b1b059a54df974421c3ec37fd58f0836_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b1b059a54df974421c3ec37fd58f0836_JaffaCakes118
Size

6.0MB
MD5

b1b059a54df974421c3ec37fd58f0836
SHA1

2f3f9ccfeb7c336f13b227b4364c7e3b62d8481c
SHA256

6616d2345c094906a22d15cd0dc6bed654742a1794d13eb81ac124431bd22261
SHA512

447e8ffa3e2ac7900a9392fb999856f18b0fb8a78c3c898f08d8920fa9af0d5accfff76d7237edee782f6c22ebbddb581a806833c15b04d77f149316c93ef505
SSDEEP

98304:bnxRnoT33x9EpzTi1MRzugFixpfa2NkcMCbO4L1A2h79eVolIZbO8COySuhz3+Cq:tRnorEzKMR6gFOJkFCVD79eVoobOJSkK

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION

Files

b1b059a54df974421c3ec37fd58f0836_JaffaCakes118
.apk android arch:arm arch:x86

com.zhongli.pay

com.qihoo.util.StartActivity

Activities

com.zhongli.pay.guider.SwitchActivity

android.intent.action.MAIN

com.zhongli.pay.main.SplashActivity

android.intent.action.MAIN

com.qihoo.util.StartActivity

android.intent.action.MAIN

.main.CellBankCenter

android.intent.action.MAIN

.main.login.LoginActivity

android.intent.action.MAIN

.main.login.RegisterActivity

android.intent.action.MAIN

.user.activity.SetPayPwd

android.intent.action.MAIN

.user.business.TransferAccounts

com.buybal.pay.bankBusiness.TransferAccounts
android.intent.action.MAIN

.user.business.WithDrawActivity

com.buybal.pay.bankBusiness.WithDrawActivity
android.intent.action.MAIN

.user.business.SelectBankActivity

android.intent.action.MAIN

.user.business.SelectProvince

android.intent.action.MAIN

.user.business.SelectRegion

android.intent.action.MAIN

.user.business.SelectCity

android.intent.action.MAIN

.user.business.SelectBank

android.intent.action.MAIN

.user.business.SelectSubBank

android.intent.action.MAIN

.user.activity.UserFundInquiry

android.intent.action.MAIN

.user.activity.UserInqueryResult

android.intent.action.MAIN

.user.activity.UserInqueryDetail

android.intent.action.MAIN

.user.business.AuthenticationCenter

android.intent.action.MAIN

.user.business.SelectAreaInfo

android.intent.action.MAIN

.user.business.SelectBankInfo

android.intent.action.MAIN

.main.UserCenter

android.intent.action.MAIN

.mpos.RecordMPosUser

android.intent.action.MAIN

.main.AccountServiceCenter

android.intent.action.MAIN

.user.activity.AuthMobile

android.intent.action.MAIN

.user.activity.ForgetLoginPwd

android.intent.action.MAIN

.shoukuan.PosShouKuan

android.intent.action.MAIN

.shoukuan.SelectPos

android.intent.action.MAIN

.mpos.BluthPosActivity

android.intent.action.MAIN

.mpos.AtyDeviceList

android.intent.action.MAIN

.mpos.BindMposAcitivity

android.intent.action.MAIN

.mpos.MposDetail

android.intent.action.MAIN

.mpos.MposOrderDetail

android.intent.action.MAIN

.mpos.MposOrderDetailResult

android.intent.action.MAIN

.user.business.BankCardsDetails

android.intent.action.MAIN

.bbpos.WisePadActivity

android.intent.action.MAIN

.bbpos.EmvSwipeActivity

android.intent.action.MAIN

.shoukuan.WritePadActivity

android.intent.action.MAIN

.shoukuan.PosTransResult

android.intent.action.MAIN

.main.SilkBank

android.intent.action.MAIN

.licai.CurrentFinancing

android.intent.action.MAIN

.licai.Inamt

android.intent.action.MAIN

.licai.Outamt

android.intent.action.MAIN

.licai.Redeem

android.intent.action.MAIN

.licai.Purchase

android.intent.action.MAIN

.zhongchou.ZhongchouActivity

android.intent.action.MAIN

.adapter.ZhongchouListAdapter

android.intent.action.MAIN

.zhongchou.ZhongchouInfo

android.intent.action.MAIN

.zhongchou.ZhongchouMessage

android.intent.action.MAIN

.zhongchou.ZhongchouPurchase

android.intent.action.MAIN

.refund.PcardRefund

android.intent.action.MAIN

.refund.Shanghudaifu

android.intent.action.MAIN

.refund.RefundActivity

android.intent.action.MAIN

.refund.DaifaActivity

android.intent.action.MAIN

.refund.RefundTime

android.intent.action.MAIN

.refund.DaifaTime

android.intent.action.MAIN

.user.activity.WukaPay

android.intent.action.MAIN

com.zhongli.pay.wukapay.QRMainActivity

android.intent.action.MAIN

com.zhongli.pay.wukapay.QRimg

android.intent.action.MAIN

com.zhongli.pay.wukapay.QrOrderDetailResult

android.intent.action.MAIN

com.zhongli.pay.wukapay.WeChatOrderDetailResult

android.intent.action.MAIN

com.zhongli.pay.wukapay.FenrunMainActivity

android.intent.action.MAIN

com.zhongli.pay.wukapay.ChoosePayType

android.intent.action.MAIN

com.zhongli.pay.wukapay.SelectQR

android.intent.action.MAIN

