com.sapp.hidelauncher.lock.LockScreenUserPresentReciver

com.tgx.pullsdk.AutoConsultReceiver

com.tgx.pullsdk.StaticReceiver

Services

com.tgx.pullsdk.ProtectService

com.tgx.pullsdk.ProtectService

com.sapp.hidelauncher.notif.NotificationAccessibilityListener

com.sapp.hidelauncher.notif.NotificationListener

com.sapp.hidelauncher.builtinwidget.weather.WeatherUpdateService

Android Permissions

74bed2613c739c327dc63b4558820a1f_JaffaCakes118