com.tencent.tauth.AuthActivity
android.intent.action.VIEW
io.dcloud.H59F733B4.view.SplashActivity
android.intent.action.MAIN
General
-
Target
fed12334dafaafb2d596b91d59cf627d_JaffaCakes118
-
Size
20.2MB
-
MD5
fed12334dafaafb2d596b91d59cf627d
-
SHA1
fe7e68bbf073c94faee341e180cdeae3a32d61eb
-
SHA256
540493231ac697a049336713072742c777be3154d2aeb31ac1393c25b91e5244
-
SHA512
4424d08eeb20722392b16d4ee7db7596456183942a02dc9e52d20f69d5c43ada57075822500ae62fe71fca31b3a4cf0f4a150f95a63aaa932c98c77398ab8d2a
-
SSDEEP
393216:MSwn7sLUuTqpdRMTpWIEW0WUraMCkgKadQONX5uCeCkgKadQONXqjQlOJC/YX4:hT3upodWItWhCoONQ3CoON63JzX4
Score
8/10
Malware Config
Signatures
-
Patched UPX-packed file 2 IoCs
Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.
-
Requests dangerous framework permissions 10 IoCs
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Files
-
fed12334dafaafb2d596b91d59cf627d_JaffaCakes118
io.dcloud.H59F733B4
io.dcloud.H59F733B4.view.SplashActivity
Android Permissions
fed12334dafaafb2d596b91d59cf627d_JaffaCakes118
Permissions
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.CALL_PHONE
android.permission.CAMERA
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.GET_TASKS
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.SYSTEM_ALERT_WINDOW
getui.permission.GetuiService.io.dcloud.H59F733B4
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.CHANGE_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE