adf5fcec1af55d26260ec61f1518823c_JaffaCakes118

General

Target

adf5fcec1af55d26260ec61f1518823c_JaffaCakes118
Size

15.4MB
MD5

adf5fcec1af55d26260ec61f1518823c
SHA1

0252ac1dad91637aeb618cdabe67e464401a8232
SHA256

d20cbab9dc5c3c36a258979eb56c3bb611e9a1112c7233ee9fd8eb2928523be7
SHA512

c90ccc6b9ecf72df5243e4d511ba3c9e5b9a8dc19d7d90c2db81ac21847491e8c47b5076329ed78524f83407cc80b9690d855c1ab754fe7acc5d818fc3d4cecc
SSDEEP

393216:oZ3GR8FJcrJaBcV4Ec2poP0SXE8A8qjEpOlkFlo8MyN9oXzGBt:w3bJQJccVdpqXBA8qQpUkFloyWqBt

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by remote views services to bind with the system. Allows apps to share and display views across different processes.	android.permission.BIND_REMOTEVIEWS

Requests dangerous framework permissions 11 IoCs

description	ioc
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS

Files

adf5fcec1af55d26260ec61f1518823c_JaffaCakes118
.apk android arch:arm

com.yidian.gif

com.yidian.news.ui.guide.UserGuideActivity

Activities

com.yidian.news.ui.guide.UserGuideActivity

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.MAIN

cn.jpush.android.ui.PushActivity

cn.jpush.android.ui.PushActivity

com.yidian.news.ui.lists.ContentListActivity

android.intent.action.VIEW

com.yidian.news.ui.content.NewsActivity

android.intent.action.VIEW

com.yidian.news.ui.content.DeepLinkRouterActivity

android.intent.action.VIEW

com.yidian.news.ui.publishjoke.JokePublishActivity

android.intent.action.VIEW

com.yidian.news.ui.novel.BookShelfActivity

android.intent.action.VIEW

com.yidian.news.ui.novel.BookInfoActivity

android.intent.action.VIEW

com.yidian.news.ui.payfm.CashierActivity

android.intent.action.VIEW

com.yidian.news.ui.payfm.PayFmAlbumDetailActivity

android.intent.action.VIEW

com.hipu.yidian.wxapi.WXPayEntryActivity

android.intent.action.VIEW
android.intent.action.VIEW

com.xiaomi.account.openauth.AuthorizeActivity

com.xiaomi.account.openauth.action.AUTH

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.yidian.news.ui.ugc.view.impl.UGCActivity

android.intent.action.VIEW

com.yidian.frameworks.plugin.stub.p0.StubStandardActivity1

com.intent.action.ACTION_STUB_PLUGIN

com.yidian.frameworks.plugin.stub.p0.StubStandardActivity2

com.intent.action.ACTION_STUB_PLUGIN

com.yidian.frameworks.plugin.stub.p0.StubStandardActivity3

com.intent.action.ACTION_STUB_PLUGIN

com.yidian.frameworks.plugin.stub.p0.StubStandardActivity4

com.intent.action.ACTION_STUB_PLUGIN

Permissions

android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.INTERNET
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.BROADCAST_STICKY
android.permission.GET_TASKS
android.permission.REORDER_TASKS
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.VIBRATE
android.permission.WRITE_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
com.xiaomi.permission.AUTH_SERVICE
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
android.permission.ACCESS_COARSE_LOCATION
android.permission.READ_CONTACTS
android.permission.ACCESS_FINE_LOCATION
android.permission.RECEIVE_SMS
android.permission.READ_SMS
com.android.launcher.permission.READ_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WAKE_LOCK
android.permission.READ_LOGS
android.permission.CHANGE_CONFIGURATION
com.yidian.gif.permission.MIPUSH_RECEIVE
com.yidian.gif.permission.JPUSH_MESSAGE
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.RESTART_PACKAGES

Receivers

cn.jpush.android.service.PushReceiver

cn.jpush.android.intent.NOTIFICATION_RECEIVED_PROXY
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.yidian.news.push.jpush.YdJPushMessageReceiver

cn.jpush.android.intent.REGISTRATION
cn.jpush.android.intent.MESSAGE_RECEIVED
cn.jpush.android.intent.NOTIFICATION_RECEIVED
cn.jpush.android.intent.NOTIFICATION_OPENED
cn.jpush.android.intent.ACTION_RICHPUSH_CALLBACK
cn.jpush.android.intent.CONNECTION

com.yidian.news.HipuReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.DOWNLOAD_COMPLETE
com.hipu.yidian.TVLIVE_OPEN
com.hipu.yidian.TVLIVE_CLOSE

com.yidian.news.push.YdPushMessageReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.MESSAGE_ARRIVED
com.xiaomi.mipush.ERROR

com.xiaomi.push.service.receivers.NetworkStatusReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.xiaomi.push.service.receivers.PingReceiver

com.xiaomi.push.PING_TIMER

com.yidian.news.util.fetchnews.WakeReceiver

com.wake.gray
android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.DATE_CHANGED
android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_UNMOUNTED
android.intent.action.USER_PRESENT
android.intent.action.SCREEN_OFF
android.intent.action.SCREEN_ON
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.yidian.news.widget.YidianAppWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE

com.yidian.news.widget.AlarmManagerBroadcastReceiver

updateWidgetBroadcast

com.yidian.news.test.TestCmdReceiver

com.yidian.test

com.yidian.news.receiver.AppReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_REMOVED

