8b2f55392458900f4ed613cf686d9961_JaffaCakes118

General

Target

8b2f55392458900f4ed613cf686d9961_JaffaCakes118
Size

5.8MB
MD5

8b2f55392458900f4ed613cf686d9961
SHA1

9dedba1c1eafc3b4d6502ea792251c5ded80c394
SHA256

173406e5565cf49c1bf5fc09d3b4f42a08c5a4637e887fbfc2e3afe2d5d44fdc
SHA512

5fb1017242b33ac8459cccf1e9fc271cb800f37693184d3c50b8ce1b8e9369b4161b57dc962621b782112e11722abfb6f1d058cedfd6396e74fc026fbf03e40d
SSDEEP

98304:9e8DIj0B63up5I3MLuoDjn5nBZBQU6FTRerk0ec5SGjU+Z7Ri68zETJzZc+eDByJ:950EpK2uoD9BgFegvcZtR8wtzS+et9re

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by wallpaper services to bind with the system. Allows apps to provide live wallpapers.	android.permission.BIND_WALLPAPER

Requests dangerous framework permissions 3 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

8b2f55392458900f4ed613cf686d9961_JaffaCakes118
.apk android

com.cootek.smartinputv5.skin.keyboard_theme_gold_dragon

com.cootek.smartinputv5.skin.dummy.PluginAgent

Activities

com.cootek.smartinputv5.skin.dummy.PluginAgent

com.cootek.smartinput.intent.action.PLUGIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE

Receivers

com.appsflyer.MultipleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.cootek.smartinputv5.skin.dummy.func.ReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.cootek.usage.UsageAlarmReceiver

com.cootek.usage.alarm_operation

com.cootek.tark.ads.utility.AppInstallReceiver

android.intent.action.PACKAGE_ADDED
com.cootek.tark.ads.utility.ACTION_INSTALL_AD_CLICKED

com.cootek.smartinputv5.skin.dummy.ThemeInstallReceiver

android.intent.action.PACKAGE_ADDED

com.yandex.metrica.MetricaEventHandler

com.android.vending.INSTALL_REFERRER

com.cootek.tark.ads.utility.SSPReceiver

com.cootek.tark.ads.utility.ACTION_SEND_SSP
com.cootek.tark.ads.utility.ACTION_CHECK_GP_LAUNCH

Services

com.cootek.smartinputv5.skin.dummy.wallpaper.TouchPalWallPaperService

android.service.wallpaper.WallpaperService

com.cootek.smartinputv5.skin.dummy.commercial.CommercialService

com.cootek.smartinput5.skin.PRELOAD_ACTION

com.yandex.metrica.MetricaService

com.yandex.metrica.IMetricaService

Android Permissions

8b2f55392458900f4ed613cf686d9961_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

Sharing

General

Malware Config

Signatures

Files

com.cootek.smartinputv5.skin.keyboard_theme_gold_dragon

com.cootek.smartinputv5.skin.dummy.PluginAgent

Activities

com.cootek.smartinputv5.skin.dummy.PluginAgent

Permissions

Receivers

com.appsflyer.MultipleInstallBroadcastReceiver

com.cootek.smartinputv5.skin.dummy.func.ReferrerReceiver

com.cootek.usage.UsageAlarmReceiver

com.cootek.tark.ads.utility.AppInstallReceiver

com.cootek.smartinputv5.skin.dummy.ThemeInstallReceiver

com.yandex.metrica.MetricaEventHandler

com.cootek.tark.ads.utility.SSPReceiver

Services

com.cootek.smartinputv5.skin.dummy.wallpaper.TouchPalWallPaperService

com.cootek.smartinputv5.skin.dummy.commercial.CommercialService

com.yandex.metrica.MetricaService

Android Permissions

8b2f55392458900f4ed613cf686d9961_JaffaCakes118