d0c7ebc3eb6815b295955bc7468d79d0_JaffaCakes118

General

Target

d0c7ebc3eb6815b295955bc7468d79d0_JaffaCakes118
Size

6.8MB
MD5

d0c7ebc3eb6815b295955bc7468d79d0
SHA1

2ff73c0fd35fc7f97f929cc8d2781f8b70d03d3d
SHA256

ca3e63e9f1354cfce3662278250842f680bb5df9db76c9193c44719ef01287f7
SHA512

42b3750a3d1d3858d21691a4aa520ec3600ae19e3ada55b59923cdc39311c080573bb64d008d38e32b5f90598d3c3ecfb8977d0b39973778f27463d8731fe2aa
SSDEEP

98304:ddZHXdklsuK33ysVvIt9hF1PxsfoqBszW8jCnKUFBszW8jCnJYdzEYvU5ogYH52N:GsuQ3ywvID1aQqKEJYe15qmg7pk0xuVt

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Files

d0c7ebc3eb6815b295955bc7468d79d0_JaffaCakes118
.apk android arch:arm arch:mips arch:x86

com.lrlz.pandamakeup

com.lrlz.pandamakeup.activity.SplashActivity

Activities

com.lrlz.pandamakeup.activity.SplashActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.lrlz.pandamakeup.activity.GoodsDetailActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.alipay.android.mini.window.sdk.MiniLaucherActivity

com.alipay.mobilepay.android

com.alipay.android.mini.window.sdk.MiniPayActivity

android.intent.action.MAIN

com.alipay.android.mini.window.sdk.MiniWebActivity

android.intent.action.MAIN

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_SMS
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.WAKE_LOCK
android.permission.READ_LOGS
android.permission.VIBRATE
android.permission.WRITE_SETTINGS
com.ut.permission.DEVICE_STATE
android.permission.READ_SETTINGS

Receivers

com.umeng.message.RegistrationReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED

com.umeng.message.UmengBroadcastReceiver

org.agoo.android.intent.action.RECEIVE
com.lrlz.pandamakeup.intent.action.COMMAND
org.agoo.android.intent.action.RE_ELECTION_V2

com.ut.device.BQueryWhoHasOne

UT.QueryWhoHasOne

com.ut.device.BFoundIt

UT.FoundIT

com.alipay.mobile.datatunnel.ext.trigger.AlipayDataTunnelTrigger

android.net.conn.CONNECTIVITY_CHANGE

Services

com.umeng.message.UmengService

com.lrlz.pandamakeup.intent.action.START
com.lrlz.pandamakeup.intent.action.COCKROACH
org.agoo.android.intent.action.PING

org.android.agoo.service.ElectionService

org.agoo.android.intent.action.ELECTION_V2

com.alipay.mobile.datatunnel.ext.AlipayDataTunnelService

com.alipay.mobile.datatunnel.ext.action.MAIN
alipay_msp.apk
.apk android arch:arm

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

android.intent.action.MAIN

.activity.Alerter

android.intent.action.MAIN

.activity.Welcome

android.intent.action.MAIN

.activity.Updater

android.intent.action.MAIN

.activity.PageForBrowser

android.intent.action.VIEW

.activity.CertBiz

android.intent.action.MAIN

.activity.MessageActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_USER_PRESENT
android.permission.VIBRATE
android.permission.CHANGE_NETWORK_STATE
com.alipay.notify.permission.PUSHSERVICE
com.alipay.android.permission.BOOT_COMPLETED
com.alipay.android.app.gphone.SHARE

Receivers

com.alipay.notify.BroadcastActionReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
android.intent.action.PACKAGE_ADDED

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

com.alipay.notify.push.NotificationService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

com.alipay.notify.poll.config.ConfigService

Android Permissions

d0c7ebc3eb6815b295955bc7468d79d0_JaffaCakes118

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_SMS

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.INTERACT_ACROSS_USERS_FULL

android.permission.WAKE_LOCK

android.permission.READ_LOGS

android.permission.VIBRATE

android.permission.WRITE_SETTINGS

com.ut.permission.DEVICE_STATE

android.permission.READ_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.lrlz.pandamakeup

com.lrlz.pandamakeup.activity.SplashActivity

Activities

com.lrlz.pandamakeup.activity.SplashActivity

com.lrlz.pandamakeup.activity.GoodsDetailActivity

com.tencent.tauth.AuthActivity

com.alipay.android.mini.window.sdk.MiniLaucherActivity

com.alipay.android.mini.window.sdk.MiniPayActivity

com.alipay.android.mini.window.sdk.MiniWebActivity

Permissions

Receivers

com.umeng.message.RegistrationReceiver

com.umeng.message.UmengBroadcastReceiver

com.ut.device.BQueryWhoHasOne

com.ut.device.BFoundIt

com.alipay.mobile.datatunnel.ext.trigger.AlipayDataTunnelTrigger

Services

com.umeng.message.UmengService

org.android.agoo.service.ElectionService

com.alipay.mobile.datatunnel.ext.AlipayDataTunnelService

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

.activity.Alerter

.activity.Welcome

.activity.Updater

.activity.PageForBrowser

.activity.CertBiz

.activity.MessageActivity

Permissions

Receivers

com.alipay.notify.BroadcastActionReceiver

Services

.AlixService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

Android Permissions

d0c7ebc3eb6815b295955bc7468d79d0_JaffaCakes118