com.taobao.accs.EventReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.taobao.accs.ServiceReceiver

com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO

com.taobao.agoo.AgooCommondReceiver

com.yidian.gif.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED

Services

com.yidian.gif.util.fetchnews.KeepAliveSyncService

android.content.SyncAdapter

com.yidian.gif.util.fetchnews.GenericAccountService

android.accounts.AccountAuthenticator

cn.jpush.android.service.DaemonService

cn.jpush.android.intent.DaemonService

com.yidian.news.util.NotifyService

com.yidian.ACTION_START_PREFETCH

cn.jpush.android.service.PushService

cn.jpush.android.intent.REGISTER
cn.jpush.android.intent.REPORT
cn.jpush.android.intent.PushService
cn.jpush.android.intent.PUSH_TIME

com.taobao.accs.ChannelService

com.taobao.accs.intent.action.SERVICE
com.taobao.accs.intent.action.ELECTION

com.taobao.accs.data.MsgDistributeService

com.taobao.accs.intent.action.RECEIVE

org.android.agoo.accs.AgooService

com.taobao.accs.intent.action.RECEIVE

com.umeng.message.UmengIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.XiaomiIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.UmengMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.messge.registercallback.action
com.umeng.message.enablecallback.action
com.umeng.message.disablecallback.action
com.umeng.message.message.handler.action

Android Permissions

adf5fcec1af55d26260ec61f1518823c_JaffaCakes118

Permissions

android.permission.CHANGE_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.INTERNET

android.permission.CAMERA

android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.BROADCAST_STICKY

android.permission.GET_TASKS

android.permission.REORDER_TASKS

android.permission.GET_ACCOUNTS

android.permission.MANAGE_ACCOUNTS

android.permission.VIBRATE

android.permission.WRITE_SETTINGS

android.permission.WRITE_SYNC_SETTINGS

com.xiaomi.permission.AUTH_SERVICE

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

android.permission.ACCESS_COARSE_LOCATION

android.permission.READ_CONTACTS

android.permission.ACCESS_FINE_LOCATION

android.permission.RECEIVE_SMS

android.permission.READ_SMS

com.android.launcher.permission.READ_SETTINGS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WAKE_LOCK

android.permission.READ_LOGS

android.permission.CHANGE_CONFIGURATION

com.yidian.gif.permission.MIPUSH_RECEIVE

com.yidian.gif.permission.JPUSH_MESSAGE

android.permission.BROADCAST_PACKAGE_ADDED

android.permission.BROADCAST_PACKAGE_CHANGED

android.permission.BROADCAST_PACKAGE_INSTALL

android.permission.BROADCAST_PACKAGE_REPLACED

android.permission.RESTART_PACKAGES

Sharing

General

Malware Config

Signatures

Files

com.yidian.gif

com.yidian.news.ui.guide.UserGuideActivity

Activities

com.yidian.news.ui.guide.UserGuideActivity

cn.jpush.android.ui.PushActivity

com.yidian.news.ui.lists.ContentListActivity

com.yidian.news.ui.content.NewsActivity

com.yidian.news.ui.content.DeepLinkRouterActivity

com.yidian.news.ui.publishjoke.JokePublishActivity

com.yidian.news.ui.novel.BookShelfActivity

com.yidian.news.ui.novel.BookInfoActivity

com.yidian.news.ui.payfm.CashierActivity

com.yidian.news.ui.payfm.PayFmAlbumDetailActivity

com.hipu.yidian.wxapi.WXPayEntryActivity

com.xiaomi.account.openauth.AuthorizeActivity

com.tencent.tauth.AuthActivity

com.yidian.news.ui.ugc.view.impl.UGCActivity

com.yidian.frameworks.plugin.stub.p0.StubStandardActivity1

com.yidian.frameworks.plugin.stub.p0.StubStandardActivity2

com.yidian.frameworks.plugin.stub.p0.StubStandardActivity3

com.yidian.frameworks.plugin.stub.p0.StubStandardActivity4

Permissions

Receivers

cn.jpush.android.service.PushReceiver

com.yidian.news.push.jpush.YdJPushMessageReceiver

com.yidian.news.HipuReceiver

com.yidian.news.push.YdPushMessageReceiver

com.xiaomi.push.service.receivers.NetworkStatusReceiver

com.xiaomi.push.service.receivers.PingReceiver

com.yidian.news.util.fetchnews.WakeReceiver

com.yidian.news.widget.YidianAppWidgetProvider

com.yidian.news.widget.AlarmManagerBroadcastReceiver

com.yidian.news.test.TestCmdReceiver

com.yidian.news.receiver.AppReceiver

com.taobao.accs.EventReceiver

com.taobao.accs.ServiceReceiver

com.taobao.agoo.AgooCommondReceiver

Services

com.yidian.gif.util.fetchnews.KeepAliveSyncService

com.yidian.gif.util.fetchnews.GenericAccountService

cn.jpush.android.service.DaemonService

com.yidian.news.util.NotifyService

cn.jpush.android.service.PushService

com.taobao.accs.ChannelService

com.taobao.accs.data.MsgDistributeService

org.android.agoo.accs.AgooService

com.umeng.message.UmengIntentService

com.umeng.message.XiaomiIntentService

com.umeng.message.UmengMessageIntentReceiverService

com.umeng.message.UmengMessageCallbackHandlerService

Android Permissions

adf5fcec1af55d26260ec61f1518823c_JaffaCakes118