a6ea358408f738b43ba1b74b090823cf_JaffaCakes118

General

Target

a6ea358408f738b43ba1b74b090823cf_JaffaCakes118
Size

15.6MB
MD5

a6ea358408f738b43ba1b74b090823cf
SHA1

29a62d9d28416b3d607fdaa9cd3015c95272bf62
SHA256

14f93b5cc6c23e4b12ca135925299f84378fc59c2fbab34a60237ce9cb45ff96
SHA512

3ab0d356425a1697bf3eff302a2510b20c09b311001580911beb4ec0e09b58317861dfde0f9ee5d98defb1a25c097e5a4867461d6273e5c5f63a27de2f1a305f
SSDEEP

196608:AZq9UW3FaqO0XfHIcRGYnnV9KUKbGslx01E2NMWEChvJ6TzSBA1h8oSS5FSwX8ON:+o73NXgwGUg9WLBcTe+EoSkcg85MlDF

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 8 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to record audio.	android.permission.RECORD_AUDIO

Files

a6ea358408f738b43ba1b74b090823cf_JaffaCakes118
.apk android arch:arm

com.ciwong.afterclass

com.ciwong.epaper.ui.LoginActivity

Activities

com.ciwong.epaper.ui.LoginActivity

android.intent.action.MAIN

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.CAMERA
android.permission.ACCESS_WIFI_STATE
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.RECORD_AUDIO
android.permission.CHANGE_WIFI_STATE
android.permission.FLASHLIGHT
android.permission.ACCESS_GPS
android.permission.CALL_PHONE
org.simalliance.openmobileapi.SMARTCARD
android.permission.NFC
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
UPPayPluginEx.apk
.apk android arch:arm64 arch:arm arch:mips arch:x86

com.unionpay.uppay

com.unionpay.uppay.PayActivity

Activities

com.unionpay.uppay.PayActivity

android.intent.action.Run
android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
org.simalliance.openmobileapi.SMARTCARD
com.tencent.mtt.extension.Player
android.webkit.permission.PLUGIN
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.NFC

Services

com.UCMobile.PayPlugin.PayPluginService

android.webkit.PLUGIN

com.unionpay.mobile.android.vipos.colorful.CSwiperCallStateService

.CALL_STATE

Android Permissions

a6ea358408f738b43ba1b74b090823cf_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

android.permission.READ_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.CAMERA

android.permission.ACCESS_WIFI_STATE

android.permission.VIBRATE

android.permission.WAKE_LOCK

android.permission.RECORD_AUDIO

android.permission.CHANGE_WIFI_STATE

android.permission.FLASHLIGHT

android.permission.ACCESS_GPS

android.permission.CALL_PHONE

org.simalliance.openmobileapi.SMARTCARD

android.permission.NFC

android.permission.RECORD_AUDIO

android.permission.MODIFY_AUDIO_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.ciwong.afterclass

com.ciwong.epaper.ui.LoginActivity

Activities

com.ciwong.epaper.ui.LoginActivity

com.tencent.tauth.AuthActivity

Permissions

com.unionpay.uppay

com.unionpay.uppay.PayActivity

Activities

com.unionpay.uppay.PayActivity

Permissions

Services

com.UCMobile.PayPlugin.PayPluginService

com.unionpay.mobile.android.vipos.colorful.CSwiperCallStateService

Android Permissions

a6ea358408f738b43ba1b74b090823cf_JaffaCakes118