d2a5fd8205769aae8038fe93876334e8_JaffaCakes118

General

Target

d2a5fd8205769aae8038fe93876334e8_JaffaCakes118
Size

6.4MB
MD5

d2a5fd8205769aae8038fe93876334e8
SHA1

8a6a86aba0a09428493000d92dff76f4c5a338ef
SHA256

3538d8cde3ad53350843745ee0c4f31e85a1461e2f441c7d9f9a03ae250d170d
SHA512

e14a6784758b0a860ef5541d1bf37b8f9f6934062e7a3fdb59e48683a12f0134e1699d21d5bdca2f911c41e0da3805e8a607ca33d565dccbc4df7626020aa915
SSDEEP

98304:xs4Jt1j97Q2thDT6ROwBTUh4OmIQf3i8b9GihpwoxBUtVO8Qy4OmDHP1z:x7RZ7QYhqR/rq8hXhpNPUfOjy969z

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 12 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to write and read the user's call log data.	android.permission.WRITE_CALL_LOG
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Required to be able to access the camera device.	android.permission.CAMERA

Files

d2a5fd8205769aae8038fe93876334e8_JaffaCakes118
.apk android arch:arm arch:x86

com.mgyun.shua

com.mgyun.shua.ui.WelcomeActivity

Activities

com.mgyun.shua.ui.WelcomeActivity

android.intent.action.MAIN

com.mgyun.shua.ui.MainAct

com.mgyun.shua.MAIN

com.mgyun.shua.ui.ComposeSmsActivity

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.MOUNT_UNMOUNT_FILESYSTEMS
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
android.permission.READ_LOGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.READ_OWNER_DATA
android.permission.WRITE_OWNER_DATA
android.permission.WRITE_CONTACTS
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.SEND_SMS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.SET_WALLPAPER
android.permission.GET_TASKS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.GET_PACKAGE_SIZE
android.permission.CLEAR_APP_CACHE
android.permission.READ_CALL_LOG
android.permission.WRITE_CALL_LOG
android.permission.FORCE_STOP_PACKAGES
android.permission.WRITE_APN_SETTINGS
android.permission.DELETE_CACHE_FILES
android.permission.ACCESS_CACHE_FILESYSTEM
android.permission.WRITE_SECURE_SETTINGS
android.permission.INTERACT_ACROSS_USERS_FULL
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.WRITE_SETTINGS
com.motorola.mmsp.motoswitch.permission.READ_SETTINGS
com.motorola.mmsp.motoswitch.permission.WRITE_SETTINGS
com.huaqin.launcherEx.permission.READ_SETTINGS
com.huaqin.launcherEx.permission.WRITE_APN_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.android.launcher3.permission.WRITE_SETTINGS
org.adw.launcher.permission.READ_SETTINGS
org.adw.launcher.permission.WRITE_SETTINGS
com.qihoo360.launcher.permission.READ_SETTINGS
com.qihoo360.launcher.permission.WRITE_SETTINGS
com.lge.launcher.permission.READ_SETTINGS
com.lge.launcher.permission.WRITE_SETTINGS
net.qihoo.launcher.permission.READ_SETTINGS
net.qihoo.launcher.permission.WRITE_SETTINGS
org.adwfreak.launcher.permission.READ_SETTINGS
org.adwfreak.launcher.permission.WRITE_SETTINGS
com.huawei.launcher3.permission.READ_SETTINGS
com.huawei.launcher3.permission.WRITE_SETTINGS
com.fede.launcher.permission.READ_SETTINGS
com.fede.launcher.permission.WRITE_SETTINGS
com.sec.android.app.twlauncher.settings.READ_SETTINGS
com.sec.android.app.twlauncher.settings.WRITE_SETTINGS
com.anddoes.launcher.permission.READ_SETTINGS
com.anddoes.launcher.permission.WRITE_SETTINGS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.RESTART_PACKAGES
android.permission.GET_ACCOUNTS
android.permission.CAMERA
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.BLUETOOTH
android.permission.DIAGNOSTIC
android.permission.ACCESS_MTK_MMHW
android.permission.ACCESS_MOCK_LOCATION

