bda227603c3d1256464e76cb6ec67a7c_JaffaCakes118

General

Target

bda227603c3d1256464e76cb6ec67a7c_JaffaCakes118
Size

4.2MB
MD5

bda227603c3d1256464e76cb6ec67a7c
SHA1

07da8b10a592540e1e21041fc641098e67ae2549
SHA256

50309adaf86b62e7f29a3f79d1636ba61b7a5f494f8e6ab9ee3d7ded82669199
SHA512

7909f40f2191f9ed2345febab2172477315c42a303f0c4cdc4afc3e833fa3722c38e8a9030e3e67365d3a10e036bddebd9ded15d73fe10f2db58f6ecb06656e6
SSDEEP

98304:pJVCd+ENhf3qPIck8lq8p01ZnqYZY5jzPwzIB:fVCd+EHadlq8p0v8l7s4

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS

Files

bda227603c3d1256464e76cb6ec67a7c_JaffaCakes118
.apk android arch:arm

com.lionmobi.powerclean

com.lionmobi.powerclean.activity.SplashActivity

Activities

com.lionmobi.powerclean.activity.SplashActivity

android.intent.action.MAIN

com.lionmobi.powerclean.activity.WhiteListViewActivity

com.lionmobi.powerclean.activity.WhiteListViewActivity

com.lionmobi.powerclean.activity.AnimationActivity

android.intent.action.MAIN

com.lionmobi.powerclean.activity.GameBoostShortcutActivity

android.intent.action.MAIN

com.lionmobi.powerclean.activity.CleanShortcutActivity

android.intent.action.MAIN

Permissions

com.lionmobi.powerclean.PowerBoost
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.RESTART_PACKAGES
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_PACKAGE_SIZE
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CLEAR_APP_CACHE
android.permission.FLASHLIGHT
android.permission.VIBRATE
com.android.launcher.permission.READ_SETTINGS
android.permission.CAMERA
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.EXPAND_STATUS_BAR
android.permission.READ_PHONE_STATE
android.permission.PACKAGE_USAGE_STATS
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE
com.lionmobi.powerclean.permission.C2D_MESSAGE

Receivers

com.lionmobi.powerclean.widget.OneBoostWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
com.lionmobi.powerclean.widget.click

com.lionmobi.powerclean.widget.SpeedyWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
com.lionmobi.powerclean.widget.click

com.lionmobi.powerclean.broadcast.NotifiCanceReceiver

notif_cancelled

com.lionmobi.powerclean.broadcast.InstallRefererReceiver

com.android.vending.INSTALL_REFERRER

com.lionmobi.powerclean.broadcast.ServiceMonitor

android.intent.action.BOOT_COMPLETED
android.net.wifi.WIFI_STATE_CHANGED
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.STATE_CHANGE
android.intent.action.PACKAGE_RESTARTED
android.intent.action.PACKAGE_REPLACED

com.lionmobi.powerclean.broadcast.BootServiceReceiver

android.intent.action.BOOT_COMPLETED
android.net.wifi.WIFI_STATE_CHANGED
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.net.wifi.STATE_CHANGE
android.intent.action.PACKAGE_RESTARTED
android.intent.action.PACKAGE_REPLACED

com.lionmobi.powerclean.broadcast.BootLockServiceReceiver

android.intent.action.BOOT_COMPLETED

com.lionmobi.powerclean.broadcast.LockServiceMonitor

android.intent.action.USER_PRESENT

com.lionmobi.powerclean.broadcast.UpdataBroadcastReceiver

android.intent.action.DOWNLOAD_COMPLETE

com.google.ads.conversiontracking.InstallReceiver

com.android.vending.INSTALL_REFERRER

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

Services

com.lionmobi.powerclean.service.NotificationMonitorService

android.service.notification.NotificationListenerService

com.lionmobi.powerclean.service.accessibility.PowerAccessibilityService

android.accessibilityservice.AccessibilityService

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

Android Permissions

bda227603c3d1256464e76cb6ec67a7c_JaffaCakes118

Permissions

com.lionmobi.powerclean.PowerBoost

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_EXTERNAL_STORAGE

android.permission.RESTART_PACKAGES

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.GET_PACKAGE_SIZE

android.permission.GET_TASKS

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.CLEAR_APP_CACHE

android.permission.FLASHLIGHT

android.permission.VIBRATE

com.android.launcher.permission.READ_SETTINGS

android.permission.CAMERA

com.android.browser.permission.READ_HISTORY_BOOKMARKS

com.android.browser.permission.WRITE_HISTORY_BOOKMARKS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.EXPAND_STATUS_BAR

android.permission.READ_PHONE_STATE

android.permission.PACKAGE_USAGE_STATS

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.WAKE_LOCK

com.google.android.c2dm.permission.RECEIVE

com.lionmobi.powerclean.permission.C2D_MESSAGE

Sharing

General

Malware Config

Signatures

Files

com.lionmobi.powerclean

com.lionmobi.powerclean.activity.SplashActivity

Activities

com.lionmobi.powerclean.activity.SplashActivity

com.lionmobi.powerclean.activity.WhiteListViewActivity

com.lionmobi.powerclean.activity.AnimationActivity

com.lionmobi.powerclean.activity.GameBoostShortcutActivity

com.lionmobi.powerclean.activity.CleanShortcutActivity

Permissions

Receivers

com.lionmobi.powerclean.widget.OneBoostWidgetProvider

com.lionmobi.powerclean.widget.SpeedyWidgetProvider

com.lionmobi.powerclean.broadcast.NotifiCanceReceiver

com.lionmobi.powerclean.broadcast.InstallRefererReceiver

com.lionmobi.powerclean.broadcast.ServiceMonitor

com.lionmobi.powerclean.broadcast.BootServiceReceiver

com.lionmobi.powerclean.broadcast.BootLockServiceReceiver

com.lionmobi.powerclean.broadcast.LockServiceMonitor

com.lionmobi.powerclean.broadcast.UpdataBroadcastReceiver

com.google.ads.conversiontracking.InstallReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

com.lionmobi.powerclean.service.NotificationMonitorService

com.lionmobi.powerclean.service.accessibility.PowerAccessibilityService

com.google.firebase.iid.FirebaseInstanceIdService

Android Permissions

bda227603c3d1256464e76cb6ec67a7c_JaffaCakes118