ded054b95aa383d262d935ef88646ed1_JaffaCakes118

General

Target

ded054b95aa383d262d935ef88646ed1_JaffaCakes118
Size

4.7MB
MD5

ded054b95aa383d262d935ef88646ed1
SHA1

791d098491109f0178d98149aa0e125dd8bfa379
SHA256

ce57d3c9a48b16d3c6f41ba4f0497c7ee4f299fe1b1cd686ae86f6e258f91232
SHA512

840861ba5fc6c6858a865b5c31928ead1b5171bad8d030b518dbead3dd617cbc968a7299d53563f980496fedf95e7a3dd3116e62eddd69c988ccf218036a0b3f
SSDEEP

98304:1AIBYqQEm9joAHmIJssuc3gFsrH8wlwXGnrzd2P3RBuGcDvBuAiir:ijbEm+2mk3lHpwX6rzy3R7GBu8r

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to read SMS messages.	android.permission.READ_SMS

Files

ded054b95aa383d262d935ef88646ed1_JaffaCakes118
.apk android arch:arm

com.huge.pj.popstar

com.PopStar.org.PopStar

Activities

com.PopStar.org.PopStar

android.intent.action.MAIN

Permissions

android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.GET_PACKAGE_SIZE
android.permission.GET_TASKS
android.permission.RESTART_PACKAGES
android.permission.RECEIVE_SMS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
android.permission.SEND_SMS
android.permission.WRITE_SETTINGS
android.permission.CLEAR_APP_CACHE
android.permission.MODIFY_PHONE_STATE
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.WRITE_APN_SETTINGS
android.permission.DISABLE_KEYGUARD
android.permission.READ_LOGS
android.permission.WAKE_LOCK
android.permission.VIBRATE

Receivers

com.google.offers.remind.RemindReceiver

android.net.wifi.STATE_CHANGE
com.Remind.alarm.enable

com.google.purchase.ModuleInit

android.net.conn.CONNECTIVITY_CHANGE

com.google.purchase.Alarmreceiver

com.google.purchase.alarm.action

com.google.purchase.SmsEventReceiver

android.provider.Telephony.SMS_RECEIVED
com.google.purchase.SMS_SENT

com.bx.pay.SmsListener

android.provider.Telephony.SMS_RECEIVED

com.umeng.message.RegistrationReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED

com.umeng.message.UmengBroadcastReceiver

org.agoo.android.intent.action.RECEIVE
com.huge.pj.popstar.intent.action.COMMAND
org.agoo.android.intent.action.RE_ELECTION_V2

Services

com.umeng.message.UmengService

com.huge.pj.popstar.intent.action.START
com.huge.pj.popstar.intent.action.COCKROACH
org.agoo.android.intent.action.PING

org.android.agoo.service.ElectionService

org.agoo.android.intent.action.ELECTION_V2
alipay_plugin_20120428msp.apk
.apk android

com.alipay.android.app

.Cashier

Activities

.Cashier

android.intent.action.MAIN

.Alerter

android.intent.action.MAIN

.Welcome

android.intent.action.MAIN

.Updater

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.SEND_SMS
android.permission.ACCESS_COARSE_LOCATION
com.aliyun.xiaoyunmi.alipay

Receivers

.AlixReceiver

com.aliyun.xiaoyunmi.alipay_exit

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

Android Permissions

ded054b95aa383d262d935ef88646ed1_JaffaCakes118

Permissions

android.permission.READ_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.GET_PACKAGE_SIZE

android.permission.GET_TASKS

android.permission.RESTART_PACKAGES

android.permission.RECEIVE_SMS

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

android.permission.SEND_SMS

android.permission.WRITE_SETTINGS

android.permission.CLEAR_APP_CACHE

android.permission.MODIFY_PHONE_STATE

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.WRITE_APN_SETTINGS

android.permission.DISABLE_KEYGUARD

android.permission.READ_LOGS

android.permission.WAKE_LOCK

android.permission.VIBRATE

Sharing

General

Malware Config

Signatures

Files

com.huge.pj.popstar

com.PopStar.org.PopStar

Activities

com.PopStar.org.PopStar

Permissions

Receivers

com.google.offers.remind.RemindReceiver

com.google.purchase.ModuleInit

com.google.purchase.Alarmreceiver

com.google.purchase.SmsEventReceiver

com.bx.pay.SmsListener

com.umeng.message.RegistrationReceiver

com.umeng.message.UmengBroadcastReceiver

Services

com.umeng.message.UmengService

org.android.agoo.service.ElectionService

com.alipay.android.app

.Cashier

Activities

.Cashier

.Alerter

.Welcome

.Updater

Permissions

Receivers

.AlixReceiver

Services

.AlixService

Android Permissions

ded054b95aa383d262d935ef88646ed1_JaffaCakes118