a86c4620064df65b29056f4dd28bc762_JaffaCakes118

General

Target

a86c4620064df65b29056f4dd28bc762_JaffaCakes118
Size

14.2MB
MD5

a86c4620064df65b29056f4dd28bc762
SHA1

8711a74026b6524f87ecaf44c6a9aee320faf685
SHA256

5efd0bd013f31c0852621053965330aec3819ddb9915a39988bbeded91f3faf4
SHA512

e6944fb5e7de52a9df3c79b43b379ab593600e2055b3b0ab63d955729e5ad5cd8515f017953cadcb16c0646a4b637df96ddf5d42ba6772adc29b6986c59f87df
SSDEEP

393216:JIJEaTeX5ij1V1o6t1wV576sYAozEBxn2t:YTe8JVK6AjBYAr8t

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 13 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG

Files

a86c4620064df65b29056f4dd28bc762_JaffaCakes118
.apk android arch:arm

com.ddfun

com.ddfun.activity.Welcome

Activities

com.ddfun.activity.Welcome

android.intent.action.MAIN
android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.VIBRATE
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.DISABLE_KEYGUARD
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.LOCAL_MAC_ADDRESS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_LOGS
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.PACKAGE_USAGE_STATS
android.permission.RECEIVE_SMS
android.permission.RESTART_PACKAGES
android.permission.SYSTEM_OVERLAY_WINDOW
android.permission.BATTERY_STATS
android.permission.READ_CONTACTS
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.READ_CALL_LOG
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.REQUEST_DELETE_PACKAGES

Receivers

com.ddfun.broadcast.AppInstallReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_RESTARTED

com.ddfun.broadcast.BootCompletedReceiver

android.intent.action.BOOT_COMPLETED

com.igexin.sdk.PushReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
com.igexin.sdk.action.refreshls
android.intent.action.MEDIA_MOUNTED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.igexin.sdk.PushManagerReceiver

com.igexin.sdk.action.pushmanager

com.igexin.download.DownloadReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.igexin.getuiext.service.PayloadReceiver

com.igexin.sdk.action.7fjUl2Z3LH6xYy7NQK4ni4
com.igexin.sdk.action.5KeSwOjrtv5CG5QuTC2qI8

com.ddfun.broadcast.PushBroadcastReceiver

com.igexin.sdk.action.5KeSwOjrtv5CG5QuTC2qI8

com.ddfun.broadcast.WifiChangeReceiver

android.net.wifi.supplicant.CONNECTION_CHANGE

com.ddfun.broadcast.NetworkChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.android.main.service.PackageReceiver

android.intent.action.PACKAGE_ADDED

com.dtkingmak.pub.service.AppReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
global.action.broadcast.service.check

com.zy.phone.service.BootReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.uniplay.adsdk.PackageReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
android.intent.action.PACKAGE_ADDED

sdf.sd.eads.CNJ

android.intent.action.PACKAGE_ADDED

com.mdad.sdk.mduisdk.CompleteReceiver

android.intent.action.DOWNLOAD_COMPLETE
android.intent.action.DOWNLOAD_NOTIFICATION_CLICKED

Services

com.ddfun.service.DdfunService

com.ddfun.lockscreenservice

com.ddfun.service.MyNotificationListener

android.service.notification.NotificationListenerService

com.ddfun.service.MyAidlService

com.ddfun.service.MyAidlService

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

com.ss.android.socialbase.downloader.remote

com.mdad.sdk.mduisdk.monitor.DetectionService

android.accessibilityservice.AccessibilityService
bdxadsdk.jar
.apk android

Android Permissions

a86c4620064df65b29056f4dd28bc762_JaffaCakes118

Permissions

android.permission.CHANGE_WIFI_STATE

android.permission.WAKE_LOCK

android.permission.VIBRATE

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.DISABLE_KEYGUARD

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.LOCAL_MAC_ADDRESS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.READ_LOGS

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_PHONE_STATE

android.permission.GET_TASKS

android.permission.PACKAGE_USAGE_STATS

android.permission.RECEIVE_SMS

android.permission.RESTART_PACKAGES

android.permission.SYSTEM_OVERLAY_WINDOW

android.permission.BATTERY_STATS

android.permission.READ_CONTACTS

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.READ_CALL_LOG

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.REQUEST_DELETE_PACKAGES

Sharing

General

Malware Config

Signatures

Files

com.ddfun

com.ddfun.activity.Welcome

Activities

com.ddfun.activity.Welcome

com.tencent.tauth.AuthActivity

Permissions

Receivers

com.ddfun.broadcast.AppInstallReceiver

com.ddfun.broadcast.BootCompletedReceiver

com.igexin.sdk.PushReceiver

com.igexin.sdk.PushManagerReceiver

com.igexin.download.DownloadReceiver

com.igexin.getuiext.service.PayloadReceiver

com.ddfun.broadcast.PushBroadcastReceiver

com.ddfun.broadcast.WifiChangeReceiver

com.ddfun.broadcast.NetworkChangeReceiver

com.android.main.service.PackageReceiver

com.dtkingmak.pub.service.AppReceiver

com.zy.phone.service.BootReceiver

com.uniplay.adsdk.PackageReceiver

sdf.sd.eads.CNJ

com.mdad.sdk.mduisdk.CompleteReceiver

Services

com.ddfun.service.DdfunService

com.ddfun.service.MyNotificationListener

com.ddfun.service.MyAidlService

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

com.mdad.sdk.mduisdk.monitor.DetectionService

Android Permissions

a86c4620064df65b29056f4dd28bc762_JaffaCakes118