940797d4a9188c9f1227ca33357ce211_JaffaCakes118

General

Target

940797d4a9188c9f1227ca33357ce211_JaffaCakes118
Size

15.8MB
MD5

940797d4a9188c9f1227ca33357ce211
SHA1

56f69a15b51146f8ed52b4a5cfaef5b494c566bc
SHA256

09d36d6c42b16a405395f83f01ce69b2cc65192f22614db33c69b0fd3893a85b
SHA512

feff7f15b5e5f86c2b94a3a2736aa510b6dfc8cacc52dc82681c2ef454141d9e4f54ed360ca6bc25523fb5a81e6d0210a60f337b60d62056aa26b4a9fae277c8
SSDEEP

393216:IRQcoZ7gPrXUuRsY3VSGP2qHyXvXe8tniSJ9F08g4:IRQcW7KwujSGP2qSvhnjM8g4

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 14 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

940797d4a9188c9f1227ca33357ce211_JaffaCakes118
.apk android arch:arm64 arch:arm arch:mips arch:x86

com.ganqianwang.ganqianwang

com.qihoo.util.StartActivity

Activities

com.mob.tools.MobUIShell

android.intent.action.VIEW
com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

com.ganqianwang.ganqianwang.ui.SplashActivity

android.intent.action.MAIN

com.qihoo.util.StartActivity

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.VIBRATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.INTERNET
android.permission.GET_TASKS
android.permission.REORDER_TASKS
android.permission.READ_LOGS
android.permission.WAKE_LOCK
android.permission.WRITE_SETTINGS
android.permission.MANAGE_ACCOUNTS
android.permission.CHANGE_WIFI_STATE
android.permission.GET_ACCOUNTS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.CAMERA
android.permission.CALL_PHONE
android.permission.RECORD_AUDIO
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_CONTACTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.READ_PHONE_STATE

Receivers

com.umeng.message.RegistrationReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED

com.umeng.message.UmengBroadcastReceiver

org.agoo.android.intent.action.RECEIVE
com.ganqianwang.ganqianwang.intent.action.COMMAND
org.agoo.android.intent.action.RE_ELECTION_V2

Services

com.umeng.message.UmengService

com.ganqianwang.ganqianwang.intent.action.START
com.ganqianwang.ganqianwang.intent.action.COCKROACH
org.agoo.android.intent.action.PING

org.android.agoo.service.ElectionService

org.agoo.android.intent.action.ELECTION_V2

Android Permissions

940797d4a9188c9f1227ca33357ce211_JaffaCakes118

Permissions

android.permission.SYSTEM_ALERT_WINDOW

android.permission.VIBRATE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.INTERNET

android.permission.GET_TASKS

android.permission.REORDER_TASKS

android.permission.READ_LOGS

android.permission.WAKE_LOCK

android.permission.WRITE_SETTINGS

android.permission.MANAGE_ACCOUNTS

android.permission.CHANGE_WIFI_STATE

android.permission.GET_ACCOUNTS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.CAMERA

android.permission.CALL_PHONE

android.permission.RECORD_AUDIO

android.permission.READ_SMS

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.READ_CONTACTS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.CAMERA

android.permission.READ_PHONE_STATE

Sharing

General

Malware Config

Signatures

Files

com.ganqianwang.ganqianwang

com.qihoo.util.StartActivity

Activities

com.mob.tools.MobUIShell

com.ganqianwang.ganqianwang.ui.SplashActivity

com.qihoo.util.StartActivity

Permissions

Receivers

com.umeng.message.RegistrationReceiver

com.umeng.message.UmengBroadcastReceiver

Services

com.umeng.message.UmengService

org.android.agoo.service.ElectionService

Android Permissions

940797d4a9188c9f1227ca33357ce211_JaffaCakes118