91d21198e5e8fb2d3453302bce057cc0_JaffaCakes118

General

Target

91d21198e5e8fb2d3453302bce057cc0_JaffaCakes118
Size

13.0MB
MD5

91d21198e5e8fb2d3453302bce057cc0
SHA1

e6d7d3ff6aecbcb3361cbb2f65bf9ccb280d531a
SHA256

06a48b0fe4de04a0ef269f8b8a882bf81d37db4b50a3165b82286fbe13886f9d
SHA512

62685767061b2ab884ec266f9608e277935bdbb5fcb2a5c41e389afea09f9206e29bc9284716af23432ad6570294bbf41ce40ae042140e367db37ec00880ca21
SSDEEP

393216:tSB5C87HHOxMF7jL9vqIqqMPHavlMVNKPMAVnGlqPZQM7JAwd9r78iAjM8GBk1b:EhTF7FvqPzPMUK1VnGlc2Pwf7uvTb

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

91d21198e5e8fb2d3453302bce057cc0_JaffaCakes118
.apk android arch:arm64 arch:arm arch:mips arch:mips64 arch:x86 arch:x64

com.richba.linkwin

com.qihoo.util.StartActivity

Activities

.ui.activity.WelcomeActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.qihoo.util.StartActivity

android.intent.action.MAIN

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

.wbapi.WBShareActivity

com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

Permissions

android.permission.RECORD_AUDIO
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.DISABLE_KEYGUARD
android.permission.ACCESS_WIFI_STATE
android.permission.EXPAND_STATUS_BAR
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS

Services

.service_broadcast.DaemonService

com.richba.linkwin.daemon.DaemonService

Android Permissions

91d21198e5e8fb2d3453302bce057cc0_JaffaCakes118

Permissions

android.permission.RECORD_AUDIO

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_SETTINGS

android.permission.VIBRATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_EXTERNAL_STORAGE

android.permission.ACCESS_DOWNLOAD_MANAGER

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.DISABLE_KEYGUARD

android.permission.ACCESS_WIFI_STATE

android.permission.EXPAND_STATUS_BAR

android.permission.CHANGE_WIFI_STATE

android.permission.WAKE_LOCK

android.permission.READ_LOGS

android.permission.READ_PHONE_STATE

android.permission.GET_TASKS

Sharing

General

Malware Config

Signatures

Files

com.richba.linkwin

com.qihoo.util.StartActivity

Activities

.ui.activity.WelcomeActivity

com.qihoo.util.StartActivity

com.tencent.tauth.AuthActivity

.wbapi.WBShareActivity

Permissions

Services

.service_broadcast.DaemonService

Android Permissions

91d21198e5e8fb2d3453302bce057cc0_JaffaCakes118