fb8f31e958687a3cc01426b45f1fe70e_JaffaCakes118

General

Target

fb8f31e958687a3cc01426b45f1fe70e_JaffaCakes118
Size

10.3MB
MD5

fb8f31e958687a3cc01426b45f1fe70e
SHA1

a0cb6f8db00968e7c4e62ba296e669120cc3b8a7
SHA256

bad658ccd6e0d90e15cd77136f8a20d389a61f6e712a3544434860d89a0cb9ec
SHA512

24ef3f4efe6e2d0ac5cb6034a60762845a964bb684aa6d4ca8884f7b63fb6ff8d0188706cf2d8c8213cae4c92a48c2e253062a2e24619128a64ecc5adf087cf6
SSDEEP

196608:lkaJru+UvpZNEvBpVVBKVXuJtmqfApJZUpreQpqwXbLGUbqHQ2R9qeQvr+:lkgo9E5p7IBouJuVeQp5LLlbqH6eQT+

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 25 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

fb8f31e958687a3cc01426b45f1fe70e_JaffaCakes118
.apk android arch:arm

com.zyht.customer.zy

com.qihoo.util.StartActivity

Activities

com.zyht.customer.hisence.ApiManagerActivity

customer.intent.action.defind.INTERFACE

com.zyht.customer.main.MainActivity

android.intent.action.MAIN
com.pay.action.index

com.qihoo.util.StartActivity

android.intent.action.MAIN

com.zyht.customer.tools.flightticket.FTDeviceActivity

com.pay.action.device

com.one.nine.pay.plug.PayService

android.intent.action.MAIN

Permissions

android.permission.SYSTEM_ALERT_WINDOW
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.HI98_PED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.DISABLE_KEYGUARD
android.permission.INTERNET
android.permission.VIBRATE
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.GET_ACCOUNTS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.RECORD_AUDIO
android.permission.RECORD_VIDEO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.READ_PHONE_STATE
android.permission.VIBRATE
android.permission.CAMERA
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.VIBRATE
android.permission.CAMERA
android.permission.ARQ_EMV_COMMON
android.permission.ARQ_EMV_FILE
android.permission.ARQ_EMV_LIB
android.permission.ARQ_KEY
android.permission.ARQ_MAGC
android.permission.ARQ_LCD
android.permission.ARQ_ICC
android.permission.ARQ_SECURITY
android.permission.ARQ_MISC
android.permission.ARQ_FILEOPS
android.permission.ARQ_ENCRYPTION
android.permission.ARQ_KEYREL
android.permission.ARQ_PRINTER
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
com.pos.permission.ACCESSORY_DATETIME
com.pos.permission.ACCESSORY_LED
com.pos.permission.ACCESSORY_BEEP
com.pos.permission.ACCESSORY_RFREGISTER
com.pos.permission.CARD_READER_ICC
com.pos.permission.CARD_READER_PICC
com.pos.permission.CARD_READER_MAG
com.pos.permission.COMMUNICATION
com.pos.permission.PRINTER
com.pos.permission.SECURITY
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.CAMERA
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.VIBRATE
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.WRITE_SETTINGS
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.CALL_PHONE
com.android.launcher.permission.READ_SETTINGS
android.permission.WAKE_LOCK
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_LOGS
android.permission.READ_EXTERNAL_STORAGE

Receivers

com.zyht.customer.hisence.HSPayReceiver

com.hisense.pos.xwpos.actions.ACTION_HSZY_PAY_REQUEST

Services

com.jhl.jhlblueconn.BluetoothConnController

SEND_MSG_FROM_BT_ACTION
CONNECT_REQUEST_ACTION
DISCONNECT_REQUEST_ACTION
START_MONITOR_ACTION

Android Permissions

fb8f31e958687a3cc01426b45f1fe70e_JaffaCakes118

Permissions

android.permission.SYSTEM_ALERT_WINDOW

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.HI98_PED

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.DISABLE_KEYGUARD

android.permission.INTERNET

android.permission.VIBRATE

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.GET_ACCOUNTS

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_NETWORK_STATE

android.permission.RECORD_AUDIO

android.permission.RECORD_VIDEO

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.READ_PHONE_STATE

android.permission.VIBRATE

android.permission.CAMERA

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.VIBRATE

android.permission.CAMERA

android.permission.ARQ_EMV_COMMON

android.permission.ARQ_EMV_FILE

android.permission.ARQ_EMV_LIB

android.permission.ARQ_KEY

android.permission.ARQ_MAGC

android.permission.ARQ_LCD

android.permission.ARQ_ICC

android.permission.ARQ_SECURITY

android.permission.ARQ_MISC

android.permission.ARQ_FILEOPS

android.permission.ARQ_ENCRYPTION

android.permission.ARQ_KEYREL

android.permission.ARQ_PRINTER

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_WIFI_STATE

android.permission.INTERNET

com.pos.permission.ACCESSORY_DATETIME

com.pos.permission.ACCESSORY_LED

com.pos.permission.ACCESSORY_BEEP

com.pos.permission.ACCESSORY_RFREGISTER

Sharing

General

Malware Config

Signatures

Files

com.zyht.customer.zy

com.qihoo.util.StartActivity

Activities

com.zyht.customer.hisence.ApiManagerActivity

com.zyht.customer.main.MainActivity

com.qihoo.util.StartActivity

com.zyht.customer.tools.flightticket.FTDeviceActivity

com.one.nine.pay.plug.PayService

Permissions

Receivers

com.zyht.customer.hisence.HSPayReceiver

Services

com.jhl.jhlblueconn.BluetoothConnController

Android Permissions

fb8f31e958687a3cc01426b45f1fe70e_JaffaCakes118