dc560b8d2f79338394e5fe40d8fdd2ed_JaffaCakes118

General

Target

dc560b8d2f79338394e5fe40d8fdd2ed_JaffaCakes118
Size

21.5MB
MD5

dc560b8d2f79338394e5fe40d8fdd2ed
SHA1

ad4de6c99ea26115072cd4c80177c7bb13d84bfc
SHA256

3358490bc59e38d9f6f47da88abbe2ab75dd82ca28d5891f70df9ae880d6eb98
SHA512

8f64d3a1c9dbbd59dc755fb083683e500ed34fa04237a0b64c7225a7be002462de29313ce5bf02c77dc0827ba0a3cd3773f6f7256a96b9713f074f960d091632
SSDEEP

393216:eB7XXdwdDihiMxBu2pJA5wNO7Q4C0q6u6afCpmZ2gnV4WqTexROFsjmWhgwV:KZhiMvu2pG5gO75du6afSuV4TssamWyu

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION

Files

dc560b8d2f79338394e5fe40d8fdd2ed_JaffaCakes118
.apk android arch:arm

com.KingOfTank.yiguo

cn.kkk.commonsdk.WelcomeAcitivity

Activities

com.qianyun.slg.tank.Gardenia_YiGuoActivity

com.KingOfTank.yiguo

cn.kkk.commonsdk.WelcomeAcitivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.DISABLE_KEYGUARD
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

Receivers

com.qianyun.slg.tank.PushServiceReceiver

com.baidu.android.pushservice.action.MESSAGE
com.baidu.android.pushservice.action.RECEIVE
com.baidu.android.pushservice.action.notification.CLICK

com.baidu.android.pushservice.PushServiceReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
com.baidu.android.pushservice.action.notification.SHOW
com.baidu.android.pushservice.action.media.CLICK

com.baidu.android.pushservice.RegistrationReceiver

com.baidu.android.pushservice.action.METHOD
com.baidu.android.pushservice.action.BIND_SYNC
android.intent.action.PACKAGE_REMOVED

Services

com.baidu.android.pushservice.PushService

com.baidu.android.pushservice.action.PUSH_SERVICE
psf.apk
.apk android arch:arm arch:mips arch:x86

com.pada.padasf

com.pada.padasf.LoginActivity

Activities

com.pada.padasf.LoginActivity

android.intent.action.MAIN
com.pada.padasf.login
com.pada.padasf.register
com.pada.padasf.LoginActivity

com.pada.padasf.ui.RechargeActivity

com.pada.payaction

com.pada.padasf.sdk.ui.SDKActivity

com.pada.sdklogin

com.pada.padasf.PadaAccountCenterActivity

com.pada.padasf.showRechargeList
com.pada.padasf.showConsumesList
com.pada.padasf.changeAccount
com.pada.padasf.showRechargeUI

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.GET_ACCOUNTS
android.permission.USE_CREDENTIALS
android.permission.MANAGE_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.INTERNET
android.permission.READ_SYNC_SETTINGS
android.permission.WRITE_SYNC_SETTINGS
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.SYSTEM_ALERT_WINDOW

Services

com.pada.padasf.account.PadaAuthenticatorService

android.accounts.AccountAuthenticator

com.pada.padasf.sdk.SDKService

com.pada.sdk.service

com.pada.padasf.service.RefreshUnreadNumService

gamecenter.refresh.unread.num.service.action
alipay_msp.apk
.apk android arch:arm arch:x86

com.alipay.android.app

com.alipay.android.app.pay.MainActivity

Activities

com.alipay.android.app.pay.MainActivity

android.intent.action.MAIN

com.alipay.android.app.pay.TransContainer

android.intent.action.MAIN

com.alipay.android.app.pay.HyperlinkActivity

android.intent.action.MAIN

com.alipay.android.app.pay.PageForBrowser

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_FINE_LOCATION
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_USER_PRESENT
android.permission.VIBRATE
android.permission.CHANGE_NETWORK_STATE
com.alipay.notify.permission.PUSHSERVICE
com.alipay.android.permission.BOOT_COMPLETED
com.alipay.android.app.gphone.SHARE

Receivers

com.alipay.notify.BroadcastActionReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT

Services

com.alipay.android.app.MspService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

com.alipay.notify.push.NotificationService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

com.alipay.notify.poll.config.ConfigService

Android Permissions

dc560b8d2f79338394e5fe40d8fdd2ed_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_SETTINGS

android.permission.VIBRATE

android.permission.DISABLE_KEYGUARD

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_DOWNLOAD_MANAGER

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

Sharing

General

Malware Config

Signatures

Files

com.KingOfTank.yiguo

cn.kkk.commonsdk.WelcomeAcitivity

Activities

com.qianyun.slg.tank.Gardenia_YiGuoActivity

cn.kkk.commonsdk.WelcomeAcitivity

Permissions

Receivers

com.qianyun.slg.tank.PushServiceReceiver

com.baidu.android.pushservice.PushServiceReceiver

com.baidu.android.pushservice.RegistrationReceiver

Services

com.baidu.android.pushservice.PushService

com.pada.padasf

com.pada.padasf.LoginActivity

Activities

com.pada.padasf.LoginActivity

com.pada.padasf.ui.RechargeActivity

com.pada.padasf.sdk.ui.SDKActivity

com.pada.padasf.PadaAccountCenterActivity

com.tencent.tauth.AuthActivity

Permissions

Services

com.pada.padasf.account.PadaAuthenticatorService

com.pada.padasf.sdk.SDKService

com.pada.padasf.service.RefreshUnreadNumService

com.alipay.android.app

com.alipay.android.app.pay.MainActivity

Activities

com.alipay.android.app.pay.MainActivity

com.alipay.android.app.pay.TransContainer

com.alipay.android.app.pay.HyperlinkActivity

com.alipay.android.app.pay.PageForBrowser

Permissions

Receivers

com.alipay.notify.BroadcastActionReceiver

Services

com.alipay.android.app.MspService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

Android Permissions

dc560b8d2f79338394e5fe40d8fdd2ed_JaffaCakes118