a51a8e0628b04f7d7ba07586aa9566db_JaffaCakes118

General

Target

a51a8e0628b04f7d7ba07586aa9566db_JaffaCakes118
Size

6.1MB
MD5

a51a8e0628b04f7d7ba07586aa9566db
SHA1

57174cffe361aa69eaa9895c1b1810e8690a16a9
SHA256

cb6be086fa5346c5d6ba3c252c5dd25bd46598ac712d7a85f67fc38d1b58a828
SHA512

0094c8d2ecc7517760c64ca241699df63d28472ad6309f2527d0de9c0e8b33d33b97cbdda932d620bb96983172f05f5ad1c04c26524ed1b791085c6c31a1ea3f
SSDEEP

98304:pKxOv5CPjg/v5X8DPsR1hE1xC92IvxoYwDQEojAh2BSjk3PW3Wn83:xCSB+w1hE1xMxNw8EI2gO3ic

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS

Files

a51a8e0628b04f7d7ba07586aa9566db_JaffaCakes118
.apk android arch:arm64 arch:arm arch:mips arch:mips64 arch:x86 arch:x64

com.rhinocerosstory

com.rhinocerosstory.main.ui.Welcome

Activities

com.rhinocerosstory.main.ui.Welcome

android.intent.action.VIEW
android.intent.action.MAIN

com.rhinocerosstory.story.read.ui.ReadStory

android.intent.action.VIEW

com.rhinocerosstory.accountInfo.displayUserInfo.UserInfo

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.READ_LOGS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.VIBRATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_TASKS
android.permission.WRITE_SETTINGS
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.RESTART_PACKAGES
android.permission.GET_ACCOUNTS
android.permission.SEND_SMS
android.permission.RECEIVE_SMS
android.permission.READ_SMS

Receivers

com.umeng.message.SystemReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED

com.umeng.message.MessageReceiver

org.agoo.android.intent.action.RECEIVE

com.umeng.message.ElectionReceiver

org.agoo.android.intent.action.ELECTION_RESULT_V4

com.umeng.message.RegistrationReceiver

com.rhinocerosstory.intent.action.COMMAND

com.umeng.message.UmengMessageBootReceiver

android.intent.action.BOOT_COMPLETED

Services

com.umeng.message.UmengService

com.rhinocerosstory.intent.action.START
com.rhinocerosstory.intent.action.COCKROACH
org.agoo.android.intent.action.PING_V4

com.umeng.message.UmengMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService
org.android.agoo.client.ElectionReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.messge.registercallback.action
com.umeng.message.unregistercallback.action
com.umeng.message.message.handler.action
com.umeng.message.autoupdate.handler.action

Android Permissions

a51a8e0628b04f7d7ba07586aa9566db_JaffaCakes118

Permissions

android.permission.READ_LOGS

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WAKE_LOCK

android.permission.VIBRATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.GET_TASKS

android.permission.WRITE_SETTINGS

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.BROADCAST_PACKAGE_ADDED

android.permission.BROADCAST_PACKAGE_CHANGED

android.permission.BROADCAST_PACKAGE_INSTALL

android.permission.BROADCAST_PACKAGE_REPLACED

android.permission.RESTART_PACKAGES

android.permission.GET_ACCOUNTS

android.permission.SEND_SMS

android.permission.RECEIVE_SMS

android.permission.READ_SMS

Sharing

General

Malware Config

Signatures

Files

com.rhinocerosstory

com.rhinocerosstory.main.ui.Welcome

Activities

com.rhinocerosstory.main.ui.Welcome

com.rhinocerosstory.story.read.ui.ReadStory

com.rhinocerosstory.accountInfo.displayUserInfo.UserInfo

com.tencent.tauth.AuthActivity

Permissions

Receivers

com.umeng.message.SystemReceiver

com.umeng.message.MessageReceiver

com.umeng.message.ElectionReceiver

com.umeng.message.RegistrationReceiver

com.umeng.message.UmengMessageBootReceiver

Services

com.umeng.message.UmengService

com.umeng.message.UmengMessageIntentReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

Android Permissions

a51a8e0628b04f7d7ba07586aa9566db_JaffaCakes118