d316ac3249fba90900301ead6b569974_JaffaCakes118

General

Target

d316ac3249fba90900301ead6b569974_JaffaCakes118
Size

3.9MB
MD5

d316ac3249fba90900301ead6b569974
SHA1

bfd3f2e04a010fc7504964d23ced618bbd7233d5
SHA256

98fa2e7c26545c5220ad13d5072e68adf21bf0f8970e51b93a8e99c1ef9c2110
SHA512

968257ed920730fd22b3e724d91150d6c3fc599b4d67327c02cb028e4c922c4a217f12f2e5b927947d4ac233d8ab6ca905db1bf30251177fd30efc85e27d861c
SSDEEP

98304:8HaSj2q1SavvMkJ3guuhxDTGvYLL/VKlSSfkzobBoUWb8MOuAqyulK5SSn:8Havq1SaHAt6vkV26QaTYMOh

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 12 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

d316ac3249fba90900301ead6b569974_JaffaCakes118
.apk android arch:arm

com.yuanfenhunlian.main

com.qihoo.util.StartActivity

Activities

com.yuanfenhunlian.main.SplashActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.qihoo.util.StartActivity

android.intent.action.MAIN

mm.purchasesdk.iapservice.BillingLayoutActivity

com.yuanfenhunlian.main.com.mmiap.activity

safiap.framework.ui.UpdateHintActivity

safiap.framework.ACTION_TO_INSTALL
safiap.framework.ACTION_TO_INSTALL_IAP
safiap.framework.ACTION_NETWORK_ERROR_IAP
safiap.framework.ACTION_NETWORK_ERROR_FRAMEWORK

Permissions

android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_LOGS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
android.permission.CHANGE_NETWORK_STATE
android.permission.VIBRATE
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.VIBRATE
android.permission.GET_TASKS
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.GET_TOP_ACTIVITY_INFO
android.permission.REORDER_TASKS
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.VIBRATE
getui.permission.GetuiService.com.yuanfenhunlian.main
android.permission.GET_TASKS
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.RECORD_AUDIO
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.SEND_SMS
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Receivers

com.yuanfenhunlian.main.app.YAMessage

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
com.yuanfenhunlian.main.action.refresh
com.yuanfenhunlian.main.action.notification

com.igexin.sdk.PushReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
com.igexin.sdk.action.refreshls
android.intent.action.MEDIA_MOUNTED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.igexin.download.DownloadReceiver

android.net.conn.CONNECTIVITY_CHANGE

safiap.framework.CheckUpdateReceiver

safiap.framework.ACTION_CANCEL_NOTIFICATION
safiap.GET_SHARED_DATA
safiap.framework.ACTION_SET_TIMER

Services

com.baidu.location.f

com.baidu.location.service_v2.2

com.igexin.sdk.PushService

com.igexin.sdk.action.service.message

mm.purchasesdk.iapservice.PurchaseService

com.aspire.purchaseservice.BIND
com.yuanfenhunlian.main.purchaseservice.BIND
android.intent.action.MAIN

safiap.framework.SafFrameworkManager

safiap.framework.sdk.ISAFFramework
safiap.framework.ACTION_START_DOWNLOAD
safiap.framework.ACTION_CHECK_UPDATE

Android Permissions

d316ac3249fba90900301ead6b569974_JaffaCakes118

Permissions

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_LOGS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.GET_TASKS

android.permission.CHANGE_NETWORK_STATE

android.permission.VIBRATE

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.VIBRATE

android.permission.GET_TASKS

android.permission.INTERACT_ACROSS_USERS_FULL

android.permission.GET_TOP_ACTIVITY_INFO

android.permission.REORDER_TASKS

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.VIBRATE

getui.permission.GetuiService.com.yuanfenhunlian.main

android.permission.GET_TASKS

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.RECORD_AUDIO

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.SEND_SMS

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Sharing

General

Malware Config

Signatures

Files

com.yuanfenhunlian.main

com.qihoo.util.StartActivity

Activities

com.yuanfenhunlian.main.SplashActivity

com.qihoo.util.StartActivity

mm.purchasesdk.iapservice.BillingLayoutActivity

safiap.framework.ui.UpdateHintActivity

Permissions

Receivers

com.yuanfenhunlian.main.app.YAMessage

com.igexin.sdk.PushReceiver

com.igexin.download.DownloadReceiver

safiap.framework.CheckUpdateReceiver

Services

com.baidu.location.f

com.igexin.sdk.PushService

mm.purchasesdk.iapservice.PurchaseService

safiap.framework.SafFrameworkManager

Android Permissions

d316ac3249fba90900301ead6b569974_JaffaCakes118