fb85e7ad50ed957529b83e7df0f34837_JaffaCakes118

General

Target

fb85e7ad50ed957529b83e7df0f34837_JaffaCakes118
Size

7.0MB
MD5

fb85e7ad50ed957529b83e7df0f34837
SHA1

726a45e8f62991b4dc6d27352b2a668db3e5018c
SHA256

fbdc850a1650de139bc95653b8a335152d177f0493e3e21543bbe971e8e260b6
SHA512

c2cdbc06caf3b9bad0ffe12205a2e04eb0b747c6f2709f8f99bd2d4177116cd43e75c3e5d4b452642254bc0d291aeefb95b7292f48a0c8d070f4f6e5a20db996
SSDEEP

196608:FUFd9dlgGSvQLnLlqVDaEwlJqQ7viRwSKKOtz+TjYgeDzZ1:UndlIOnllJ17viRwSL7cdzZ1

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 15 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Files

fb85e7ad50ed957529b83e7df0f34837_JaffaCakes118
.apk android arch:arm

com.qihoo.haosou

com.qihoo.haosou.activity.SplashActivity

Activities

com.qihoo.haosou.activity.SplashActivity

android.intent.action.MAIN

com.qihoo.haosou.activity.BrowserActivity

android.intent.action.MAIN
com.qihoo.haosou.pushservice
android.intent.action.VIEW
android.intent.action.VIEW
android.speech.action.WEB_SEARCH
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.qihoo.haosou.activity.SettingsActivity

com.qihoo.haosou.setting

com.qihoo.haosou.activity.SettingMultiModeActivity

com.qihoo.haosou.settingMultiMode

com.qihoo.haosou.activity.MsgInfoActivity

com.qihoo.haosou.setting.MsgInfo

com.qihoo.haosou.activity.SpeechActivity

android.intent.action.CREATE_SHORTCUT
com.qihoo.haosou.speech
android.intent.action.VIEW

com.qihoo.haosou.activity.QuickSearchActivity

com.qihoo.haosou.quicksearch
android.intent.action.ASSIST

com.qihoo.mobile.xuebahelp.CameraPickActivity

android.intent.action.VIEW

.activity.WebViewActivity

com.qihoo.haosou.activity.WebViewActivity

.activity.WebViewShakeActivity

com.qihoo.haosou.activity.WebViewShakeActivity

com.qihoo.plugin.core.ProxyActivityAlone

com.qihoo.haosou.plugin.FILTER

com.qihoo.plugin.core.PortraitProxyActivityAlone

com.qihoo.haosou.plugin.FILTER

com.qihoo.plugin.core.LandscapeProxyActivityAlone

com.qihoo.haosou.plugin.FILTER

com.qihoo.plugin.core.BridgingActivity

com.qihoo.haosou.plugin.FILTER

com.qihoo.plugin.core.BridgingActivityAlone

com.qihoo.haosou.plugin.FILTER

com.qihoo.haosou.plugin.base.PluginActionViewActivity

cn.qihoo.msearch.safebarcode.preview

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.qihoo.haosou.sharecore.ShareActivity

com.sina.weibo.sdk.action.ACTION_SDK_RESP_ACTIVITY

Permissions

com.qihoo.antivirus.update.permission.haosou_app
android.permission.BIND_ACCESSIBILITY_SERVICE
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.INTERNET
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_GPS
android.permission.ACCESS_ASSISTED_GPS
android.permission.ACCESS_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_CONFIGURATION
android.permission.GET_TASKS
android.permission.READ_CONTACTS
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECORD_AUDIO
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.qihoo360.launcher.permission.READ_SETTINGS
com.qihoo360.launcher.permission.WRITE_SETTINGS
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
com.android.launcher2.permission.READ_SETTINGS
com.android.launcher2.permission.WRITE_SETTINGS
com.htc.launcher.permission.WRITE_SETTINGS
com.htc.launcher.permission.READ_SETTINGS
com.sec.android.app.twlauncher.WRITE_SETTINGS
com.sec.android.app.twlauncher.READ_SETTINGS
org.adw.launcher.permission.READ_SETTINGS
org.adw.launcher.permission.WRITE_SETTINGS
org.adwfreak.launcher.permission.READ_SETTINGS
org.adwfreak.launcher.permission.WRITE_SETTINGS
com.gau.go.launcherex.permission.READ_SETTINGS
com.gau.go.launcherex.permission.WRITE_SETTINGS
com.qihoo360.home.permission.WRITE_SETTINGS
com.qihoo360.home.permission.READ_SETTINGS
com.fede.launcher.permission.READ_SETTINGS
com.fede.launcher.permission.WRITE_SETTINGS
com.anddoes.launcher.permission.READ_SETTINGS
com.anddoes.launcher.permission.WRITE_SETTINGS
com.lenovo.launcher.permission.WRITE_SETTINGS
com.lenovo.launcher.permission.READ_SETTINGS
com.nd.android.launcher.permission.READ_SETTINGS
com.nd.android.launcher.permission.WRITE_SETTINGS
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.WRITE_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
android.permission.WAKE_LOCK
android.permission.SET_WALLPAPER
android.permission.VIBRATE
android.permission.DISABLE_KEYGUARD
android.permission.CALL_PHONE
android.permission.RESTART_PACKAGES
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.CAMERA
android.permission.FLASHLIGHT
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.BROADCAST_STICKY
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
android.permission.EXPAND_STATUS_BAR

