997599b3c729809e96245f3a5a098aef_JaffaCakes118

General

Target

997599b3c729809e96245f3a5a098aef_JaffaCakes118
Size

9.2MB
MD5

997599b3c729809e96245f3a5a098aef
SHA1

cc2f9d3dce3738c4e736a825b4a40c0d31d833c5
SHA256

d8f86faacdae0ee022820b3b432d0ec7599cf223953655fea678cbc94d5ce45c
SHA512

c7ca1db45b163a73a626d2f27cd4dc3f0f351eb30488ee9bd2e391673433b7ef5a64a4cc2e4811a906ea30896db3b6b22ce079a19dc8ecb53368b96a58792b62
SSDEEP

196608:PbRbOM2WrGdxQmSKOuNIRuuCbV5oINM1OflduOFTJkwj1Es:1baCQxQ/AsufxaKDrJzjJ

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION

Files

997599b3c729809e96245f3a5a098aef_JaffaCakes118
.apk android arch:arm

free.vpn.unblock.proxy.vpnmaster

com.quickdy.vpn.app.MainActivity

Activities

com.quickdy.vpn.app.MainActivity

android.intent.action.MAIN

com.quickdy.vpn.app.InviteFromFacebookActivity

android.intent.action.VIEW

com.mobvista.msdk.shell.MVActivity

android.intent.action.CREATE_SHORTCUT

Permissions

com.android.vending.BILLING
android.permission.GET_ACCOUNTS
com.google.android.gms.permission.ACTIVITY_RECOGNITION
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.GET_TASKS
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RUN_INSTRUMENTATION
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RESTART_PACKAGES
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE
free.vpn.unblock.proxy.vpnmaster.permission.C2D_MESSAGE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
com.google.android.providers.gsf.permission.READ_GSERVICES

Receivers

com.quickdy.vpn.receiver.BootCompleteReceiver

android.intent.action.BOOT_COMPLETED

com.appsflyer.MultipleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.google.android.gms.analytics.AnalyticsReceiver

com.google.android.gms.analytics.ANALYTICS_DISPATCH

com.google.android.gms.analytics.CampaignTrackingReceiver

com.android.vending.INSTALL_REFERRER

com.quickdy.vpn.receiver.AppInstallReceiver

com.android.vending.INSTALL_REFERRER
android.intent.action.PACKAGE_ADDED

com.quickdy.vpn.receiver.WifiStatusChangedReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.duapps.ad.base.PackageAddReceiver

android.intent.action.PACKAGE_ADDED

co.allconnected.lib.vip.receiver.DuappsAdReceiver

com.duapps.ad.ACTION_INSTALL

co.allconnected.lib.ad.receiver.HomeAdBroadcastReceiver

android.intent.action.PACKAGE_ADDED

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

free.vpn.unblock.proxy.vpnmaster.Cache_ViewSomeReceiver

ACTION.TAPCORE.MESSAGE
ACTION.TAPCORE.SYNC
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

com.inmobi.commons.analytics.androidsdk.InMAdTrackerReceiver

com.android.vending.INSTALL_REFERRER
android.net.conn.CONNECTIVITY_CHANGE
com.inmobi.share.id

Services

co.allconnected.lib.openvpn.OpenVpnService

android.net.VpnService

com.quickdy.vpn.service.InitializeService

com.quickdy.vpn.service.action.INIT

com.quickdy.vpn.service.FirebasePushService

com.google.firebase.MESSAGING_EVENT

com.quickdy.vpn.service.FirebaseInstService

com.google.firebase.INSTANCE_ID_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.yandex.metrica.MetricaService

com.yandex.metrica.IMetricaService

Android Permissions

997599b3c729809e96245f3a5a098aef_JaffaCakes118

Permissions

com.android.vending.BILLING

android.permission.GET_ACCOUNTS

com.google.android.gms.permission.ACTIVITY_RECOGNITION

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.GET_TASKS

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.RUN_INSTRUMENTATION

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.RESTART_PACKAGES

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WAKE_LOCK

com.google.android.c2dm.permission.RECEIVE

free.vpn.unblock.proxy.vpnmaster.permission.C2D_MESSAGE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

com.google.android.providers.gsf.permission.READ_GSERVICES

Sharing

General

Malware Config

Signatures

Files

free.vpn.unblock.proxy.vpnmaster

com.quickdy.vpn.app.MainActivity

Activities

com.quickdy.vpn.app.MainActivity

com.quickdy.vpn.app.InviteFromFacebookActivity

com.mobvista.msdk.shell.MVActivity

Permissions

Receivers

com.quickdy.vpn.receiver.BootCompleteReceiver

com.appsflyer.MultipleInstallBroadcastReceiver

com.google.android.gms.analytics.AnalyticsReceiver

com.google.android.gms.analytics.CampaignTrackingReceiver

com.quickdy.vpn.receiver.AppInstallReceiver

com.quickdy.vpn.receiver.WifiStatusChangedReceiver

com.duapps.ad.base.PackageAddReceiver

co.allconnected.lib.vip.receiver.DuappsAdReceiver

co.allconnected.lib.ad.receiver.HomeAdBroadcastReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

free.vpn.unblock.proxy.vpnmaster.Cache_ViewSomeReceiver

com.inmobi.commons.analytics.androidsdk.InMAdTrackerReceiver

Services

co.allconnected.lib.openvpn.OpenVpnService

com.quickdy.vpn.service.InitializeService

com.quickdy.vpn.service.FirebasePushService

com.quickdy.vpn.service.FirebaseInstService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.iid.FirebaseInstanceIdService

com.yandex.metrica.MetricaService

Android Permissions

997599b3c729809e96245f3a5a098aef_JaffaCakes118