eff451abbbfbc7be19472875c99bfbd2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eff451abbbfbc7be19472875c99bfbd2_JaffaCakes118
Size

1.3MB
MD5

eff451abbbfbc7be19472875c99bfbd2
SHA1

5d833ee110ba6e78e0605870c409a373ac67a3bc
SHA256

e246e08b7e4a49abac3b73c56bdc39450e7e4e4ed753221c5f4b1b13a4ecb921
SHA512

bb0fd34cfee21c911270009d067ceffca5c95b83384ee28522adf11e64bc907c4f9b67d3eede8813d1f52cf1d22a5b38a372219ee640eb0c6d8e4dfacd4c6080
SSDEEP

24576:jyl+C32XIznkOcNwmda1YJXZBcKTDlgsZFibNMH/XPEWlR96HRUViWVkPH:GwC32R1TJXZBcK98qfX8+9yRU9e

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE

Files

eff451abbbfbc7be19472875c99bfbd2_JaffaCakes118
.apk android

com.soku.searchsdk

com.soku.searchsdk.activity.SearchResultActivity

Activities

com.soku.searchsdk.activity.SearchResultActivity

android.intent.action.SEARCH
android.intent.action.VIEW

com.soku.searchsdk.activity.SearchActivity

android.intent.action.SEARCH
android.intent.action.VIEW

com.soku.searchsdk.activity.PersonDirectMoreActivity

com.soku.searchsdk.activity.PersonDirectMoreActivity
android.intent.action.VIEW

com.soku.searchsdk.activity.BigWordDirectMoreActivity

com.soku.searchsdk.activity.BigWordDirectMoreActivity

com.soku.searchsdk.activity.ProgramBigWordMoreActivity

com.soku.searchsdk.searchuicontrol.activity.ProgramBigWordMoreActivity

com.soku.searchsdk.webview.SokuWebViewActivity

android.intent.action.VIEW

com.alimama.mobile.sdk.shell.TaeLoginWebView

COM_TAOBAO_TAE_SDK_TRADE_WEB_VIEW_ACTION

Services

com.alimama.mobile.sdk.shell.DownloadingService

com.alimama.mobile.sdk.download.action
CommonPlugin-2.6.apk
.apk android

com.taobao.munion.plugin.cm

com.taobao.newxp.view.UMDetail

Activities

com.taobao.tae.sdk.ui.TradeWebViewActivity

COM_TAOBAO_TAE_SDK_TRADE_WEB_VIEW_ACTION

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.CHANGE_WIFI_STATE
android.permission.INTERNET
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_LOGS
android.permission.CALL_PHONE

Services
FrameworkPlugin-2.5.apk
.apk android

com.example.bizplugin

Sharing

General

Malware Config

Signatures

Files

com.soku.searchsdk

com.soku.searchsdk.activity.SearchResultActivity

Activities

com.soku.searchsdk.activity.SearchResultActivity

com.soku.searchsdk.activity.SearchActivity

com.soku.searchsdk.activity.PersonDirectMoreActivity

com.soku.searchsdk.activity.BigWordDirectMoreActivity

com.soku.searchsdk.activity.ProgramBigWordMoreActivity

com.soku.searchsdk.webview.SokuWebViewActivity

com.alimama.mobile.sdk.shell.TaeLoginWebView

Services

com.alimama.mobile.sdk.shell.DownloadingService

com.taobao.munion.plugin.cm

com.taobao.newxp.view.UMDetail

Activities

com.taobao.tae.sdk.ui.TradeWebViewActivity

Permissions

Services

com.example.bizplugin

Android Permissions

eff451abbbfbc7be19472875c99bfbd2_JaffaCakes118