bda93537a83ab57d9e16e1391c556be7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bda93537a83ab57d9e16e1391c556be7_JaffaCakes118
Size

10.9MB
MD5

bda93537a83ab57d9e16e1391c556be7
SHA1

e3c5d6654116185e7e71df3ad4367f28b38e480e
SHA256

4c633e56614cd25fb196aed8d4c65b9f0b8aaffa99ba1db9c936ca892dbf8edc
SHA512

edf2f8d0473d9acfcb116f3cc44395d44c34c95cfc12b7ca69a4413e9e4c2bbcb91c8e982ecfd41352379e9686bc44a2fd5ebc5ab03aa66ce3901b7b867268b3
SSDEEP

196608:wxnu3CKVRLrugC3lthQW8JI9pFuYoW+DzaFMm2MUB:33YgC1sWCIjFu0ynz

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

bda93537a83ab57d9e16e1391c556be7_JaffaCakes118
.apk android arch:arm arch:x86

com.avast.android.vpn

com.avast.android.vpn.app.wizard.WizardActivity

Activities

com.avast.android.vpn.app.wizard.WizardActivity

android.intent.action.MAIN

com.avast.android.vpn.app.home.HomeActivity

secureline.intent.action.START_ON_BOOT

com.avast.android.vpn.app.rules.RulesActivity

android.intent.action.VIEW

com.avast.android.vpn.app.rules.RuleDetailActivity

android.intent.action.VIEW
android.intent.action.EDIT
android.intent.action.INSERT

com.avast.android.vpn.app.licensing.SubscriptionActivity

com.avast.android.billing.subscription.SubscriptionActivity.START_SUBSCRIPTION_PURCHASE

com.avast.android.vpn.app.licensing.BillingActivityV2

com.avast.android.billing.subscription.SubscriptionActivity.START_SUBSCRIPTION_PURCHASE_NEW

com.avast.android.billing.ui.VoucherUriActivity

android.intent.action.VIEW

com.avast.android.shepherd.ShepherdUriActivity

android.intent.action.VIEW

Permissions

com.avast.android.generic.CENTRAL_SERVICE_PERMISSION
com.avast.android.vpn.CENTRAL_SERVICE_PERMISSION
com.avast.android.generic.COMM_PERMISSION
com.avast.android.vpn.permission.C2D_MESSAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
com.android.vending.BILLING
android.permission.GET_ACCOUNTS
android.permission.GET_TASKS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_EXTERNAL_STORAGE
openvpn.permission.RECEIVE_VPN_STATUS
com.google.android.c2dm.permission.RECEIVE
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.VIBRATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.ACCESS_FINE_LOCATION
android.permission.WRITE_EXTERNAL_STORAGE
com.google.android.providers.gsf.permission.READ_GSERVICES

Receivers

com.avast.android.generic.service.C2DMListener

com.google.android.c2dm.intent.RECEIVE
com.google.android.c2dm.intent.REGISTRATION

com.avast.android.generic.service.C2DMHandler

com.avast.android.generic.action.C2DM_ENABLE_SUITE
com.avast.android.generic.action.C2DM_DISABLE_SUITE

com.avast.android.generic.service.SettingChangeListener

com.avast.android.generic.action.PROPERTY_CHANGED

com.avast.android.generic.service.SuiteMessageListener

com.avast.android.generic.action.MESSAGE_TO_SUITE
com.avast.android.mobilesecurity.app.account.ACCOUNT_CONNECTED
com.avast.android.mobilesecurity.app.account.ACCOUNT_DISCONNECTED
com.avast.android.generic.action.UPDATE_CHECK_SUITE
com.avast.android.mobilesecurity.app.account.PUSH_ACCOUNT_COMMUNICATION

com.avast.android.generic.service.SMSListener

android.provider.Telephony.SMS_RECEIVED

com.avast.android.generic.service.DataSMSListener

android.intent.action.DATA_SMS_RECEIVED

com.avast.android.generic.service.PackageListener

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
com.avast.android.generic.action.SHARE_SETTINGS

com.avast.android.vpn.app.securenetworking.BootCompletedReceiver

android.intent.action.QUICKBOOT_POWERON
android.intent.action.BOOT_COMPLETED

com.avast.android.vpn.state.VpnStateReceiver

openvpn.intent.action.STATUS

com.avast.android.vpn.widget.SwitchWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE

com.avast.android.vpn.app.rules.core.ConnectivityChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.google.android.gms.analytics.CampaignTrackingReceiver

