365345fb7701be5b0f2240315d4dd396_JaffaCakes118

General

Target

365345fb7701be5b0f2240315d4dd396_JaffaCakes118
Size

9.4MB
MD5

365345fb7701be5b0f2240315d4dd396
SHA1

aa1ce2f1895be39cc9243f65717bb0c6ec72f1e6
SHA256

a29907b4810ea17393592480579ea2f15cb285f57def289078eb9f492a01f241
SHA512

529ebe53e6bb6dcf90d97f07b2235b2ac205d320b692dfb887afc443eb46621ee00f47a83603a1f9dd2c0a9c2c611b4b9ba3159db2fd59ab9ae101f998e26781
SSDEEP

196608:06n1Yi1bk0UTzVfGqLn6L3Ev6X9EEaZgSuZO9z:BKkk0Bqj6L3EVGZO1

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 4 IoCs

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE
Required by quick settings tile services to bind with the system. Allows apps to add custom tiles to the quick settings menu.	android.permission.BIND_QUICK_SETTINGS_TILE
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

365345fb7701be5b0f2240315d4dd396_JaffaCakes118
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.fb.fluid

com.fb.fluid.ui.ActivitySettings

Activities

com.fb.fluid.PauseFNGActivity

com.twofortyfouram.locale.intent.action.EDIT_SETTING

com.fb.fluid.ResumeFNGActivity

com.twofortyfouram.locale.intent.action.EDIT_SETTING

com.fb.fluid.ui.ActivitySettings

android.intent.action.MAIN
android.service.quicksettings.action.QS_TILE_PREFERENCES

Permissions

android.permission.KILL_BACKGROUND_PROCESSES
android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
android.permission.WRITE_SECURE_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.CALL_PHONE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_NETWORK_STATE
com.android.vending.BILLING
android.permission.INTERNET

Receivers

com.fb.fluid.BootReceiver

android.intent.action.BOOT_COMPLETED

com.joaomgcd.taskerpluginlibrary.action.BroadcastReceiverAction

com.twofortyfouram.locale.intent.action.FIRE_SETTING

com.joaomgcd.taskerpluginlibrary.condition.BroadcastReceiverCondition

com.twofortyfouram.locale.intent.action.QUERY_CONDITION

Services

com.fb.fluid.MainAccessibilityService

android.accessibilityservice.AccessibilityService

com.fb.fluid.CapacitiveKeysService

android.accessibilityservice.AccessibilityService

com.fb.fluid.services.MyTileService

android.service.quicksettings.action.QS_TILE

com.fb.fluid.ServiceNotificationListener

android.service.notification.NotificationListenerService

com.joaomgcd.taskerpluginlibrary.action.IntentServiceAction

com.twofortyfouram.locale.intent.action.FIRE_SETTING

com.joaomgcd.taskerpluginlibrary.condition.IntentServiceCondition

com.twofortyfouram.locale.intent.action.QUERY_CONDITION

Android Permissions

365345fb7701be5b0f2240315d4dd396_JaffaCakes118

Permissions

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.BIND_NOTIFICATION_LISTENER_SERVICE

android.permission.WRITE_SECURE_SETTINGS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE

android.permission.CALL_PHONE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_NETWORK_STATE

com.android.vending.BILLING

android.permission.INTERNET

Sharing

General

Malware Config

Signatures

Files

com.fb.fluid

com.fb.fluid.ui.ActivitySettings

Activities

com.fb.fluid.PauseFNGActivity

com.fb.fluid.ResumeFNGActivity

com.fb.fluid.ui.ActivitySettings

Permissions

Receivers

com.fb.fluid.BootReceiver

com.joaomgcd.taskerpluginlibrary.action.BroadcastReceiverAction

com.joaomgcd.taskerpluginlibrary.condition.BroadcastReceiverCondition

Services

com.fb.fluid.MainAccessibilityService

com.fb.fluid.CapacitiveKeysService

com.fb.fluid.services.MyTileService

com.fb.fluid.ServiceNotificationListener

com.joaomgcd.taskerpluginlibrary.action.IntentServiceAction

com.joaomgcd.taskerpluginlibrary.condition.IntentServiceCondition

Android Permissions

365345fb7701be5b0f2240315d4dd396_JaffaCakes118