fc9ecf54d2ecefe9310eff7198be7a50_JaffaCakes118

General

Target

fc9ecf54d2ecefe9310eff7198be7a50_JaffaCakes118
Size

20.0MB
MD5

fc9ecf54d2ecefe9310eff7198be7a50
SHA1

d873f0b18073b4c1e7553b20ed789df5be9f1080
SHA256

9f734c87b18f4a8424207a3bfcc0f4c60e3e0cee7d8856af2f7caaddb918322c
SHA512

47c49231af02d8bf02e83519bd94a6be9b3d52beedcaacd4ddbebf254f5c9acd0659ebf8edd02f1f92b898bc257d8a7dc6dd036536932214940e9c8b3a630ef6
SSDEEP

393216:AK6hFyRM1YefuDI8JMExeRvQ22hGJTtaHnqZg/WhfKghR7Tza4osOIhY+jkDZIup:u4M5SIWMbCGJxPZg/oifI6BHzcG

Score

6^/10

upx

Malware Config

Signatures

Requests dangerous framework permissions 15 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

fc9ecf54d2ecefe9310eff7198be7a50_JaffaCakes118
.apk android arch:arm

com.project.cjfx.mi

qyg.project.ttfx.FirstActivity

Activities

cn.cmgame.billing.api.GameOpenActivity

android.intent.action.CHINAMOBILE_OMS_GAME

cn.cmgame2_0.launch_model.shortcut.main.MiguHomeActivity

android.intent.action.MAIN

qyg.project.ttfx.FirstActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.SEND_SMS
android.permission.READ_PHONE_STATE
android.permission.READ_CONTACTS
android.permission.ACCESS_FINAL_LOCATION
android.permission.SYSTEM_ALERT_WINDOW
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.GET_TASKS
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.CHANGE_WIFI_STATE
android.permission.GET_TASKS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.INSTALL_SHORTCUT

Receivers

com.unicom.xiaowo.SecurityReceiver

android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
com.unicom.xiaowo.security.RECEIVER_CMD

com.msdfl.qxgdz.vgrbg.pv.pv.qf.c

android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE

Services
unicom_channel_resource.dat
.apk android

com.xiaowo.resourcepro
unicom_resource.dat
.apk android

com.unicom.resourcepro

Android Permissions

fc9ecf54d2ecefe9310eff7198be7a50_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.SEND_SMS

android.permission.READ_PHONE_STATE

android.permission.READ_CONTACTS

android.permission.ACCESS_FINAL_LOCATION

android.permission.SYSTEM_ALERT_WINDOW

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.WRITE_SETTINGS

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.BLUETOOTH

android.permission.BLUETOOTH_ADMIN

android.permission.GET_TASKS

android.permission.RECEIVE_SMS

android.permission.READ_SMS

android.permission.CHANGE_NETWORK_STATE

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.CHANGE_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.CHANGE_WIFI_STATE

android.permission.GET_TASKS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.INSTALL_SHORTCUT

Sharing

General

Malware Config

Signatures

Files

com.project.cjfx.mi

qyg.project.ttfx.FirstActivity

Activities

cn.cmgame.billing.api.GameOpenActivity

cn.cmgame2_0.launch_model.shortcut.main.MiguHomeActivity

qyg.project.ttfx.FirstActivity

Permissions

Receivers

com.unicom.xiaowo.SecurityReceiver

com.msdfl.qxgdz.vgrbg.pv.pv.qf.c

Services

com.xiaowo.resourcepro

com.unicom.resourcepro

Android Permissions

fc9ecf54d2ecefe9310eff7198be7a50_JaffaCakes118