befa03b30c81da2777b2241faf7c42da_JaffaCakes118

General

Target

befa03b30c81da2777b2241faf7c42da_JaffaCakes118
Size

11.9MB
MD5

befa03b30c81da2777b2241faf7c42da
SHA1

42bba7f4ebe3e4944741a6af0769eef0c1a4cda6
SHA256

ba1d67e7ff335a00a261e2297c95b4573bacd94afccc90a68c53544de2f0e16f
SHA512

b47f88f931b63877a517b9b3925874fbc4e9d7ac36eefce3fe5507edc77a82fec074ccfe6c46b1cffd1d6bbdbd676a68b6ce188698ebfe410caff2f6535e04fc
SSDEEP

196608:m02Ao4qlUBogvhb8/rTju9n2WND9/j/6v/m5dtfr1qjbsXeVxhO5:vnVBr03K9n2WB9KEdtz13eVm5

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 12 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to record audio.	android.permission.RECORD_AUDIO

Files

befa03b30c81da2777b2241faf7c42da_JaffaCakes118
.apk android

com.richinfo.thinkmail

com.richinfo.thinkmail.ui.setup.WelcomeMessage

Activities

com.richinfo.thinkmail.ui.setup.WelcomeMessage

android.intent.action.MAIN

com.richinfo.thinkmail.ui.Halls

android.intent.action.VIEW

com.richinfo.thinkmail.ui.Accounts

android.intent.action.VIEW

com.richinfo.thinkmail.ui.thread.ShowThreadMsgActivity

android.intent.action.THINKMAILAPP_MESSAGE
android.longgang.district.party.committee.read.message

com.richinfo.thinkmail.ui.messagecompose.MessageCompose

android.intent.action.SENDTO
android.intent.action.SEND
android.intent.action.SEND_MULTIPLE
android.intent.action.VIEW
com.richinfo.thinkmail.ui.MessageCompose
android.longgang.district.party.committee.compose.message

com.richinfo.thinkmail.ui.messagecompose.MediaMessageCompose

android.intent.action.SENDTO
android.intent.action.SEND
android.intent.action.SEND_MULTIPLE
android.intent.action.VIEW
com.richinfo.thinkmail.ui.MessageCompose

com.richinfo.thinkmail.ui.messagecompose.MeettingCompose

android.intent.action.SENDTO
android.intent.action.SEND
android.intent.action.SEND_MULTIPLE
android.intent.action.VIEW
com.richinfo.thinkmail.ui.MessageCompose

cn.richinfo.calendar.ui.ScheduleDetailActivity

cn.richinfo.calendar.notifySchedule

Permissions

android.permission.RECEIVE_USER_PRESENT
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_CONTACTS
android.permission.READ_SYNC_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CALL_PHONE
android.permission.WRITE_CONTACTS
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
org.thialfihar.android.apg.permission.READ_KEY_DETAILS
android.permission.GET_TASKS
android.permission.SEND_SMS
android.permission.CHANGE_WIFI_STATE
com.sec.android.provider.badge.permission.READ
com.sec.android.provider.badge.permission.WRITE
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
com.sonyericsson.home.permission.BROADCAST_BADGE
com.htc.launcher.permission.WRITE_SETTINGS
com.htc.launcher.permission.READ_SETTINGS
com.richinfo.thinkmail.permission.READ_ATTACHMENT
com.richinfo.thinkmail.permission.REMOTE_CONTROL
com.richinfo.thinkmail.permission.READ_MESSAGES
com.richinfo.thinkmail.permission.DELETE_MESSAGES
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.ACCESS_WIFI_STATE
android.permission.USE_CREDENTIALS
android.permission.GET_ACCOUNTS
android.permission.MANAGE_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.CAMERA
android.permission.RECORD_AUDIO

Receivers

com.richinfo.thinkmail.lib.service.BootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK
android.net.conn.CONNECTIVITY_CHANGE
android.net.conn.BACKGROUND_DATA_SETTING_CHANGED
com.android.sync.SYNC_CONN_STATUS_CHANGED
com.richinfo.thinkmail.lib.service.BroadcastReceiver.scheduleIntent

com.richinfo.thinkmail.lib.service.RemoteControlReceiver

com.richinfo.thinkmail.K9RemoteControl.set
com.richinfo.thinkmail.K9RemoteControl.requestAccounts

