1c235c4d46e2b3805c4d788c00f6a405_JaffaCakes118

General

Target

1c235c4d46e2b3805c4d788c00f6a405_JaffaCakes118
Size

19.0MB
MD5

1c235c4d46e2b3805c4d788c00f6a405
SHA1

a61e4a045343c6fe2e31a97a212466c69b20f5fe
SHA256

f156aecf2a2e52db58f9f3aeb21d5c84c795a4151a5d3f68c18a0a4a8478da58
SHA512

46cb8f367c9db98f60bd95eeaced6e03fb2ddccae0c96e0bd27690aaa3a64a158655486e549bb5bdd109f6d530ecaa779a0d73905c535e65ce45151f9fb5581e
SSDEEP

393216:laVMHiZ/oxldl+7WPrZ4/MEJhkr/McM3cGObnscAuxoaZDq/YiCl7:ioxp+yjZAJh8PHG9MTlqQl1

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS

Files

1c235c4d46e2b3805c4d788c00f6a405_JaffaCakes118
.apk android arch:arm arch:mips

com.dianwo.mrp

com.dianwo.mrp.app.start.StartActivity

Activities

com.dianwo.mrp.app.start.StartActivity

android.intent.action.MAIN

cn.bidaround.ytcore.activity.ShareActivity

com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.dianwo.mrp.app.receiver.PushDialog

android.intent.action.AlertDialogs

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_MOCK_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.CAMERA
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.DISABLE_KEYGUARD
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.SEND_SMS
android.permission.RECEIVE_SMS
android.permission.WAKE_LOCK
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.READ_LOGS
android.permission.MOUNT_FORMAT_FILESYSTEMS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_COARSE_UPDATES
android.permission.ACCESS_DOWNLOAD_MANAGER_ADVANCED
android.permission.BAIDU_LOCATION_SERVICE
android.permission.ACCESS_GPS
android.permission.GET_TASKS

Receivers

com.dianwo.mrp.app.receiver.BaiduPushMessageReceiver

com.baidu.android.pushservice.action.MESSAGE
com.baidu.android.pushservice.action.RECEIVE

com.dianwo.mrp.app.receiver.PushMessageReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
com.baidu.android.pushservice.action.notification.SHOW
com.baidu.android.pushservice.action.RECEIVE

com.baidu.android.pushservice.RegistrationReceiver

com.baidu.android.pushservice.action.METHOD
com.baidu.android.pushservice.action.BIND_SYNC
android.intent.action.PACKAGE_REMOVED

com.dianwo.mrp.app.receiver.SMSReceiver

android.provider.Telephony.SMS_RECEIVED

com.dianwo.mrp.app.service.RestartService

ACTION.RESTART.PersistentService
android.intent.action.BOOT_COMPLETED

com.dianwo.mrp.app.receiver.LocaleChangedReceiver

android.intent.action.LOCALE_CHANGED

com.dianwo.mrp.app.receiver.DownloadReceiver

android.intent.action.DOWNLOAD_COMPLETE
android.intent.action.DOWNLOAD_NOTIFICATION_CLICKED

com.dianwo.mrp.app.receiver.ScreenReceiver

android.intent.action.SCREEN_ON
android.intent.action.SCREEN_OFF
android.intent.action.PHONE_STATE

Services

com.baidu.android.pushservice.PushService

com.baidu.android.pushservice.action.PUSH_SERVICE
gdtad.jar
.apk android
plugin-deploy.jar
.apk android

Android Permissions

1c235c4d46e2b3805c4d788c00f6a405_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_MOCK_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.CAMERA

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.DISABLE_KEYGUARD

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_SETTINGS

android.permission.VIBRATE

android.permission.ACCESS_DOWNLOAD_MANAGER

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.SEND_SMS

android.permission.RECEIVE_SMS

android.permission.WAKE_LOCK

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.READ_LOGS

android.permission.MOUNT_FORMAT_FILESYSTEMS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_COARSE_UPDATES

android.permission.ACCESS_DOWNLOAD_MANAGER_ADVANCED

android.permission.BAIDU_LOCATION_SERVICE

android.permission.ACCESS_GPS

android.permission.GET_TASKS

Sharing

General

Malware Config

Signatures

Files

com.dianwo.mrp

com.dianwo.mrp.app.start.StartActivity

Activities

com.dianwo.mrp.app.start.StartActivity

cn.bidaround.ytcore.activity.ShareActivity

com.tencent.tauth.AuthActivity

com.dianwo.mrp.app.receiver.PushDialog

Permissions

Receivers

com.dianwo.mrp.app.receiver.BaiduPushMessageReceiver

com.dianwo.mrp.app.receiver.PushMessageReceiver

com.baidu.android.pushservice.RegistrationReceiver

com.dianwo.mrp.app.receiver.SMSReceiver

com.dianwo.mrp.app.service.RestartService

com.dianwo.mrp.app.receiver.LocaleChangedReceiver

com.dianwo.mrp.app.receiver.DownloadReceiver

com.dianwo.mrp.app.receiver.ScreenReceiver

Services

com.baidu.android.pushservice.PushService

Android Permissions

1c235c4d46e2b3805c4d788c00f6a405_JaffaCakes118