7e53bf190a4ad5e043e735b45cddbc18_JaffaCakes118

General

Target

7e53bf190a4ad5e043e735b45cddbc18_JaffaCakes118
Size

28.6MB
MD5

7e53bf190a4ad5e043e735b45cddbc18
SHA1

81712a60a6ab5bbb7cc6a6b4836a71d9897cc94e
SHA256

d332d55d0617e10acf257b64947a306b97fd2f4a12fb295132f87de8d7c2ce92
SHA512

fb5872a1e4c66b8c097b99d5c2b3a6a8e8e536576a0fac46fa65cc2c8c8537c99344303a1f20eb9e755184bc14f8672efef80396988ee77d521ee0df6491da09
SSDEEP

786432:y0klW0h+0kRXcc9gXPQA7e12Rcrj9vuR2:yNlWHjXf9gX97eycrxvj

Score

8^/10

upx

Malware Config

Signatures

Patched UPX-packed file 10 IoCs

Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

resource	yara_rule
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx
sample	patched_upx

UPX packed file 10 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx
sample	upx

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to record audio.	android.permission.RECORD_AUDIO

Files

7e53bf190a4ad5e043e735b45cddbc18_JaffaCakes118
.apk android arch:arm arch:x86

com.servertradeapp

com.servertradeapp.MainActivity

Activities

com.servertradeapp.MainActivity

android.intent.action.MAIN

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_NETWORK_STATE
com.android.launcher.permission.READ_SETTINGS
android.permission.WAKE_LOCK
android.permission.CHANGE_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.CAMERA
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.RECORD_AUDIO

Services
amap_resource1_0_0.png
.apk android

com.example.amapsdkv2

com.amap.api.maps.offlinemap.OfflineMapActivity

Activities

com.amap.api.maps.offlinemap.OfflineMapActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_SETTINGS
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE

Android Permissions

7e53bf190a4ad5e043e735b45cddbc18_JaffaCakes118

Permissions

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_WIFI_STATE

android.permission.INTERNET

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_NETWORK_STATE

com.android.launcher.permission.READ_SETTINGS

android.permission.WAKE_LOCK

android.permission.CHANGE_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

android.permission.CAMERA

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.READ_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.RECORD_AUDIO

Sharing

General

Malware Config

Signatures

Files

com.servertradeapp

com.servertradeapp.MainActivity

Activities

com.servertradeapp.MainActivity

com.tencent.tauth.AuthActivity

Permissions

Services

com.example.amapsdkv2

com.amap.api.maps.offlinemap.OfflineMapActivity

Activities

com.amap.api.maps.offlinemap.OfflineMapActivity

Permissions

Android Permissions

7e53bf190a4ad5e043e735b45cddbc18_JaffaCakes118