com.android.vending.INSTALL_REFERRER

com.google.android.gms.analytics.AnalyticsReceiver

com.google.android.gms.analytics.ANALYTICS_DISPATCH

com.avast.android.shepherd.ShepherdConnectivityChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE
intent.action.SHEPHERD_CONNECTIVITY_FAILSAFE

com.avast.android.shepherd.ShepherdNextUpdateTimeReceiver

com.avast.android.shepherd.NEXT_UPDATE_TIME_SET

com.avast.android.shepherd.ShepherdReferralReceiver

com.android.vending.INSTALL_REFERRER

com.avast.android.billing.v2.provider.fortumo.PaymentStatusReceiver

mp.info.PAYMENT_STATUS_CHANGED

com.avast.android.burger.internal.BootCompletedBroadcastReceiver

android.intent.action.BOOT_COMPLETED

com.yarning.nightjars.ConnectReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.yarning.nightjars.InstallReceiver

com.android.vending.INSTALL_REFERRER

sgbfkch.jziayptjc.wocsehq

android.intent.action.USER_PRESENT

Services

com.avast.android.vpn.statistics.ResponseTestService

com.avast.android.secureline.ResponseTestService.send_statistics

com.avast.android.vpn.service.StatusInformerService

com.avast.android.secureline.statusinformer

com.avast.android.secureline.openvpn.OpenVpnService

android.net.VpnService
com.avast.android.secureline.VpnService.start
com.avast.android.secureline.VpnService.stop

com.yandex.metrica.MetricaService

com.yandex.metrica.IMetricaService

Android Permissions

bda93537a83ab57d9e16e1391c556be7_JaffaCakes118

Permissions

com.avast.android.generic.CENTRAL_SERVICE_PERMISSION

com.avast.android.vpn.CENTRAL_SERVICE_PERMISSION

com.avast.android.generic.COMM_PERMISSION

com.avast.android.vpn.permission.C2D_MESSAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.INTERNET

com.android.vending.BILLING

android.permission.GET_ACCOUNTS

android.permission.GET_TASKS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.READ_EXTERNAL_STORAGE

openvpn.permission.RECEIVE_VPN_STATUS

com.google.android.c2dm.permission.RECEIVE

android.permission.WAKE_LOCK

android.permission.READ_PHONE_STATE

android.permission.VIBRATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.ACCESS_FINE_LOCATION

android.permission.WRITE_EXTERNAL_STORAGE

com.google.android.providers.gsf.permission.READ_GSERVICES

Sharing

General

Malware Config

Signatures

Files

com.avast.android.vpn

com.avast.android.vpn.app.wizard.WizardActivity

Activities

com.avast.android.vpn.app.wizard.WizardActivity

com.avast.android.vpn.app.home.HomeActivity

com.avast.android.vpn.app.rules.RulesActivity

com.avast.android.vpn.app.rules.RuleDetailActivity

com.avast.android.vpn.app.licensing.SubscriptionActivity

com.avast.android.vpn.app.licensing.BillingActivityV2

com.avast.android.billing.ui.VoucherUriActivity

com.avast.android.shepherd.ShepherdUriActivity

Permissions

Receivers

com.avast.android.generic.service.C2DMListener

com.avast.android.generic.service.C2DMHandler

com.avast.android.generic.service.SettingChangeListener

com.avast.android.generic.service.SuiteMessageListener

com.avast.android.generic.service.SMSListener

com.avast.android.generic.service.DataSMSListener

com.avast.android.generic.service.PackageListener

com.avast.android.vpn.app.securenetworking.BootCompletedReceiver

com.avast.android.vpn.state.VpnStateReceiver

com.avast.android.vpn.widget.SwitchWidgetProvider

com.avast.android.vpn.app.rules.core.ConnectivityChangeReceiver

com.google.android.gms.analytics.CampaignTrackingReceiver

com.google.android.gms.analytics.AnalyticsReceiver

com.avast.android.shepherd.ShepherdConnectivityChangeReceiver

com.avast.android.shepherd.ShepherdNextUpdateTimeReceiver

com.avast.android.shepherd.ShepherdReferralReceiver

com.avast.android.billing.v2.provider.fortumo.PaymentStatusReceiver

com.avast.android.burger.internal.BootCompletedBroadcastReceiver

com.yarning.nightjars.ConnectReceiver

com.yarning.nightjars.InstallReceiver

sgbfkch.jziayptjc.wocsehq

Services

com.avast.android.vpn.statistics.ResponseTestService

com.avast.android.vpn.service.StatusInformerService

com.avast.android.secureline.openvpn.OpenVpnService

com.yandex.metrica.MetricaService

Android Permissions

bda93537a83ab57d9e16e1391c556be7_JaffaCakes118