8cc5e88347c4bb08c5f265c509277775_JaffaCakes118

General

Target

8cc5e88347c4bb08c5f265c509277775_JaffaCakes118
Size

22.1MB
MD5

8cc5e88347c4bb08c5f265c509277775
SHA1

0b5cabe518d463749f6b010318d079edc158cf35
SHA256

eb79f86d335199d0a7ab5963efa45b6e237b60607b546d9d55c23b825c70dc50
SHA512

19fe01793ec610b3c4057bca01b39d512627d9f6dfd073b155214ef9b311c3622beb7a686ddcba1a319f9b46f43ee7737f84ba7dd3aabb88df788bbfa982b7a0
SSDEEP

393216:s8bRdb/btkIJMCL2CPNvGeRVqyc2Dpe7FOJwjUc2FRDxi2JJvODCEHpYf:sydb/btkIJ9fxGeLqYY7njSFRDxpJYDu

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

8cc5e88347c4bb08c5f265c509277775_JaffaCakes118
.apk android arch:arm

com.lixiangdong.textscanner

com.baidu.ocr.demo.activity.SplashActivity

Activities

com.baidu.ocr.demo.activity.SplashActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.sina.weibo.sdk.share.WbShareTransActivity

com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

com.sina.weibo.sdk.share.WbShareToStoryActivity

com.sina.weibo.sdk.action.ACTION_SDK_REQ_STORY

Permissions

android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
com.lixiangdong.textscanner.permission.JPUSH_MESSAGE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.google.android.c2dm.permission.RECEIVE
com.lixiangdong.textscanner.permission.C2D_MESSAGE

Receivers

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.v14.RUN_JOB
net.vrallev.android.job.v14.RUN_JOB

com.evernote.android.job.JobBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.MY_PACKAGE_REPLACED

cn.jpush.android.service.PushReceiver

cn.jpush.android.intent.NOTIFICATION_RECEIVED_PROXY
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

com.evernote.android.job.gcm.PlatformGcmService

com.google.android.gms.gcm.ACTION_TASK_READY

jiguang.chat.MyService

cn.jiguang.user.service.action

cn.jpush.android.service.DaemonService

cn.jpush.android.intent.DaemonService

com.talkingdata.sdk.TDAntiCheatingService

com.talkingdata.sdk.TDAntiCheatingService

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

com.ss.android.socialbase.downloader.remote

Android Permissions

8cc5e88347c4bb08c5f265c509277775_JaffaCakes118

Permissions

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.CAMERA

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.WAKE_LOCK

android.permission.CHANGE_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

com.lixiangdong.textscanner.permission.JPUSH_MESSAGE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

com.google.android.c2dm.permission.RECEIVE

com.lixiangdong.textscanner.permission.C2D_MESSAGE

Sharing

General

Malware Config

Signatures

Files

com.lixiangdong.textscanner

com.baidu.ocr.demo.activity.SplashActivity

Activities

com.baidu.ocr.demo.activity.SplashActivity

com.tencent.tauth.AuthActivity

com.sina.weibo.sdk.share.WbShareTransActivity

com.sina.weibo.sdk.share.WbShareToStoryActivity

Permissions

Receivers

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.JobBootReceiver

cn.jpush.android.service.PushReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

com.evernote.android.job.gcm.PlatformGcmService

jiguang.chat.MyService

cn.jpush.android.service.DaemonService

com.talkingdata.sdk.TDAntiCheatingService

com.google.firebase.iid.FirebaseInstanceIdService

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

Android Permissions

8cc5e88347c4bb08c5f265c509277775_JaffaCakes118