d9f7d884a79e3345b33e80753b2c22e0_JaffaCakes118

General

Target

d9f7d884a79e3345b33e80753b2c22e0_JaffaCakes118
Size

11.5MB
MD5

d9f7d884a79e3345b33e80753b2c22e0
SHA1

b813bcaa693fbec5187f3fd08b6935480b5c186b
SHA256

28b87d8ec3ebadd97af828f2eccbdd223bd5a1740ad091cdab2d7cbc2906e24a
SHA512

f34eb9efe6eab6137ed93a12c23f6742f5679107f9843ba64172865bda52e37fdad0e5038c1de1682fba93e09e9e141addcb136d8ebcb256708c00b612bd84e7
SSDEEP

196608:ZqcV+RrXUM/VcFPrBqnG9GbhwDjvlsieFFLE4fNTL6uZGiT4NpJdD3BKDWiM:Zpyrn/2EG9mqvlsTle6PT4Np/D3BKaiM

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to send SMS messages.	android.permission.SEND_SMS

Files

d9f7d884a79e3345b33e80753b2c22e0_JaffaCakes118
.apk android arch:arm

com.catcap.xianyugame.qht2.youku

.qhta2

Activities

.qhta2

android.intent.action.MAIN

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

mm.purchasesdk.iapservice.BillingLayoutActivity

com.catcap.xianyugame.qht2.youku.com.mmiap.activity

safiap.framework.ui.UpdateHintActivity

safiap.framework.ACTION_TO_INSTALL
safiap.framework.ACTION_TO_INSTALL_IAP
safiap.framework.ACTION_NETWORK_ERROR_IAP
safiap.framework.ACTION_NETWORK_ERROR_FRAMEWORK

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.RESTART_PACKAGES
android.permission.GET_TASKS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.READ_LOGS
android.permission.SEND_SMS

Receivers

safiap.framework.CheckUpdateReceiver

safiap.framework.ACTION_CANCEL_NOTIFICATION
safiap.GET_SHARED_DATA
safiap.framework.ACTION_SET_TIMER

cn.play.dserv.DsReceiver

cn.play.dservice
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED

Services

com.unicom.wostore.unipay.paysecurity.SecurityServiceFramework

com.catcap.xianyugame.qht2.youku.unicom.wostore.unipay.securityserviceframework

mm.purchasesdk.iapservice.PurchaseService

com.aspire.purchaseservice.BIND
com.catcap.xianyugame.qht2.youku.purchaseservice.BIND
android.intent.action.MAIN

safiap.framework.SafFrameworkManager

safiap.framework.sdk.ISAFFramework
safiap.framework.ACTION_START_DOWNLOAD
safiap.framework.ACTION_CHECK_UPDATE
unicom_resource.dat
.apk android

com.unicom.resourcepro

Android Permissions

d9f7d884a79e3345b33e80753b2c22e0_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.RESTART_PACKAGES

android.permission.GET_TASKS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.READ_LOGS

android.permission.SEND_SMS

Sharing

General

Malware Config

Signatures

Files

com.catcap.xianyugame.qht2.youku

.qhta2

Activities

.qhta2

com.tencent.tauth.AuthActivity

mm.purchasesdk.iapservice.BillingLayoutActivity

safiap.framework.ui.UpdateHintActivity

Permissions

Receivers

safiap.framework.CheckUpdateReceiver

cn.play.dserv.DsReceiver

Services

com.unicom.wostore.unipay.paysecurity.SecurityServiceFramework

mm.purchasesdk.iapservice.PurchaseService

safiap.framework.SafFrameworkManager

com.unicom.resourcepro

Android Permissions

d9f7d884a79e3345b33e80753b2c22e0_JaffaCakes118