Receivers

com.mgyun.shua.service.BootReceiver

android.intent.action.BOOT_COMPLETED

com.mgyun.shua.service.SmsReceiver

android.provider.Telephony.SMS_DELIVER

com.mgyun.shua.service.MmsReceiver

android.provider.Telephony.WAP_PUSH_DELIVER

com.taobao.accs.EventReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.taobao.accs.ServiceReceiver

com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO

com.taobao.agoo.AgooCommondReceiver

com.mgyun.shua.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED

Services

com.mgyun.shua.service.WorkService

com.mgyun.shua.boot.restore

com.mgyun.shua.service.HeadlessSmsSendService

android.intent.action.RESPOND_VIA_MESSAGE

com.taobao.accs.ChannelService

com.taobao.accs.intent.action.SERVICE
com.taobao.accs.intent.action.ELECTION

com.taobao.accs.data.MsgDistributeService

com.taobao.accs.intent.action.RECEIVE

org.android.agoo.accs.AgooService

com.taobao.accs.intent.action.RECEIVE

com.umeng.message.UmengIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.messge.registercallback.action
com.umeng.message.enablecallback.action
com.umeng.message.disablecallback.action
com.umeng.message.message.handler.action

com.umeng.message.UmengMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService

com.mgyun.accessibility.server.NRIAccessibilityServer

android.accessibilityservice.AccessibilityService

Android Permissions

d2a5fd8205769aae8038fe93876334e8_JaffaCakes118

Permissions

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

android.permission.READ_LOGS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

android.permission.READ_OWNER_DATA

android.permission.WRITE_OWNER_DATA

android.permission.WRITE_CONTACTS

android.permission.READ_CONTACTS

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.SEND_SMS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE

android.permission.SET_WALLPAPER

android.permission.GET_TASKS

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.GET_PACKAGE_SIZE

android.permission.CLEAR_APP_CACHE

android.permission.READ_CALL_LOG

android.permission.WRITE_CALL_LOG

android.permission.FORCE_STOP_PACKAGES

android.permission.WRITE_APN_SETTINGS

android.permission.DELETE_CACHE_FILES

android.permission.ACCESS_CACHE_FILESYSTEM

android.permission.WRITE_SECURE_SETTINGS

android.permission.INTERACT_ACROSS_USERS_FULL

com.htc.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.WRITE_SETTINGS

com.motorola.mmsp.motoswitch.permission.READ_SETTINGS

com.motorola.mmsp.motoswitch.permission.WRITE_SETTINGS

com.huaqin.launcherEx.permission.READ_SETTINGS

com.huaqin.launcherEx.permission.WRITE_APN_SETTINGS

com.oppo.launcher.permission.READ_SETTINGS

com.oppo.launcher.permission.WRITE_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

com.android.launcher3.permission.WRITE_SETTINGS

org.adw.launcher.permission.READ_SETTINGS

org.adw.launcher.permission.WRITE_SETTINGS

com.qihoo360.launcher.permission.READ_SETTINGS

com.qihoo360.launcher.permission.WRITE_SETTINGS

com.lge.launcher.permission.READ_SETTINGS

com.lge.launcher.permission.WRITE_SETTINGS

net.qihoo.launcher.permission.READ_SETTINGS

net.qihoo.launcher.permission.WRITE_SETTINGS

org.adwfreak.launcher.permission.READ_SETTINGS

org.adwfreak.launcher.permission.WRITE_SETTINGS

com.huawei.launcher3.permission.READ_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.mgyun.shua

com.mgyun.shua.ui.WelcomeActivity

Activities

com.mgyun.shua.ui.WelcomeActivity

com.mgyun.shua.ui.MainAct

com.mgyun.shua.ui.ComposeSmsActivity

Permissions

Receivers

com.mgyun.shua.service.BootReceiver

com.mgyun.shua.service.SmsReceiver

com.mgyun.shua.service.MmsReceiver

com.taobao.accs.EventReceiver

com.taobao.accs.ServiceReceiver

com.taobao.agoo.AgooCommondReceiver

Services

com.mgyun.shua.service.WorkService

com.mgyun.shua.service.HeadlessSmsSendService

com.taobao.accs.ChannelService

com.taobao.accs.data.MsgDistributeService

org.android.agoo.accs.AgooService

com.umeng.message.UmengIntentService

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.message.UmengMessageIntentReceiverService

com.mgyun.accessibility.server.NRIAccessibilityServer

Android Permissions

d2a5fd8205769aae8038fe93876334e8_JaffaCakes118