acafc34cddc12412cd4f5a2fbd3a551b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

acafc34cddc12412cd4f5a2fbd3a551b_JaffaCakes118
Size

18.2MB
MD5

acafc34cddc12412cd4f5a2fbd3a551b
SHA1

e43382436c74f8965a92288b93f72b7fbecc6389
SHA256

3de40f63055b5f83c12fa64a626e0c762952bc92562bac42baa4075b10148568
SHA512

edb9f4a78d9a718e58a1d761d116e9a882c58183ba3cfa4486b0a84e9b96062b6fc8acbd5523fb6a034cf75187407cc5ecb87b13fabe8acfa7aaf2defb683dce
SSDEEP

393216:Pd2F7usSXFJMhJ4FThf3f5/glVgPDJZUf3f5/glVgPfGV4PztN6eD2XDQW75zhUO:0KFJMufCLKDJCfCLKfGV4rEsWEO

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by remote views services to bind with the system. Allows apps to share and display views across different processes.	android.permission.BIND_REMOTEVIEWS

Requests dangerous framework permissions 18 IoCs

description	ioc
Allows an application to write the user's calendar data.	android.permission.WRITE_CALENDAR
Allows an application to read the user's calendar data.	android.permission.READ_CALENDAR
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether.	android.permission.PROCESS_OUTGOING_CALLS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS

Files

acafc34cddc12412cd4f5a2fbd3a551b_JaffaCakes118
.apk android arch:arm

com.dreamix.gov

com.dreamix.gov.InitActivity

Activities

com.groups.activity.SearchActivity

action.notify.huizhengyun.search

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.dreamix.gov.InitActivity

com.ikan.action.start.Login
com.ikan.action.start.Register
com.ikan.action.start.UserInfo
android.intent.action.MAIN
com.dreamix.gov.InitActivity

