Overview

overview

6

Static

static

6

b69dc7f64c...18.apk

android-9-x86

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    b69dc7f64c5091325d81beaefa7c0f05_JaffaCakes118

  • Size

    12.2MB

  • MD5

    b69dc7f64c5091325d81beaefa7c0f05

  • SHA1

    7d4dd6856c7669a01733de77abec7605dcdfd34a

  • SHA256

    904795e8b6f460dd1c3e26e7becfaaf6bdc6727af61c92c8fde4761fd49a090c

  • SHA512

    93eaa52cfca66b9beabef169fea91adf7a67093827b12b028e791f56e3c10a3f34889716b490beaceeb7b38579c1b346e7d1654fe2de590195a90142223725a3

  • SSDEEP

    196608:ta3mnY2EfyWoRfwvQXXgilmEPJ/qqH+UXLp4kGsI+wwhcGGLxQRgK2f39uD3CDmn:XnHTRfwO6EPJzH+UvfhWQRd2ftuDSyA0

Score
6/10

Malware Config

Signatures

  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 10 IoCs

Files

  • b69dc7f64c5091325d81beaefa7c0f05_JaffaCakes118
    .apk android arch:arm

    com.justravel.flight

    com.justravel.flight.group.home.StartActivity


Android Permissions

b69dc7f64c5091325d81beaefa7c0f05_JaffaCakes118

Permissions

android.permission.CALL_PHONE

android.permission.WRITE_SETTINGS

android.permission.VIBRATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.CHANGE_WIFI_STATE

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

com.android.launcher.permission.READ_SETTINGS

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.READ_EXTERNAL_STORAGE

android.permission.CAMERA

android.permission.FLASHLIGHT

android.permission.READ_LOGS

android.permission.SET_DEBUG_APP

android.permission.GET_ACCOUNTS

android.permission.USE_CREDENTIALS

android.permission.MANAGE_ACCOUNTS

android.permission.GET_TASKS

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.SYSTEM_ALERT_WINDOW

getui.permission.GetuiService.com.justravel.flight

android.permission.KILL_BACKGROUND_PROCESSES