f5c221cb712c8e1d2343aa1b463da609_JaffaCakes118

General

Target

f5c221cb712c8e1d2343aa1b463da609_JaffaCakes118
Size

11.8MB
MD5

f5c221cb712c8e1d2343aa1b463da609
SHA1

9490a7599d3eef2f27b130c5bc9e445d0a179080
SHA256

c29c8c9050e04506b4fb1b6272fc64e69785b9678bc5121af739eac67b55e261
SHA512

973ec7545f52e9952f3b284d2e59331f75973c5dd685ac05dbf298b51400d79d3ee41235bab5ecfd9f8994ac8e2889c6a5f1b750e8a2e9a2042cc8b944456efe
SSDEEP

196608:CTKPR7FqvnKC8jYf13NRcr4hcFvHmfj6sxoE5V8MJSsvbGsJOtr6xs6:CwAfB8jYf19RuecFeGsxh8MJhz02xl

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 12 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES

Files

f5c221cb712c8e1d2343aa1b463da609_JaffaCakes118
.apk android arch:arm64 arch:arm arch:x86 arch:x64

com.fingercleaner.booster

com.strong.sorrow.Start

Activities

com.iobit.amccleaner.booster.booster.ui.shortcut.BoosterShortCutActivity

com.android.action.jump
android.intent.action.CREATE_SHORTCUT

com.iobit.amccleaner.booster.booster.ui.gamebooster.ui.GameBoosterGameListActivity

com.android.action.jump
android.intent.action.CREATE_SHORTCUT

com.strong.sorrow.Start

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.PACKAGE_USAGE_STATS
android.permission.GET_PACKAGE_SIZE
android.permission.READ_PHONE_STATE
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_OVERLAY_WINDOW
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
com.android.launcher2.permission.READ_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.yulong.android.launcherL.permission.READ_SETTINGS
com.meizu.flyme.launcher.permission.READ_SETTINGS
com.bbk.launcher2.permission.READ_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.READ_SETTINGS
com.qiku.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.READ_SETTINGS
com.zte.mifavor.launcher.permission.READ_SETTINGS
com.lenovo.launcher.permission.READ_SETTINGS
com.google.android.launcher.permission.READ_SETTINGS
com.yulong.android.launcher3.READ_SETTINGS
org.adw.launcher.permission.READ_SETTINGS
com.qihoo360.launcher.permission.READ_SETTINGS
com.lge.launcher.permission.READ_SETTINGS
net.qihoo.launcher.permission.READ_SETTINGS
org.adwfreak.launcher.permission.READ_SETTINGS
org.adw.launcher_donut.permission.READ_SETTINGS
com.huawei.launcher3.permission.READ_SETTINGS
com.fede.launcher.permission.READ_SETTINGS
com.sec.android.app.twlauncher.settings.READ_SETTINGS
com.tencent.qqlauncher.permission.READ_SETTINGS
com.huawei.launcher2.permission.READ_SETTINGS
com.ebproductions.android.launcher.permission.READ_SETTINGS
com.nd.android.launcher.permission.READ_SETTINGS
com.yulong.android.launcher.permission.READ_SETTINGS
com.android.mylauncher.permission.READ_SETTINGS
com.ztemt.launcher.permission.READ_SETTINGS
cn.nubia.launcher.permission.READ_SETTINGS
com.google.android.apps.nexuslauncher.permission.READ_SETTINGS
android.permission.WRITE_SETTINGS
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.ACCESS_NOTIFICATION_POLICY
android.permission.WAKE_LOCK
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.READ_EXTERNAL_STORAGE
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.VIBRATE
android.permission.REQUEST_INSTALL_PACKAGES
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.google.android.c2dm.permission.RECEIVE
com.iobit.amccleaner.booster.permission.C2D_MESSAGE

Receivers

com.iobit.amccleaner.booster.booster.widget.BoosterLongWidget

android.appwidget.action.APPWIDGET_UPDATE

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.darkmagic.android.framework.receiver.ApkReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_REMOVED

com.darkmagic.android.framework.receiver.StateReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.MEDIA_MOUNTED
android.intent.action.BATTERY_CHANGED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.ACTION_POWER_CONNECTED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.ANY_DATA_STATE
android.intent.action.USER_PRESENT
android.net.wifi.WIFI_STATE_CHANGED
android.net.wifi.STATE_CHANGE
android.bluetooth.adapter.action.CONNECTION_STATE_CHANGED
android.bluetooth.adapter.action.STATE_CHANGED