com.groups.activity.CreateTaskActvityNew

action.notify.huizhengyun.createjob

com.groups.activity.JobDetaiActivity

action.notify.huizhengyun.jobdetail

com.groups.activity.GroupListActivity

action.notify.huizhengyun.chatlist

com.groups.activity.ChatActivity

action.notify.huizhengyun.chat

com.groups.activity.FlowListActivity

action.notify.huizhengyun.flowlist

com.groups.activity.UserExecutionActivity

action.notify.user_execution

com.groups.activity.WidgetConfigActivity

android.appwidget.action.APPWIDGET_CONFIGURE

com.groups.activity.ManageJoinOrganizationActivity

action.notify.huizhengyun.applyjoin

com.groups.activity.AnnouncementListActivity

action.notify.huizhengyun.announcementlist

com.groups.activity.AnnouncementDetailActivity

action.notify.huizhengyun.announcement

com.groups.activity.ApplicationDetailActivity

action.notify.huizhengyun.application

com.groups.activity.TaskActivity

action.notify.huizhengyun.task_list

com.groups.activity.crm.CrmCustomerDetailActivity

action.notify.huizhengyun.customerdetail

com.groups.activity.crm.CrmCreateWorkRecordActivity

action.notify.huizhengyun.createworkrecord

com.groups.activity.crm.CrmWorkRecordDetailActivity

action.notify.huizhengyun.workrecord

com.groups.activity.HistoryFeedActivity

action.notify.huizhengyun.historyfeed

com.groups.activity.UserLogDetailActivity

action.notify.huizhengyun.userlog

com.groups.activity.GroupLogDetailActivity

action.notify.huizhengyun.grouplog

com.groups.activity.WebAppActivity

action.notify.huizhengyun.webappdetail

com.groups.activity.crm.CrmSalesOpportunityDetailActivity

action.notify.huizhengyun.saleOpportunity

com.groups.activity.crm.CrmSaleTargetDetailActivity

action.notify.huizhengyun.saleTarget

com.groups.activity.CompanyCheckInActivity

action.notify.huizhengyun.checkin

com.groups.activity.PrivateChatActivity

action.notify.huizhengyun.sslChat

com.groups.activity.ProjectDetailActivity

action.notify.huizhengyun.projectDetail

com.groups.activity.mail.MailListActivity

action.notify.huizhengyun.maillist

com.groups.activity.CreateExcelActivity

action.notify.huizhengyun.excelcreate

com.groups.activity.ExcelTableActivity

action.notify.huizhengyun.exceltable

com.groups.activity.ExcelDetailActivity

action.notify.huizhengyun.exceldetail

com.groups.activity.WorkTimeCountBoardActivity

action.notify.huizhengyun.workboard

com.groups.activity.CustomFlowDetailActivity

action.notify.huizhengyun.customflowdetail

com.groups.activity.CustomFlowListActivity

action.notify.huizhengyun.customflowlist

com.groups.activity.SmartCoverTabActivity

action.notify.huizhengyun.smartcovertab.chatlist

Permissions

android.permission.DISABLE_KEYGUARD
android.permission.RESTART_PACKAGES
android.permission.BLUETOOTH_ADMIN
android.permission.BLUETOOTH
android.permission.WAKE_LOCK
android.permission.INTERNET
android.permission.WRITE_CALENDAR
android.permission.READ_CALENDAR
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CAMERA
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_OVERLAY_WINDOW
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.RECORD_AUDIO
android.permission.VIBRATE
com.android.launadcher.permission.INSTALL_SHORTCUT
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.BROADCAST_STICKY
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.CHANGE_WIFI_STATE
android.permission.READ_CONTACTS
android.permission.GET_TASKS
android.permission.CALL_PHONE
com.dreamix.gov.lookle.permission.MAPS_RECEIVE
android.permission.ACCESS_FINE_LOCATION
com.google.android.providers.gsf.permission.READ_GSERVICES
android.permission.READ_LOGS
android.permission.PROCESS_OUTGOING_CALLS
com.dreamix.gov.permission.RECEIVE_MSG
com.dreamix.gov.permission.INCOMING_CALL
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.GET_TASKS
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.WAKE_LOCK
android.permission.CAMERA
android.permission.WRITE_CONTACTS

Receivers

com.yuntongxun.ecsdk.booter.CCPReceivers$ConnectionReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.yuntongxun.ecsdk.booter.CCPReceivers$BootReceiver

android.intent.action.BOOT_COMPLETED

com.cutecomm.cloudcc.CCHelperReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.BOOT_COMPLETED

com.groups.net.NetWorkReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.groups.service.BootReceiver

android.intent.action.BOOT_COMPLETED

com.groups.widget.WidgetReceiver

com.groups.action.widget.widgetclick

com.groups.widget.WidgetBigProvider

android.appwidget.action.APPWIDGET_UPDATE
com.groups.action.widget.refresh

com.groups.widget.WidgetMidProvider

android.appwidget.action.APPWIDGET_UPDATE
com.groups.action.widget.refresh

com.groups.widget.WidgetSmallProvider

android.appwidget.action.APPWIDGET_UPDATE
com.groups.action.widget.refresh

com.groups.service.PhoneCallReceiver

android.intent.action.PHONE_STATE
android.intent.action.NEW_OUTGOING_CALL

Services
alipay_msp.apk
.apk android arch:arm

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

android.intent.action.MAIN

.activity.Alerter

android.intent.action.MAIN

.activity.Welcome

android.intent.action.MAIN

.activity.Updater

android.intent.action.MAIN

.activity.PageForBrowser

android.intent.action.VIEW

.activity.CertBiz

android.intent.action.MAIN

.activity.MessageActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_USER_PRESENT
android.permission.VIBRATE
android.permission.CHANGE_NETWORK_STATE
com.alipay.notify.permission.PUSHSERVICE
com.alipay.android.permission.BOOT_COMPLETED
com.alipay.android.app.gphone.SHARE

Receivers

com.alipay.notify.BroadcastActionReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
android.intent.action.PACKAGE_ADDED

