aaa99daa48a2a8f2409583c23338a070_JaffaCakes118

General

Target

aaa99daa48a2a8f2409583c23338a070_JaffaCakes118
Size

7.5MB
MD5

aaa99daa48a2a8f2409583c23338a070
SHA1

d5ebe0450ab99a719d0500129567ed476fd9a8f9
SHA256

e872d562d5d18903154bb855f50e2b0bfa2e42f062a097e904767ef16c50a05f
SHA512

ea1cd4ad6d9adaf3223ac3001c4012618e42bb5e625d9cee91cdf59b4d1a617ef5ff4efd17b2345daec78d698e5d30bf75702298eab015a76dc0f2517c03e9d9
SSDEEP

196608:nGV4M8PxLBr7zfHQFPj8FB6s4QsN7WBTVaWLXg5za:GexLtwFPQ74QsN7WBTVaWLXg5e

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to write and read the user's call log data.	android.permission.WRITE_CALL_LOG
Allows an application to add voicemails into the system.	com.android.voicemail.permission.ADD_VOICEMAIL
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to read SMS messages.	android.permission.READ_SMS

Files

aaa99daa48a2a8f2409583c23338a070_JaffaCakes118
.apk android arch:arm64 arch:arm arch:mips arch:x86

com.keramidas.TitaniumBackup

.MainActivity

Activities

.MainActivity

android.intent.action.MAIN

.MyWidgetConfigure

android.appwidget.action.APPWIDGET_CONFIGURE

.MyDataProfileWidgetConfigure

android.appwidget.action.APPWIDGET_CONFIGURE

.ImportBackupActivity

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

.cloud.OAuth2ResponseHandler

android.intent.action.VIEW

com.dropbox.core.android.AuthActivity

android.intent.action.VIEW

.apiBackupRestore.DummyActivity

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_MEDIA_STORAGE
android.permission.WRITE_MEDIA_STORAGE
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.READ_PHONE_STATE
android.permission.GET_ACCOUNTS
android.permission.USE_CREDENTIALS
android.permission.ACCESS_NETWORK_STATE
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
android.permission.READ_CALL_LOG
android.permission.WRITE_CALL_LOG
com.android.voicemail.permission.ADD_VOICEMAIL
com.android.voicemail.permission.READ_WRITE_ALL_VOICEMAIL
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_SUPERUSER
android.permission.BROADCAST_SMS
android.permission.BROADCAST_WAP_PUSH

Receivers

.MyWidget

android.appwidget.action.APPWIDGET_UPDATE

.MyDataProfileWidget

android.appwidget.action.APPWIDGET_UPDATE

.schedules.BootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.EXTERNAL_APPLICATIONS_AVAILABLE
android.intent.action.EXTERNAL_APPLICATIONS_UNAVAILABLE
android.intent.action.PACKAGE_REPLACED

.PackageEventsReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_CHANGED

o.dj

com.keramidas.intent.action.SCHEDULE_NEXT_WAKE_UP

.apiBackupRestore.DummyReceiver

android.provider.Telephony.SMS_DELIVER

.apiBackupRestore.DummyReceiver

android.provider.Telephony.WAP_PUSH_DELIVER

Services

.apiBackupRestore.DummyService

android.intent.action.RESPOND_VIA_MESSAGE
MarketUpdateHelper.apk
.apk android

com.keramidas.MarketUpdateHelper

Android Permissions

aaa99daa48a2a8f2409583c23338a070_JaffaCakes118

Permissions

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_MEDIA_STORAGE

android.permission.WRITE_MEDIA_STORAGE

android.permission.WAKE_LOCK

android.permission.INTERNET

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE

android.permission.READ_PHONE_STATE

android.permission.GET_ACCOUNTS

android.permission.USE_CREDENTIALS

android.permission.ACCESS_NETWORK_STATE

com.android.browser.permission.READ_HISTORY_BOOKMARKS

com.android.browser.permission.WRITE_HISTORY_BOOKMARKS

android.permission.READ_CALL_LOG

android.permission.WRITE_CALL_LOG

com.android.voicemail.permission.ADD_VOICEMAIL

com.android.voicemail.permission.READ_WRITE_ALL_VOICEMAIL

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_SUPERUSER

android.permission.BROADCAST_SMS

android.permission.BROADCAST_WAP_PUSH

Sharing

General

Malware Config

Signatures

Files

com.keramidas.TitaniumBackup

.MainActivity

Activities

.MainActivity

.MyWidgetConfigure

.MyDataProfileWidgetConfigure

.ImportBackupActivity

.cloud.OAuth2ResponseHandler

com.dropbox.core.android.AuthActivity

.apiBackupRestore.DummyActivity

Permissions

Receivers

.MyWidget

.MyDataProfileWidget

.schedules.BootReceiver

.PackageEventsReceiver

o.dj

.apiBackupRestore.DummyReceiver

.apiBackupRestore.DummyReceiver

Services

.apiBackupRestore.DummyService

com.keramidas.MarketUpdateHelper

Android Permissions

aaa99daa48a2a8f2409583c23338a070_JaffaCakes118