95d7b43bb203cccb6c556ec9f808e3a5_JaffaCakes118

General

Target

95d7b43bb203cccb6c556ec9f808e3a5_JaffaCakes118
Size

29.8MB
MD5

95d7b43bb203cccb6c556ec9f808e3a5
SHA1

fd2fe0d96464babad07b5d03f42b4694a280a0af
SHA256

512a8b424b79244152fc7a20d18baac239692aeca71554726c01a88580306353
SHA512

c1d48043c7390ec5c759c3c10722204b2e4397f933bc5bbeafd38c35fb89a71f87b183699076c275f705d65b79f6dc067b6002c0a2c9f390a58c8e2e33c9f637
SSDEEP

393216:xgtLFCpN3mIPNX/PsjhBkPrVi//T4Hf8ev5g4CLJmBKwp78+eltqSDeFwfToDCRc:OnQ3mIZETy8Qv5cxqWltqSDMDCRc

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

95d7b43bb203cccb6c556ec9f808e3a5_JaffaCakes118
.apk android arch:arm

com.sg.android.devil

.killdevils

Activities

.killdevils

android.intent.action.MAIN

Permissions

com.android.vending.BILLING
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.READ_LOGS
android.permission.ACCESS_WIFI_STATE
android.permission.SEND_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CHANGE_WIFI_STATE
android.permission.GET_TASKS
android.permission.ACCESS_FINE_LOCATION
android.permission.RESTART_PACKAGES
android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Receivers

net.youmi.android.AdReceiver

android.intent.action.PACKAGE_ADDED

com.sg.android.google.BillingReceiver

com.android.vending.billing.IN_APP_NOTIFY
com.android.vending.billing.RESPONSE_CODE
com.android.vending.billing.PURCHASE_STATE_CHANGED

mm.sms.purchasesdk.sms.SMSReceiver

aspire.iap.SMS_SEND_ACTIOIN
aspire.iap.SMS_DELIVERED_ACTION

Services
alipay_plugin223_0309.apk
.apk android arch:arm

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

android.intent.action.MAIN

.activity.Alerter

android.intent.action.MAIN

.activity.Welcome

android.intent.action.MAIN

.activity.Updater

android.intent.action.MAIN

.activity.PageForBrowser

android.intent.action.VIEW

.activity.CertBiz

android.intent.action.MAIN

.activity.MessageActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
com.aliyun.xiaoyunmi.alipay

Receivers

.AlixReceiver

com.aliyun.xiaoyunmi.alipay_exit

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

Android Permissions

95d7b43bb203cccb6c556ec9f808e3a5_JaffaCakes118

Permissions

com.android.vending.BILLING

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.READ_LOGS

android.permission.ACCESS_WIFI_STATE

android.permission.SEND_SMS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CHANGE_WIFI_STATE

android.permission.GET_TASKS

android.permission.ACCESS_FINE_LOCATION

android.permission.RESTART_PACKAGES

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Sharing

General

Malware Config

Signatures

Files

com.sg.android.devil

.killdevils

Activities

.killdevils

Permissions

Receivers

net.youmi.android.AdReceiver

com.sg.android.google.BillingReceiver

mm.sms.purchasesdk.sms.SMSReceiver

Services

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

.activity.Alerter

.activity.Welcome

.activity.Updater

.activity.PageForBrowser

.activity.CertBiz

.activity.MessageActivity

Permissions

Receivers

.AlixReceiver

Services

.AlixService

Android Permissions

95d7b43bb203cccb6c556ec9f808e3a5_JaffaCakes118