f5aa55ea6c39f42c7c924d37de8de072_JaffaCakes118

General

Target

f5aa55ea6c39f42c7c924d37de8de072_JaffaCakes118
Size

6.3MB
MD5

f5aa55ea6c39f42c7c924d37de8de072
SHA1

432810c04d564f1bc933a698fd56b2882a8b51bf
SHA256

a9af75cfd748757fc7ae6f7038bc9f12719a7c79efc4c9173aa564191c3823be
SHA512

2dd03274f07f05661d229bc9ccce1e0d488499c7f21e70e90feaddeeb2b6b307647958e24d5d2fd71c617bbcbde24bcbdcc3e2b0b017b91a4d5f2f64c8add4c4
SSDEEP

196608:hNYusEqBbb0uMK7KIGT5wIsb6+Wmc6x1lvJF:hNjqPFfGlz26NmcA1lX

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA

Files

f5aa55ea6c39f42c7c924d37de8de072_JaffaCakes118
.apk android

luo.gpsspeed_pro

luo.gpsspeed.Splash

Activities

luo.gpsspeed.Splash

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_OVERLAY_WINDOW
com.google.android.providers.gsf.permission.READ_GSERVICES
com.android.vending.CHECK_LICENSE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_FINE_LOCATION
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher2.permission.INSTALL_SHORTCUT
com.android.launcher3.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher2.permission.UNINSTALL_SHORTCUT
com.android.launcher3.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
com.android.launcher2.permission.READ_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_TASKS
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
com.google.android.gms.permission.ACTIVITY_RECOGNITION
android.permission.VIBRATE
android.permission.CAMERA
com.google.android.c2dm.permission.RECEIVE
luo.gpsspeed_pro.permission.C2D_MESSAGE

Receivers

anagog.pd.service.StartOnBoot

android.intent.action.BOOT_COMPLETED

anagog.pd.service.StartOnUser

android.intent.action.USER_PRESENT

com.ticlock.BootUpReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.ACTION_POWER_CONNECTED

com.ticlock.PackageInstallReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED

com.ticlock.AddJobCreatorReceiver

com.ticlock.com.evernote.android.job.ADD_JOB_CREATOR

com.ticlock.com.evernote.android.job.v14.PlatformAlarmReceiver

com.ticlock.com.evernote.android.job.v14.RUN_JOB
net.vrallev.android.job.v14.RUN_JOB

com.ticlock.com.evernote.android.job.JobBootReceiver

android.intent.action.BOOT_COMPLETED

Services

luo.floatingwindow.AppDetectionService

android.accessibilityservice.AccessibilityService

anagog.pd.service.MobilityService

anagog.pd.service.MobilityService
anagog.pd.service.GET_STATUS_STRING

com.ticlock.com.evernote.android.job.gcm.PlatformGcmService

com.google.android.gms.gcm.ACTION_TASK_READY

Android Permissions

f5aa55ea6c39f42c7c924d37de8de072_JaffaCakes118

Permissions

android.permission.SYSTEM_ALERT_WINDOW

android.permission.SYSTEM_OVERLAY_WINDOW

com.google.android.providers.gsf.permission.READ_GSERVICES

com.android.vending.CHECK_LICENSE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_FINE_LOCATION

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher2.permission.INSTALL_SHORTCUT

com.android.launcher3.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher2.permission.UNINSTALL_SHORTCUT

com.android.launcher3.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

com.android.launcher2.permission.READ_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.GET_TASKS

com.android.browser.permission.READ_HISTORY_BOOKMARKS

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

com.google.android.gms.permission.ACTIVITY_RECOGNITION

android.permission.VIBRATE

android.permission.CAMERA

com.google.android.c2dm.permission.RECEIVE

luo.gpsspeed_pro.permission.C2D_MESSAGE

Sharing

General

Malware Config

Signatures

Files

luo.gpsspeed_pro

luo.gpsspeed.Splash

Activities

luo.gpsspeed.Splash

Permissions

Receivers

anagog.pd.service.StartOnBoot

anagog.pd.service.StartOnUser

com.ticlock.BootUpReceiver

com.ticlock.PackageInstallReceiver

com.ticlock.AddJobCreatorReceiver

com.ticlock.com.evernote.android.job.v14.PlatformAlarmReceiver

com.ticlock.com.evernote.android.job.JobBootReceiver

Services

luo.floatingwindow.AppDetectionService

anagog.pd.service.MobilityService

com.ticlock.com.evernote.android.job.gcm.PlatformGcmService

Android Permissions

f5aa55ea6c39f42c7c924d37de8de072_JaffaCakes118