b3f5cc483a857de53c0eccd014123de6_JaffaCakes118

General

Target

b3f5cc483a857de53c0eccd014123de6_JaffaCakes118
Size

642KB
MD5

b3f5cc483a857de53c0eccd014123de6
SHA1

1d88d346925fd5ca661ac86582424fafd16282d7
SHA256

c324f4e844510a30318edadb14d9f93a252beb399f3df4eef4767df9ece5280e
SHA512

58ea6bea57b5ec155cd3d7eee134ca9c666a07ff9db58e710e68d6fcecfc11505a14586d2e79d900b80c9c803b1d6d1ad972ff36f73a809f8fda4c68ed71c386
SSDEEP

12288:wgnxqjTMfq9C9KPLGdWfBmipkN2YCwRBanoRL4Bqz1n:wOx3fq91GWfyN2YCnoJ44hn

Score

6^/10

Malware Config

Signatures

Declares broadcast receivers with permission to handle system events 1 IoCs

description	ioc
Required by device admin receivers to bind with the system. Allows apps to manage device administration features.	android.permission.BIND_DEVICE_ADMIN

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Files

b3f5cc483a857de53c0eccd014123de6_JaffaCakes118
.apk android

tecnology.angs.knockr

tecnology.angs.knockr.ikirasaidthatyouaresbof88u0ms4nlln9cwdea6gt9u1eng7a5r49hejcjjgsnx6688cqkfj4unw4l6516rpuoz7xv961pk1bq05r44ktgnccdqwnxyvyg1s2sgp5dj4yzs97k9f78fssm5cdhx0fik61gnfwcved531vmx1lchnbzfej17i0hla50fr39mpudgvjx3c8wcam4lyepath06zmn93isr0nte704u7e4j6kpqy9pqamsb8shpuwke64ngg1u6jd4mnvdu9d51d7f3wxobf3ah4gz6zet49h236dsyt17sg1lhwafk8tk4r0128wmqay4j4tm4ii0gywyk57u1ow3az0xolby0h2ffxyib94rmak6cjw3963i2prtigeh0s56cyn3ny3lstswuzobq37ggujv59ztr4ggrnm23irnizes3etq0wzmgbn82esobcai9en2pud4a65i5omfly8n5zc2u9nnnevfcmjrht74outp1qcl2op6krwjzacgu6jdkp2siekt7b60shadxh8vplms0vlpwlkjg21tsgqed213espyprkencsyhe92uj81i46idwyzrh6nylwfxxhecyn9wa27qys2a9ai8njrvydagt605erjwbjstxtrlpkqbv6hhlru8wdpxbruvj7hbcoqrrafgps85fm23nxfeq0if2y2ntkvnwe8a69tcvsq99dx4q9nvu0eyw2v0lndvyygvlila4tc8t8qkq4o7n7zkrccha8n3dnk2eufbc69liz4ijpnxjdzak3qmb3c93qpf00zhf4muqery3dqjy9057k4w2z3hzi1gttwsbyljv9byac3m9oq6k3owyrlqy9pp80uaxyb7cceh1xvowdselwl4d4h3x8wpofg03eyekfqn9e8995vv6a03rwejurqzjsezsknlycxft1cuqtll7k2ehu15j3d28xc7wrlcwsnum4c1r3nlmyxizs0xyjzg6lxrc8x7tmkzmydbptpybtr0ng0x0cqqrktn09sp3kbuptm8

Activities

tecnology.angs.knockr.ikirasaidthatyouaresbof88u0ms4nlln9cwdea6gt9u1eng7a5r49hejcjjgsnx6688cqkfj4unw4l6516rpuoz7xv961pk1bq05r44ktgnccdqwnxyvyg1s2sgp5dj4yzs97k9f78fssm5cdhx0fik61gnfwcved531vmx1lchnbzfej17i0hla50fr39mpudgvjx3c8wcam4lyepath06zmn93isr0nte704u7e4j6kpqy9pqamsb8shpuwke64ngg1u6jd4mnvdu9d51d7f3wxobf3ah4gz6zet49h236dsyt17sg1lhwafk8tk4r0128wmqay4j4tm4ii0gywyk57u1ow3az0xolby0h2ffxyib94rmak6cjw3963i2prtigeh0s56cyn3ny3lstswuzobq37ggujv59ztr4ggrnm23irnizes3etq0wzmgbn82esobcai9en2pud4a65i5omfly8n5zc2u9nnnevfcmjrht74outp1qcl2op6krwjzacgu6jdkp2siekt7b60shadxh8vplms0vlpwlkjg21tsgqed213espyprkencsyhe92uj81i46idwyzrh6nylwfxxhecyn9wa27qys2a9ai8njrvydagt605erjwbjstxtrlpkqbv6hhlru8wdpxbruvj7hbcoqrrafgps85fm23nxfeq0if2y2ntkvnwe8a69tcvsq99dx4q9nvu0eyw2v0lndvyygvlila4tc8t8qkq4o7n7zkrccha8n3dnk2eufbc69liz4ijpnxjdzak3qmb3c93qpf00zhf4muqery3dqjy9057k4w2z3hzi1gttwsbyljv9byac3m9oq6k3owyrlqy9pp80uaxyb7cceh1xvowdselwl4d4h3x8wpofg03eyekfqn9e8995vv6a03rwejurqzjsezsknlycxft1cuqtll7k2ehu15j3d28xc7wrlcwsnum4c1r3nlmyxizs0xyjzg6lxrc8x7tmkzmydbptpybtr0ng0x0cqqrktn09sp3kbuptm8

android.intent.action.MAIN

tecnology.angs.knockr.tasker.EditActivity

com.twofortyfouram.locale.intent.action.EDIT_SETTING

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_SETTINGS
com.android.vending.BILLING

Receivers

tecnology.angs.knockr.tasker.FireReceiver

com.twofortyfouram.locale.intent.action.FIRE_SETTING

tecnology.angs.knockr.MyAdmin

android.app.action.DEVICE_ADMIN_ENABLED

tecnology.angs.knockr.BootStart

android.intent.action.BOOT_COMPLETED

Services

Android Permissions

b3f5cc483a857de53c0eccd014123de6_JaffaCakes118

Permissions

android.permission.SYSTEM_ALERT_WINDOW

android.permission.GET_TASKS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_SETTINGS

com.android.vending.BILLING

Sharing

General

Malware Config

Signatures

Files

tecnology.angs.knockr

Activities

tecnology.angs.knockr.tasker.EditActivity

Permissions

Receivers

tecnology.angs.knockr.tasker.FireReceiver

tecnology.angs.knockr.MyAdmin

tecnology.angs.knockr.BootStart

Services

Android Permissions

b3f5cc483a857de53c0eccd014123de6_JaffaCakes118