d42595c67827d73b4ec87cf4b6865e9c_JaffaCakes118

General

Target

d42595c67827d73b4ec87cf4b6865e9c_JaffaCakes118
Size

7.9MB
MD5

d42595c67827d73b4ec87cf4b6865e9c
SHA1

16291f06c8d08f20a22c01e17b5e27d6e8640b89
SHA256

6b34a5d5ee28d71a88b05b783fdeea62b2f0fb7fd3edd7aec1284b4e3126523f
SHA512

947ea83ce4e7c453d03d6e56c469bb871d199da477629f7c8340d8d03e7ad7e89fdf011174609171bbe6e8fa50b556381fa98c3e6504b64667e43f421cfad408
SSDEEP

196608:p5U7HweEHN688vJXZrQzx2ctu1/FC0772Q4kanrk1UrGzY7eCI9wW:p5U7H3uzMtZGU1/FC+OaUcJNb

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 15 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read the user's call log.	android.permission.READ_CALL_LOG
Allows an application to write and read the user's call log data.	android.permission.WRITE_CALL_LOG
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS

Files

d42595c67827d73b4ec87cf4b6865e9c_JaffaCakes118
.apk android arch:arm arch:x86

com.mgyun.shua

com.mgyun.shua.ui.WelcomeActivity

Activities

com.mgyun.shua.ui.WelcomeActivity

android.intent.action.MAIN

com.mgyun.shua.ui.MainAct

com.mgyun.shua.MAIN

com.mgyun.shua.ui.ComposeSmsActivity

android.intent.action.SEND
android.intent.action.SENDTO

Permissions

android.permission.MOUNT_UNMOUNT_FILESYSTEMS
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
android.permission.READ_LOGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.READ_OWNER_DATA
android.permission.WRITE_OWNER_DATA
android.permission.WRITE_CONTACTS
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.SEND_SMS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.SET_WALLPAPER
android.permission.GET_TASKS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.GET_PACKAGE_SIZE
android.permission.CLEAR_APP_CACHE
android.permission.READ_CALL_LOG
android.permission.WRITE_CALL_LOG
android.permission.FORCE_STOP_PACKAGES
android.permission.WRITE_APN_SETTINGS
android.permission.DELETE_CACHE_FILES
android.permission.ACCESS_CACHE_FILESYSTEM
android.permission.WRITE_SECURE_SETTINGS
android.permission.INTERACT_ACROSS_USERS_FULL
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.WRITE_SETTINGS
com.motorola.mmsp.motoswitch.permission.READ_SETTINGS
com.motorola.mmsp.motoswitch.permission.WRITE_SETTINGS
com.huaqin.launcherEx.permission.READ_SETTINGS
com.huaqin.launcherEx.permission.WRITE_APN_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.android.launcher3.permission.WRITE_SETTINGS
org.adw.launcher.permission.READ_SETTINGS
org.adw.launcher.permission.WRITE_SETTINGS
com.qihoo360.launcher.permission.READ_SETTINGS
com.qihoo360.launcher.permission.WRITE_SETTINGS
com.lge.launcher.permission.READ_SETTINGS
com.lge.launcher.permission.WRITE_SETTINGS
net.qihoo.launcher.permission.READ_SETTINGS
net.qihoo.launcher.permission.WRITE_SETTINGS
org.adwfreak.launcher.permission.READ_SETTINGS
org.adwfreak.launcher.permission.WRITE_SETTINGS
com.huawei.launcher3.permission.READ_SETTINGS
com.huawei.launcher3.permission.WRITE_SETTINGS
com.fede.launcher.permission.READ_SETTINGS
com.fede.launcher.permission.WRITE_SETTINGS
com.sec.android.app.twlauncher.settings.READ_SETTINGS
com.sec.android.app.twlauncher.settings.WRITE_SETTINGS
com.anddoes.launcher.permission.READ_SETTINGS
com.anddoes.launcher.permission.WRITE_SETTINGS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.RESTART_PACKAGES
android.permission.GET_ACCOUNTS
android.permission.CAMERA
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.BLUETOOTH
android.permission.DIAGNOSTIC
android.permission.ACCESS_MTK_MMHW
android.permission.ACCESS_MOCK_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.MANAGE_USERS
android.permission.PACKAGE_USAGE_STATS
android.permission.BATTERY_STATS
android.permission.ACCESS_COARSE_UPDATES

