02224efca03721019cab4ec50dfe8fd7_JaffaCakes118

General

Target

02224efca03721019cab4ec50dfe8fd7_JaffaCakes118
Size

5.0MB
MD5

02224efca03721019cab4ec50dfe8fd7
SHA1

012026915a02b750cbb95631e64ad7de1048deab
SHA256

f5bef8c8f7a815b26dd9834ff006e03e7da001acb3312e23deb964d7d0792518
SHA512

b50b582ecf6bb78975cb978f961b81b46014899084bd16c4c73345d092581b37d82e62b30a678571e3e32a4a13c1064632b2864c517049d0c3ac02ff2f822a8d
SSDEEP

98304:Dw3LWQeHdKUBsLksU1lMDxcFYIxAOkVQJilHJs0SjHNmEVJn47mM93gseQczIG0X:U7WQXUBsLk4xc+IxO1JsLLN/q7X3gXzA

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 20 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

02224efca03721019cab4ec50dfe8fd7_JaffaCakes118
.apk android arch:arm arch:x86

com.xs.cn

com.xs.cn.activitys.LoadingActivity

Activities

com.xs.cn.activitys.LoadingActivity

android.intent.action.MAIN
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.xs.cn.activitys.Novel_sbxxy

com.xs.cn.android

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_LOGS
android.permission.READ_PHONE_STATE
android.permission.SEND_SMS
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.WAKE_LOCK
android.permission.DISABLE_KEYGUARD
android.permission.ACCESS_COARSE_LOCATION
android.permission.READ_EXTERNAL_STORAGE
android.permission.CHANGE_WIFI_STATE
android.permission.VIBRATE
android.permission.GET_TASKS
android.permission.CAMERA
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_TASKS
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_LOGS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.VIBRATE
android.permission.WRITE_SETTINGS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.RESTART_PACKAGES
android.permission.INTERNET
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CALL_PHONE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.WRITE_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.GET_TASKS

Receivers

e.r.t.AdReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_INSTALL

com.umeng.message.RegistrationReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED

com.umeng.message.UmengBroadcastReceiver

org.agoo.android.intent.action.RECEIVE
com.xs.cn.intent.action.COMMAND
org.agoo.android.intent.action.RE_ELECTION_V2

mm.yp.purchasesdk.sms.SMSReceiver

aspire.iap.SMS_SEND_ACTIOIN
aspire.iap.SMS_DELIVERED_ACTION

net.sourceforge.simcpux.AppRegister

com.tencent.mm.plugin.openapi.Intent.ACTION_REFRESH_WXAPP

Services

com.umeng.message.UmengService

com.xs.cn.intent.action.START
com.xs.cn.intent.action.COCKROACH
org.agoo.android.intent.action.PING

org.android.agoo.service.ElectionService

org.agoo.android.intent.action.ELECTION_V2

Android Permissions

02224efca03721019cab4ec50dfe8fd7_JaffaCakes118

Permissions

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_LOGS

android.permission.READ_PHONE_STATE

android.permission.SEND_SMS

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.WAKE_LOCK

android.permission.DISABLE_KEYGUARD

android.permission.ACCESS_COARSE_LOCATION

android.permission.READ_EXTERNAL_STORAGE

android.permission.CHANGE_WIFI_STATE

android.permission.VIBRATE

android.permission.GET_TASKS

android.permission.CAMERA

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.GET_TASKS

com.android.launcher.permission.INSTALL_SHORTCUT

android.permission.ACCESS_FINE_LOCATION

android.permission.READ_LOGS

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_PHONE_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WAKE_LOCK

android.permission.VIBRATE

android.permission.WRITE_SETTINGS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.RESTART_PACKAGES

android.permission.INTERNET

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CALL_PHONE

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.SEND_SMS

android.permission.READ_SMS

android.permission.RECEIVE_SMS

android.permission.WRITE_SMS

Sharing

General

Malware Config

Signatures

Files

com.xs.cn

com.xs.cn.activitys.LoadingActivity

Activities

com.xs.cn.activitys.LoadingActivity

com.xs.cn.activitys.Novel_sbxxy

com.tencent.tauth.AuthActivity

Permissions

Receivers

e.r.t.AdReceiver

com.umeng.message.RegistrationReceiver

com.umeng.message.UmengBroadcastReceiver

mm.yp.purchasesdk.sms.SMSReceiver

net.sourceforge.simcpux.AppRegister

Services

com.umeng.message.UmengService

org.android.agoo.service.ElectionService

Android Permissions

02224efca03721019cab4ec50dfe8fd7_JaffaCakes118