404ec8858925be31a1d577002d062779_JaffaCakes118

General

Target

404ec8858925be31a1d577002d062779_JaffaCakes118
Size

6.2MB
MD5

404ec8858925be31a1d577002d062779
SHA1

4b9186977023f67b8cdc2fd7c2f40af4f07687ac
SHA256

6277578c47082fcf0fcb809ba7380c23a48d1701870a71ed47d1d8b8912adc5c
SHA512

a86cf366688a97aca99aef02a74bcdf7f9134c0be77c1acc04e3405b33fbcf8414169e155360ed05e84bc5429a8470a3e291c3f984c5e3d79283ad26017c61d0
SSDEEP

98304:T28hkUQr7dlcGRXVec2JWu3+PFFruph4FfMae7pl1z1mb1vMHDBebRFKkt2Z/jLz:MrfbuoXQxmRMHDRk0nQDzs

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

404ec8858925be31a1d577002d062779_JaffaCakes118
.apk android arch:arm

com.rhmsoft.fm

com.rhmsoft.fm.hd.SplashActivity

Activities

com.rhmsoft.fm.hd.SplashActivity

android.intent.action.MAIN

com.rhmsoft.fm.hd.FileManagerHD

android.intent.action.GET_CONTENT
android.intent.action.RINGTONE_PICKER

com.rhmsoft.fm.FileManager

android.intent.action.GET_CONTENT
android.intent.action.RINGTONE_PICKER

com.rhmsoft.fm.hd.ImageGallery

android.intent.action.VIEW

com.rhmsoft.fm.hd.TextEditor

android.intent.action.VIEW
android.intent.action.EDIT

com.rhmsoft.fm.hd.HtmlViewer

android.intent.action.VIEW

com.rhmsoft.fm.hd.FlashPlayer

android.intent.action.VIEW

com.rhmsoft.fm.hd.FileShortcutsLauncher

android.intent.action.CREATE_SHORTCUT

com.rhmsoft.fm.hd.ShortcutActivity

android.intent.action.VIEW
android.intent.action.VIEW

com.dropbox.client2.android.AuthActivity

android.intent.action.VIEW

com.rhmsoft.fm.snapshare.SnapShareActivity

android.intent.action.SEND
android.intent.action.SEND_MULTIPLE

com.mobvista.msdk.shell.MVActivity

android.intent.action.CREATE_SHORTCUT

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.ACCESS_SUPERUSER
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.SYSTEM_OVERLAY_WINDOW
android.permission.GET_TASKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW

Receivers

com.rhmsoft.fm.hd.BootBroadcastReceiver

android.intent.action.BOOT_COMPLETED

com.cleanmaster.fm.receiver.ConnectivityChangeBroadcastReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.cleanmaster.fm.receiver.NetworkChangedBroadcastReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.google.analytics.tracking.android.CampaignTrackingReceiver

com.android.vending.INSTALL_REFERRER

com.cleanmaster.fm.receiver.ScreenUnlockReceiver

android.intent.action.USER_PRESENT

com.cleanmaster.fm.receiver.PackageInstallReceiver

android.intent.action.PACKAGE_ADDED

com.cmcm.orion.utils.internal.AppInstallReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

Services

com.cleanmaster.fm.service.CrashReportService

com.cleanmaster.crash.report
com.cleanmaster.crash.report_crashinfo

Android Permissions

404ec8858925be31a1d577002d062779_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.WAKE_LOCK

android.permission.ACCESS_SUPERUSER

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.SYSTEM_OVERLAY_WINDOW

android.permission.GET_TASKS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.SYSTEM_ALERT_WINDOW

Sharing

General

Malware Config

Signatures

Files

com.rhmsoft.fm

com.rhmsoft.fm.hd.SplashActivity

Activities

com.rhmsoft.fm.hd.SplashActivity

com.rhmsoft.fm.hd.FileManagerHD

com.rhmsoft.fm.FileManager

com.rhmsoft.fm.hd.ImageGallery

com.rhmsoft.fm.hd.TextEditor

com.rhmsoft.fm.hd.HtmlViewer

com.rhmsoft.fm.hd.FlashPlayer

com.rhmsoft.fm.hd.FileShortcutsLauncher

com.rhmsoft.fm.hd.ShortcutActivity

com.dropbox.client2.android.AuthActivity

com.rhmsoft.fm.snapshare.SnapShareActivity

com.mobvista.msdk.shell.MVActivity

Permissions

Receivers

com.rhmsoft.fm.hd.BootBroadcastReceiver

com.cleanmaster.fm.receiver.ConnectivityChangeBroadcastReceiver

com.cleanmaster.fm.receiver.NetworkChangedBroadcastReceiver

com.google.analytics.tracking.android.CampaignTrackingReceiver

com.cleanmaster.fm.receiver.ScreenUnlockReceiver

com.cleanmaster.fm.receiver.PackageInstallReceiver

com.cmcm.orion.utils.internal.AppInstallReceiver

Services

com.cleanmaster.fm.service.CrashReportService

Android Permissions

404ec8858925be31a1d577002d062779_JaffaCakes118