com.richinfo.thinkmail.lib.service.CoreReceiver

com.richinfo.thinkmail.lib.service.CoreReceiver.wakeLockRelease

com.richinfo.thinkmail.lib.service.StorageReceiver

android.intent.action.MEDIA_MOUNTED

com.richinfo.thinkmail.ui.setup.StartLoginActivityBroadcastReceiver

com.richinfo.thinkmail.ui.setup.LoginActivity

com.richinfo.thinkmail.ui.NotifyReceiver

com.richinfo.thinkmail.buildAccountsBackStack
com.richinfo.thinkmail.buildFolderListBackStack
com.richinfo.thinkmail.buildUnreadBackStack
com.richinfo.thinkmail.buildMessageListBackStack
com.richinfo.thinkmail.buildMessageViewBackStack

cn.richinfo.pns.service.PushReceiver

android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.richinfo.thinkmail.lib.controller.PnsPushReveiver

cn.richinfo.pns.intent.MESSAGE_RECEIVED
cn.richinfo.pns.intent.NOTIFICATION_OPENED

cn.richinfo.calendar.alert.AlertReceiver

cn.richinfo.calendar.EVENT_REMINDER
android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.LOCALE_CHANGED
cn.richinfo.calendar.PROVIDER_CHANGED

cn.richinfo.calendar.receivers.StartUpIntentReceiver

cn.richinfo.calendar.action.SYNC_ALARM

Services

mail139.umcsdk.trustauthentication.UMCAuthenticatorService

android.accounts.AccountAuthenticator

cn.richinfo.pns.service.PushService

cn.richinfo.pns.intent.REGISTER
cn.richinfo.pns.intent.REPORT
cn.richinfo.pns.intent.PushService
cn.richinfo.pns.intent.PUSH_TIME

cn.richinfo.calendar.sync.SyncService

cn.richinfo.calendar.action.SYNC_SERVICE
cn.richinfo.calendarsdk.sync

Android Permissions

befa03b30c81da2777b2241faf7c42da_JaffaCakes118

Permissions

android.permission.RECEIVE_USER_PRESENT

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.READ_CONTACTS

android.permission.READ_SYNC_SETTINGS

android.permission.READ_PHONE_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.CALL_PHONE

android.permission.WRITE_CONTACTS

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.VIBRATE

android.permission.WAKE_LOCK

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

org.thialfihar.android.apg.permission.READ_KEY_DETAILS

android.permission.GET_TASKS

android.permission.SEND_SMS

android.permission.CHANGE_WIFI_STATE

com.sec.android.provider.badge.permission.READ

com.sec.android.provider.badge.permission.WRITE

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.WRITE_SETTINGS

com.sonyericsson.home.permission.BROADCAST_BADGE

com.htc.launcher.permission.WRITE_SETTINGS

com.htc.launcher.permission.READ_SETTINGS

com.richinfo.thinkmail.permission.READ_ATTACHMENT

com.richinfo.thinkmail.permission.REMOTE_CONTROL

com.richinfo.thinkmail.permission.READ_MESSAGES

com.richinfo.thinkmail.permission.DELETE_MESSAGES

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.ACCESS_WIFI_STATE

android.permission.USE_CREDENTIALS

android.permission.GET_ACCOUNTS

android.permission.MANAGE_ACCOUNTS

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.CAMERA

android.permission.RECORD_AUDIO

Sharing

General

Malware Config

Signatures

Files

com.richinfo.thinkmail

com.richinfo.thinkmail.ui.setup.WelcomeMessage

Activities

com.richinfo.thinkmail.ui.setup.WelcomeMessage

com.richinfo.thinkmail.ui.Halls

com.richinfo.thinkmail.ui.Accounts

com.richinfo.thinkmail.ui.thread.ShowThreadMsgActivity

com.richinfo.thinkmail.ui.messagecompose.MessageCompose

com.richinfo.thinkmail.ui.messagecompose.MediaMessageCompose

com.richinfo.thinkmail.ui.messagecompose.MeettingCompose

cn.richinfo.calendar.ui.ScheduleDetailActivity

Permissions

Receivers

com.richinfo.thinkmail.lib.service.BootReceiver

com.richinfo.thinkmail.lib.service.RemoteControlReceiver

com.richinfo.thinkmail.lib.service.CoreReceiver

com.richinfo.thinkmail.lib.service.StorageReceiver

com.richinfo.thinkmail.ui.setup.StartLoginActivityBroadcastReceiver

com.richinfo.thinkmail.ui.NotifyReceiver

cn.richinfo.pns.service.PushReceiver

com.richinfo.thinkmail.lib.controller.PnsPushReveiver

cn.richinfo.calendar.alert.AlertReceiver

cn.richinfo.calendar.receivers.StartUpIntentReceiver

Services

mail139.umcsdk.trustauthentication.UMCAuthenticatorService

cn.richinfo.pns.service.PushService

cn.richinfo.calendar.sync.SyncService

Android Permissions

befa03b30c81da2777b2241faf7c42da_JaffaCakes118