f68d68376fa48246340ca34880713aa8_JaffaCakes118

General

Target

f68d68376fa48246340ca34880713aa8_JaffaCakes118
Size

8.4MB
MD5

f68d68376fa48246340ca34880713aa8
SHA1

780e86be9a1988f2d2d82ebb3b8274e5953748e5
SHA256

c3a46bbdc7bdab1b25e5618c3c19920e2e8d9ef7fe5e905d5863cc18a5cb024e
SHA512

7e765a19e9067a02a8b92d7e69a75864ecf36fe3c5da8d2bb502168032203e9d5dacb5504f02e3e7af1d044a141e85dbb659dd7586e2cff518ccb7b75f329ee3
SSDEEP

196608:VjNzpq7VRTWdmbVIjNq7DKgl+v6HKC4F2Po36ogPphgs:nzpq7VBWRxqXUrFF2Cps

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Files

f68d68376fa48246340ca34880713aa8_JaffaCakes118
.apk android arch:arm arch:mips arch:x86

pm.tap.vpn

pm.tap.vpn.activities.SplashScreen

Activities

pm.tap.vpn.activities.SplashScreen

android.intent.action.MAIN

pm.tap.vpn.api.GrantPermissionsActivity

android.intent.action.MAIN

pm.tap.vpn.api.ConfirmDialog

android.intent.action.MAIN

pm.tap.vpn.activities.ConfigConverter

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

pm.tap.vpn.LaunchVPN

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.VIBRATE
android.permission.READ_PROFILE
android.permission.GET_ACCOUNTS
com.android.vending.BILLING
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.WAKE_LOCK
com.google.android.gms.permission.ACTIVITY_RECOGNITION

Receivers

pm.tap.vpn.OnBootReceiver

android.intent.action.BOOT_COMPLETED

Services

pm.tap.vpn.core.OpenVpnService

android.net.VpnService

pm.tap.vpn.api.ExternalOpenVPNService

pm.tap.vpn.api.IOpenVPNAPIService

Android Permissions

f68d68376fa48246340ca34880713aa8_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.READ_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.VIBRATE

android.permission.READ_PROFILE

android.permission.GET_ACCOUNTS

com.android.vending.BILLING

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.INTERACT_ACROSS_USERS_FULL

android.permission.WAKE_LOCK

com.google.android.gms.permission.ACTIVITY_RECOGNITION

Sharing

General

Malware Config

Signatures

Files

pm.tap.vpn

pm.tap.vpn.activities.SplashScreen

Activities

pm.tap.vpn.activities.SplashScreen

pm.tap.vpn.api.GrantPermissionsActivity

pm.tap.vpn.api.ConfirmDialog

pm.tap.vpn.activities.ConfigConverter

pm.tap.vpn.LaunchVPN

Permissions

Receivers

pm.tap.vpn.OnBootReceiver

Services

pm.tap.vpn.core.OpenVpnService

pm.tap.vpn.api.ExternalOpenVPNService

Android Permissions

f68d68376fa48246340ca34880713aa8_JaffaCakes118