com.zhongli.pay.wukapay.BindingQROrderDetail

android.intent.action.MAIN

com.zhongli.pay.wukapay.QueryFeerate

android.intent.action.MAIN

com.zhongli.pay.richscan.MipcaActivityCapture

android.intent.action.MAIN

com.zhongli.pay.richscan.MainActivity

android.intent.action.MAIN

com.zhongli.pay.richscan.WebViewActivty

android.intent.action.MAIN

com.org.lmw.tools.qr.ScanActivity

android.intent.action.MAIN

com.org.lmw.tools.qr.AboutActivity

android.intent.action.MAIN

com.org.lmw.tools.qr.LogerActivity

android.intent.action.MAIN

com.zhongli.pay.wukapay.QueryfenrunDetailResult

android.intent.action.MAIN

com.zhongli.pay.user.activity.PosService

android.intent.action.MAIN

com.zhongli.pay.share.WXEntryActivity

android.intent.action.MAIN

com.zhongli.pay.share.ShareMainActivity

android.intent.action.MAIN

com.zhongli.pay.share.SharePopupWindow

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.ACCESS_WIFI_STATE
android.permission.RUN_INSTRUMENTATION
android.permission.READ_PHONE_STATE
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.RECORD_AUDIO
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.GET_TASKS
android.permission.CAMERA
android.permission.READ_CONTACTS
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.ACCESS_COARSE_LOCATION
android.permission.VIBRATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.RESTART_PACKAGES
android.permission.FLASHLIGHT

Receivers

com.qihoo.util.CommonReceiver

com.qihoo.commonreceiver.ARRIVED
com.qihoo.commonreceiver.CLEARED

Services

com.qihoo.util.CommonService

com.qihoo.commonservice.SERVICE

Android Permissions

b1b059a54df974421c3ec37fd58f0836_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.WAKE_LOCK

android.permission.ACCESS_WIFI_STATE

android.permission.RUN_INSTRUMENTATION

android.permission.READ_PHONE_STATE

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.RECORD_AUDIO

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.GET_TASKS

android.permission.CAMERA

android.permission.READ_CONTACTS

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.ACCESS_COARSE_LOCATION

android.permission.VIBRATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.RESTART_PACKAGES

android.permission.FLASHLIGHT

Sharing

General

Malware Config

Signatures

Files

com.zhongli.pay

com.qihoo.util.StartActivity

Activities

com.zhongli.pay.guider.SwitchActivity

com.zhongli.pay.main.SplashActivity

com.qihoo.util.StartActivity

.main.CellBankCenter

.main.login.LoginActivity

.main.login.RegisterActivity

.user.activity.SetPayPwd

.user.business.TransferAccounts

.user.business.WithDrawActivity

.user.business.SelectBankActivity

.user.business.SelectProvince

.user.business.SelectRegion

.user.business.SelectCity

.user.business.SelectBank

.user.business.SelectSubBank

.user.activity.UserFundInquiry

.user.activity.UserInqueryResult

.user.activity.UserInqueryDetail

.user.business.AuthenticationCenter

.user.business.SelectAreaInfo

.user.business.SelectBankInfo

.main.UserCenter

.mpos.RecordMPosUser

.main.AccountServiceCenter

.user.activity.AuthMobile

.user.activity.ForgetLoginPwd

.shoukuan.PosShouKuan

.shoukuan.SelectPos

.mpos.BluthPosActivity

.mpos.AtyDeviceList

.mpos.BindMposAcitivity

.mpos.MposDetail

.mpos.MposOrderDetail

.mpos.MposOrderDetailResult

.user.business.BankCardsDetails

.bbpos.WisePadActivity

.bbpos.EmvSwipeActivity

.shoukuan.WritePadActivity

.shoukuan.PosTransResult

.main.SilkBank

.licai.CurrentFinancing

.licai.Inamt

.licai.Outamt

.licai.Redeem

.licai.Purchase

.zhongchou.ZhongchouActivity

.adapter.ZhongchouListAdapter

.zhongchou.ZhongchouInfo

.zhongchou.ZhongchouMessage

.zhongchou.ZhongchouPurchase

.refund.PcardRefund

.refund.Shanghudaifu

.refund.RefundActivity

.refund.DaifaActivity

.refund.RefundTime

.refund.DaifaTime

.user.activity.WukaPay

com.zhongli.pay.wukapay.QRMainActivity

com.zhongli.pay.wukapay.QRimg

com.zhongli.pay.wukapay.QrOrderDetailResult

com.zhongli.pay.wukapay.WeChatOrderDetailResult

com.zhongli.pay.wukapay.FenrunMainActivity

com.zhongli.pay.wukapay.ChoosePayType

com.zhongli.pay.wukapay.SelectQR

com.zhongli.pay.wukapay.BindingQROrderDetail

com.zhongli.pay.wukapay.QueryFeerate

com.zhongli.pay.richscan.MipcaActivityCapture

com.zhongli.pay.richscan.MainActivity

com.zhongli.pay.richscan.WebViewActivty

com.org.lmw.tools.qr.ScanActivity

com.org.lmw.tools.qr.AboutActivity

com.org.lmw.tools.qr.LogerActivity