Receivers

com.qihoo.haosou.jump.UpdateLocalInfoReceiver

android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_ADDED

com.qihoo.haosou.broadcast.PushReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT
android.intent.action.ANY_DATA_STATE
com.qihoo.haosou.floatwin.history
android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_ADDED

com.qihoo.haosou.plugin.PluginsNotifyBroadcastReceiver

action_for_plugins_updated

Services

com.qihoo.haosou.service.mutex.MutexModuleService

com.qihoo.haosou.mutex.action.PROCESS

com.qihoo.haosou.service.GuardService

com.qihoo.haosou.QihooAlliance

com.qihoo.haosou.sharecore.ShareService

com.qihoo.haosou.sharecore.ShareService
qihoo_plugin_novel.apk
.apk android

cn.qihoo.reader

cn.qihoo.reader.activity.NovelMainActivity

Activities

cn.qihoo.reader.activity.NovelDetailActivity

android.intent.action.VIEW

cn.qihoo.reader.activity.NovelListActivity

android.intent.action.VIEW

cn.qihoo.reader.activity.ShelfActivity

android.intent.action.VIEW

cn.qihoo.reader.activity.NovelMainActivity

android.intent.action.VIEW
android.intent.action.MAIN

cn.qihoo.reader.activity.ReaderActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
qihoo_plugin_safebarcode.apk
.apk android

com.qihoo360.saoma

com.qihoo360.plugins.barcode.a.PreviewActivity

Activities

com.qihoo360.plugins.barcode.a.PreviewActivity

cn.qihoo.msearch.safebarcode.preview

Permissions

android.permission.CAMERA
android.permission.INTERNET
android.permission.FLASHLIGHT

Receivers

com.qihoo360.plugins.barcode.c.BarcodeReceiver

com.qihoo360.barcode.ACTION

Android Permissions

fb85e7ad50ed957529b83e7df0f34837_JaffaCakes118

Permissions

com.qihoo.antivirus.update.permission.haosou_app

android.permission.BIND_ACCESSIBILITY_SERVICE

android.permission.INTERACT_ACROSS_USERS_FULL

android.permission.INTERNET

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_GPS

android.permission.ACCESS_ASSISTED_GPS

android.permission.ACCESS_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.READ_PHONE_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_CONFIGURATION

android.permission.GET_TASKS

android.permission.READ_CONTACTS

android.permission.RECEIVE_SMS

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.RECORD_AUDIO

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.qihoo360.launcher.permission.READ_SETTINGS

com.qihoo360.launcher.permission.WRITE_SETTINGS

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.WRITE_SETTINGS

com.android.launcher2.permission.READ_SETTINGS

com.android.launcher2.permission.WRITE_SETTINGS

com.htc.launcher.permission.WRITE_SETTINGS

com.htc.launcher.permission.READ_SETTINGS

com.sec.android.app.twlauncher.WRITE_SETTINGS

com.sec.android.app.twlauncher.READ_SETTINGS

org.adw.launcher.permission.READ_SETTINGS

org.adw.launcher.permission.WRITE_SETTINGS

org.adwfreak.launcher.permission.READ_SETTINGS

org.adwfreak.launcher.permission.WRITE_SETTINGS

com.gau.go.launcherex.permission.READ_SETTINGS

com.gau.go.launcherex.permission.WRITE_SETTINGS

com.qihoo360.home.permission.WRITE_SETTINGS

com.qihoo360.home.permission.READ_SETTINGS

com.fede.launcher.permission.READ_SETTINGS

com.fede.launcher.permission.WRITE_SETTINGS

com.anddoes.launcher.permission.READ_SETTINGS

com.anddoes.launcher.permission.WRITE_SETTINGS

com.lenovo.launcher.permission.WRITE_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.qihoo.haosou

com.qihoo.haosou.activity.SplashActivity

Activities

com.qihoo.haosou.activity.SplashActivity

com.qihoo.haosou.activity.BrowserActivity

com.qihoo.haosou.activity.SettingsActivity

com.qihoo.haosou.activity.SettingMultiModeActivity

com.qihoo.haosou.activity.MsgInfoActivity

com.qihoo.haosou.activity.SpeechActivity

com.qihoo.haosou.activity.QuickSearchActivity

com.qihoo.mobile.xuebahelp.CameraPickActivity

.activity.WebViewActivity

.activity.WebViewShakeActivity

com.qihoo.plugin.core.ProxyActivityAlone

com.qihoo.plugin.core.PortraitProxyActivityAlone

com.qihoo.plugin.core.LandscapeProxyActivityAlone

com.qihoo.plugin.core.BridgingActivity

com.qihoo.plugin.core.BridgingActivityAlone

com.qihoo.haosou.plugin.base.PluginActionViewActivity

com.tencent.tauth.AuthActivity

com.qihoo.haosou.sharecore.ShareActivity

Permissions

Receivers

com.qihoo.haosou.jump.UpdateLocalInfoReceiver

com.qihoo.haosou.broadcast.PushReceiver

com.qihoo.haosou.plugin.PluginsNotifyBroadcastReceiver

Services

com.qihoo.haosou.service.mutex.MutexModuleService

com.qihoo.haosou.service.GuardService

com.qihoo.haosou.sharecore.ShareService

cn.qihoo.reader

cn.qihoo.reader.activity.NovelMainActivity

Activities

cn.qihoo.reader.activity.NovelDetailActivity

cn.qihoo.reader.activity.NovelListActivity

cn.qihoo.reader.activity.ShelfActivity

cn.qihoo.reader.activity.NovelMainActivity

cn.qihoo.reader.activity.ReaderActivity

Permissions

com.qihoo360.saoma

com.qihoo360.plugins.barcode.a.PreviewActivity

Activities

com.qihoo360.plugins.barcode.a.PreviewActivity

Permissions

Receivers

com.qihoo360.plugins.barcode.c.BarcodeReceiver

Android Permissions

fb85e7ad50ed957529b83e7df0f34837_JaffaCakes118