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

com.alipay.notify.push.NotificationService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

com.alipay.notify.poll.config.ConfigService

Android Permissions

acafc34cddc12412cd4f5a2fbd3a551b_JaffaCakes118

Permissions

android.permission.DISABLE_KEYGUARD

android.permission.RESTART_PACKAGES

android.permission.BLUETOOTH_ADMIN

android.permission.BLUETOOTH

android.permission.WAKE_LOCK

android.permission.INTERNET

android.permission.WRITE_CALENDAR

android.permission.READ_CALENDAR

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CAMERA

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.SYSTEM_OVERLAY_WINDOW

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.READ_PHONE_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_CONFIGURATION

android.permission.RECORD_AUDIO

android.permission.VIBRATE

com.android.launadcher.permission.INSTALL_SHORTCUT

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.BROADCAST_STICKY

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.CHANGE_WIFI_STATE

android.permission.READ_CONTACTS

android.permission.GET_TASKS

android.permission.CALL_PHONE

com.dreamix.gov.lookle.permission.MAPS_RECEIVE

android.permission.ACCESS_FINE_LOCATION

com.google.android.providers.gsf.permission.READ_GSERVICES

android.permission.READ_LOGS

android.permission.PROCESS_OUTGOING_CALLS

com.dreamix.gov.permission.RECEIVE_MSG

com.dreamix.gov.permission.INCOMING_CALL

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.GET_TASKS

android.permission.RECORD_AUDIO

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.WAKE_LOCK

android.permission.CAMERA

android.permission.WRITE_CONTACTS

Sharing

General

Malware Config

Signatures

Files

com.dreamix.gov

com.dreamix.gov.InitActivity

Activities

com.groups.activity.SearchActivity

com.tencent.tauth.AuthActivity

com.dreamix.gov.InitActivity

com.groups.activity.CreateTaskActvityNew

com.groups.activity.JobDetaiActivity

com.groups.activity.GroupListActivity

com.groups.activity.ChatActivity

com.groups.activity.FlowListActivity

com.groups.activity.UserExecutionActivity

com.groups.activity.WidgetConfigActivity

com.groups.activity.ManageJoinOrganizationActivity

com.groups.activity.AnnouncementListActivity

com.groups.activity.AnnouncementDetailActivity

com.groups.activity.ApplicationDetailActivity

com.groups.activity.TaskActivity

com.groups.activity.crm.CrmCustomerDetailActivity

com.groups.activity.crm.CrmCreateWorkRecordActivity

com.groups.activity.crm.CrmWorkRecordDetailActivity

com.groups.activity.HistoryFeedActivity

com.groups.activity.UserLogDetailActivity

com.groups.activity.GroupLogDetailActivity

com.groups.activity.WebAppActivity

com.groups.activity.crm.CrmSalesOpportunityDetailActivity

com.groups.activity.crm.CrmSaleTargetDetailActivity

com.groups.activity.CompanyCheckInActivity

com.groups.activity.PrivateChatActivity

com.groups.activity.ProjectDetailActivity

com.groups.activity.mail.MailListActivity

com.groups.activity.CreateExcelActivity

com.groups.activity.ExcelTableActivity

com.groups.activity.ExcelDetailActivity

com.groups.activity.WorkTimeCountBoardActivity

com.groups.activity.CustomFlowDetailActivity

com.groups.activity.CustomFlowListActivity

com.groups.activity.SmartCoverTabActivity

Permissions

Receivers

com.yuntongxun.ecsdk.booter.CCPReceivers$ConnectionReceiver

com.yuntongxun.ecsdk.booter.CCPReceivers$BootReceiver

com.cutecomm.cloudcc.CCHelperReceiver

com.groups.net.NetWorkReceiver

com.groups.service.BootReceiver

com.groups.widget.WidgetReceiver

com.groups.widget.WidgetBigProvider

com.groups.widget.WidgetMidProvider

com.groups.widget.WidgetSmallProvider

com.groups.service.PhoneCallReceiver

Services

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

.activity.Alerter

.activity.Welcome

.activity.Updater

.activity.PageForBrowser

.activity.CertBiz

.activity.MessageActivity

Permissions

Receivers

com.alipay.notify.BroadcastActionReceiver

Services

.AlixService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

Android Permissions

acafc34cddc12412cd4f5a2fbd3a551b_JaffaCakes118