a6351740fc692219a5018272488b1cc6_JaffaCakes118

General

Target

a6351740fc692219a5018272488b1cc6_JaffaCakes118
Size

26.5MB
MD5

a6351740fc692219a5018272488b1cc6
SHA1

351e08f5cf7dfb5d7405d8c8a79219540a38d65a
SHA256

8d7802032988146bc4769744db8c5c2038c6f3543ee6c69b265b7b8d156b788d
SHA512

9e99d8c52547c2b534709d63b2a58e5f94a71bf0e652a600ce8bd7f979b7dfc3cc75af5c8b78c018334651943cd6418b1fafb4202aaebad3e750322aa8393604
SSDEEP

786432:S2bcQuujCVwpTvzn1oy2sPjPuknn1aGobbYDkAotWW0gE3:aQuujW6T1b2sLvn1anYwRIH

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE

Files

a6351740fc692219a5018272488b1cc6_JaffaCakes118
.apk android arch:arm

com.chaoya.blts.egame

cn.egame.terminal.paysdk.EgameLaunchActivity

Activities

cn.egame.terminal.paysdk.EgameLaunchActivity

android.intent.action.MAIN

cn.egame.terminal.sdk.EgameCoreActivity

android.intent.action.MAIN

Permissions

android.permission.READ_PHONE_STATE
android.permission.SEND_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.CHANGE_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.GET_PACKAGE_SIZE
android.permission.WRITE_SETTINGS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.CALL_PHONE
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS

Receivers

cn.egame.terminal.sdk.EgameCoreReceiver

android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
cn.egame.terminal.sdk.RECEIVER_CMD

Services

cn.egame.terminal.sdk.EgameCoreService

cn.egame.terminal.sdk.SERVICE_CMD
rtk.apk
.apk android arch:arm

com.rtk.app

com.rtk.app.Welcome

Activities

com.rtk.app.Welcome

android.intent.action.MAIN

com.mob.tools.MobUIShell

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.FLASHLIGHT
android.permission.VIBRATE
android.permission.RESTART_PACKAGES
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.MANAGE_ACCOUNTS
android.permission.GET_ACCOUNTS
android.permission.READ_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.SYSTEM_ALERT_WINDOW
getui.permission.GetuiService.com.rtk.app

Receivers

com.rtk.tools.BootReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.getui.demo.PushDemoReceiver

com.igexin.sdk.action.vqiYZJVob39RPgWvymrvq6

com.igexin.sdk.PushReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
com.igexin.sdk.action.refreshls
android.intent.action.MEDIA_MOUNTED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.igexin.sdk.PushManagerReceiver

com.igexin.sdk.action.pushmanager

com.igexin.download.DownloadReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.igexin.getuiext.service.PayloadReceiver

com.igexin.sdk.action.7fjUl2Z3LH6xYy7NQK4ni4
com.igexin.sdk.action.vqiYZJVob39RPgWvymrvq6

Services

Android Permissions

a6351740fc692219a5018272488b1cc6_JaffaCakes118

Permissions

android.permission.READ_PHONE_STATE

android.permission.SEND_SMS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.CHANGE_NETWORK_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.VIBRATE

android.permission.GET_PACKAGE_SIZE

android.permission.WRITE_SETTINGS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.CALL_PHONE

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.chaoya.blts.egame

cn.egame.terminal.paysdk.EgameLaunchActivity

Activities

cn.egame.terminal.paysdk.EgameLaunchActivity

cn.egame.terminal.sdk.EgameCoreActivity

Permissions

Receivers

cn.egame.terminal.sdk.EgameCoreReceiver

Services

cn.egame.terminal.sdk.EgameCoreService

com.rtk.app

com.rtk.app.Welcome

Activities

com.rtk.app.Welcome

com.mob.tools.MobUIShell

Permissions

Receivers

com.rtk.tools.BootReceiver

com.getui.demo.PushDemoReceiver

com.igexin.sdk.PushReceiver

com.igexin.sdk.PushManagerReceiver

com.igexin.download.DownloadReceiver

com.igexin.getuiext.service.PayloadReceiver

Services

Android Permissions

a6351740fc692219a5018272488b1cc6_JaffaCakes118