Receivers

com.mgyun.shua.service.BootReceiver

android.intent.action.BOOT_COMPLETED

com.mgyun.shua.service.SmsReceiver

android.provider.Telephony.SMS_DELIVER

com.mgyun.shua.service.MmsReceiver

android.provider.Telephony.WAP_PUSH_DELIVER

com.plusive.BootUpReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_POWER_CONNECTED

com.plusive.PackageInstallReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED

com.plusive.AddJobCreatorReceiver

com.evernote.android.job.ADD_JOB_CREATOR

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.v14.RUN_JOB
net.vrallev.android.job.v14.RUN_JOB

com.evernote.android.job.JobBootReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.htc.intent.action.QUICKBOOT_POWERON
android.intent.action.MY_PACKAGE_REPLACED

com.taobao.accs.EventReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.taobao.accs.ServiceReceiver

com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO

com.taobao.agoo.AgooCommondReceiver

com.mgyun.shua.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED

Services

com.mgyun.shua.service.WorkService

com.mgyun.shua.boot.restore

com.mgyun.shua.service.HeadlessSmsSendService

android.intent.action.RESPOND_VIA_MESSAGE

com.evernote.android.job.gcm.PlatformGcmService

com.google.android.gms.gcm.ACTION_TASK_READY

com.taobao.accs.ChannelService

com.taobao.accs.intent.action.SERVICE
com.taobao.accs.intent.action.ELECTION

com.taobao.accs.data.MsgDistributeService

com.taobao.accs.intent.action.RECEIVE

org.android.agoo.accs.AgooService

com.taobao.accs.intent.action.RECEIVE

com.umeng.message.UmengIntentService

org.agoo.android.intent.action.RECEIVE

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.messge.registercallback.action
com.umeng.message.enablecallback.action
com.umeng.message.disablecallback.action
com.umeng.message.message.handler.action

com.umeng.message.UmengMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService

com.mgyun.accessibility.server.NRIAccessibilityServer

android.accessibilityservice.AccessibilityService

Android Permissions

d42595c67827d73b4ec87cf4b6865e9c_JaffaCakes118

Permissions

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

android.permission.READ_LOGS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

android.permission.READ_OWNER_DATA

android.permission.WRITE_OWNER_DATA

android.permission.WRITE_CONTACTS

android.permission.READ_CONTACTS

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.SEND_SMS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE

android.permission.SET_WALLPAPER

android.permission.GET_TASKS

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.GET_PACKAGE_SIZE

android.permission.CLEAR_APP_CACHE

android.permission.READ_CALL_LOG

android.permission.WRITE_CALL_LOG

android.permission.FORCE_STOP_PACKAGES

android.permission.WRITE_APN_SETTINGS

android.permission.DELETE_CACHE_FILES

android.permission.ACCESS_CACHE_FILESYSTEM

android.permission.WRITE_SECURE_SETTINGS

android.permission.INTERACT_ACROSS_USERS_FULL

com.htc.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.WRITE_SETTINGS

com.motorola.mmsp.motoswitch.permission.READ_SETTINGS

com.motorola.mmsp.motoswitch.permission.WRITE_SETTINGS

com.huaqin.launcherEx.permission.READ_SETTINGS

com.huaqin.launcherEx.permission.WRITE_APN_SETTINGS

com.oppo.launcher.permission.READ_SETTINGS

com.oppo.launcher.permission.WRITE_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

com.android.launcher3.permission.WRITE_SETTINGS

org.adw.launcher.permission.READ_SETTINGS

org.adw.launcher.permission.WRITE_SETTINGS

com.qihoo360.launcher.permission.READ_SETTINGS

com.qihoo360.launcher.permission.WRITE_SETTINGS

com.lge.launcher.permission.READ_SETTINGS

com.lge.launcher.permission.WRITE_SETTINGS

net.qihoo.launcher.permission.READ_SETTINGS

net.qihoo.launcher.permission.WRITE_SETTINGS

org.adwfreak.launcher.permission.READ_SETTINGS

org.adwfreak.launcher.permission.WRITE_SETTINGS

com.huawei.launcher3.permission.READ_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.mgyun.shua

com.mgyun.shua.ui.WelcomeActivity

Activities

com.mgyun.shua.ui.WelcomeActivity

com.mgyun.shua.ui.MainAct

com.mgyun.shua.ui.ComposeSmsActivity

Permissions

Receivers

com.mgyun.shua.service.BootReceiver

com.mgyun.shua.service.SmsReceiver

com.mgyun.shua.service.MmsReceiver

com.plusive.BootUpReceiver

com.plusive.PackageInstallReceiver

com.plusive.AddJobCreatorReceiver

com.evernote.android.job.v14.PlatformAlarmReceiver

com.evernote.android.job.JobBootReceiver

com.taobao.accs.EventReceiver

com.taobao.accs.ServiceReceiver

com.taobao.agoo.AgooCommondReceiver

Services

com.mgyun.shua.service.WorkService

com.mgyun.shua.service.HeadlessSmsSendService

com.evernote.android.job.gcm.PlatformGcmService

com.taobao.accs.ChannelService

com.taobao.accs.data.MsgDistributeService

org.android.agoo.accs.AgooService

com.umeng.message.UmengIntentService

com.umeng.message.UmengMessageCallbackHandlerService

com.umeng.message.UmengMessageIntentReceiverService

com.mgyun.accessibility.server.NRIAccessibilityServer

Android Permissions

d42595c67827d73b4ec87cf4b6865e9c_JaffaCakes118