Services

com.iobit.amccleaner.booster.booster.utils.cpucooler.accessibility.BoosterAccessibilityService

android.accessibilityservice.AccessibilityService

com.iobit.amccleaner.booster.booster.widget.service.BoosterWidgetService

com.iobit.cleaner.action.WIDGET_MEM_CLEAR
com.iobit.cleaner.action.WIDGET_MEM_AUTO_CHECK

com.iobit.amccleaner.booster.base.firebase.messaging.FCMService

com.google.firebase.MESSAGING_EVENT

com.iobit.amccleaner.booster.base.firebase.messaging.FCMInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

com.ss.android.socialbase.downloader.remote

Android Permissions

f5c221cb712c8e1d2343aa1b463da609_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.PACKAGE_USAGE_STATS

android.permission.GET_PACKAGE_SIZE

android.permission.READ_PHONE_STATE

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.SYSTEM_ALERT_WINDOW

android.permission.SYSTEM_OVERLAY_WINDOW

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

com.android.launcher2.permission.READ_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

com.yulong.android.launcherL.permission.READ_SETTINGS

com.meizu.flyme.launcher.permission.READ_SETTINGS

com.bbk.launcher2.permission.READ_SETTINGS

com.oppo.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.READ_SETTINGS

com.qiku.launcher.permission.READ_SETTINGS

com.huawei.android.launcher.permission.READ_SETTINGS

com.zte.mifavor.launcher.permission.READ_SETTINGS

com.lenovo.launcher.permission.READ_SETTINGS

com.google.android.launcher.permission.READ_SETTINGS

com.yulong.android.launcher3.READ_SETTINGS

org.adw.launcher.permission.READ_SETTINGS

com.qihoo360.launcher.permission.READ_SETTINGS

com.lge.launcher.permission.READ_SETTINGS

net.qihoo.launcher.permission.READ_SETTINGS

org.adwfreak.launcher.permission.READ_SETTINGS

org.adw.launcher_donut.permission.READ_SETTINGS

com.huawei.launcher3.permission.READ_SETTINGS

com.fede.launcher.permission.READ_SETTINGS

com.sec.android.app.twlauncher.settings.READ_SETTINGS

com.tencent.qqlauncher.permission.READ_SETTINGS

com.huawei.launcher2.permission.READ_SETTINGS

com.ebproductions.android.launcher.permission.READ_SETTINGS

com.nd.android.launcher.permission.READ_SETTINGS

com.yulong.android.launcher.permission.READ_SETTINGS

com.android.mylauncher.permission.READ_SETTINGS

com.ztemt.launcher.permission.READ_SETTINGS

cn.nubia.launcher.permission.READ_SETTINGS

com.google.android.apps.nexuslauncher.permission.READ_SETTINGS

android.permission.WRITE_SETTINGS

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.ACCESS_NOTIFICATION_POLICY

Sharing

General

Malware Config

Signatures

Files

com.fingercleaner.booster

com.strong.sorrow.Start

Activities

com.iobit.amccleaner.booster.booster.ui.shortcut.BoosterShortCutActivity

com.iobit.amccleaner.booster.booster.ui.gamebooster.ui.GameBoosterGameListActivity

com.strong.sorrow.Start

Permissions

Receivers

com.iobit.amccleaner.booster.booster.widget.BoosterLongWidget

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.darkmagic.android.framework.receiver.ApkReceiver

com.darkmagic.android.framework.receiver.StateReceiver

Services

com.iobit.amccleaner.booster.booster.utils.cpucooler.accessibility.BoosterAccessibilityService

com.iobit.amccleaner.booster.booster.widget.service.BoosterWidgetService

com.iobit.amccleaner.booster.base.firebase.messaging.FCMService

com.iobit.amccleaner.booster.base.firebase.messaging.FCMInstanceIdService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.iid.FirebaseInstanceIdService

com.ss.android.socialbase.downloader.downloader.IndependentProcessDownloadService

Android Permissions

f5c221cb712c8e1d2343aa1b463da609_JaffaCakes118