140f645d1bf27a85b073df505cfdff65_JaffaCakes118

General

Target

140f645d1bf27a85b073df505cfdff65_JaffaCakes118
Size

17.4MB
MD5

140f645d1bf27a85b073df505cfdff65
SHA1

df6b723f044c27cdfd9d60bb8b8277a2d23f9cfc
SHA256

f709533846256de08b986f0367fbf6e4a5a73b72532fee75ca212a9f371ad609
SHA512

15f52df567be1d298277ecaae6e713940c6b20af12ff60f545dfbcd9b583781e76baea0fda051b4f8d1f72d05d9a8bc6d6521a2a950f385dd11cd6b65a93fc08
SSDEEP

393216:DN2PDdb57Yb1Tvhpy/g1nAedaeRW0Et7LRRQOGQZldOGVS:Z2rXmphI/gdAedrRwLR2OGQZblVS

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by input method services to bind with the system. Allows apps to provide custom input methods (keyboards).	android.permission.BIND_INPUT_METHOD

Requests dangerous framework permissions 11 IoCs

description	ioc
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

140f645d1bf27a85b073df505cfdff65_JaffaCakes118
.apk android arch:arm

com.qisiemoji.inputmethod

com.qisi.ikeyboarduirestruct.NavigationActivity

Activities

com.qisi.ikeyboarduirestruct.NavigationActivity

android.intent.action.MAIN

com.qisi.ui.WebPageActivity

com.qisi.launch.webpage.from.external

com.qisi.share.MessageShareActivity

android.intent.action.PICK

com.qisi.ui.ThemeCreatorActivity

com.qisi.customtheme.newtheme

Permissions

android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
android.permission.CAMERA
android.permission.FLASHLIGHT
android.permission.RECORD_AUDIO
com.android.vending.BILLING
android.permission.PACKAGE_USAGE_STATS
android.permission.ACCESS_NETWORK_STATE
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.GET_ACCOUNTS
android.permission.READ_CONTACTS
android.permission.READ_PROFILE
android.permission.READ_USER_DICTIONARY
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_USER_DICTIONARY
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.SYSTEM_ALERT_WINDOW
com.google.android.c2dm.permission.RECEIVE
android.permission.WAKE_LOCK
com.qisiemoji.inputmethod.permission.C2D_MESSAGE

Receivers

com.appsflyer.MultipleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.qisi.widget.EmojiKeyboardWidget

android.appwidget.action.APPWIDGET_UPDATE

com.qisi.receiver.ThemeEmojiSoundAPKEnableReceiver

com.qisiemoji.inputmethod

com.qisi.receiver.ApkMonitorReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.xinmei365.fontsdk.receiver.FontPackChangeFontBroadcastReceiver

CHANGE_FONT_cNnogFgEw559ScbmyaoY

com.qisi.receiver.EmojiFontReceiver

android.intent.qisi.action.EMOJI_FONT_SETTING

com.qisi.receiver.InstallReceiver

com.android.vending.INSTALL_REFERRER

com.qisi.receiver.ConnectionChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

com.kika.pluto.filter.KoalaAppInstallReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED

com.qisi.datacollect.receiver.AgentReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT

Services

com.android.inputmethod.latin.LatinIME

android.view.InputMethod

com.qisi.service.FcmInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.qisi.service.FcmService

com.google.firebase.MESSAGING_EVENT

com.qisi.service.FirebaseJobService

com.firebase.jobdispatcher.ACTION_EXECUTE

com.android.inputmethod.pinyin.PinyinDecoderService

com.qisi.inputmethod.pinyin.Decoder_Service

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.iid.FirebaseInstanceIdService

com.google.firebase.INSTANCE_ID_EVENT

com.firebase.jobdispatcher.GooglePlayReceiver

com.google.android.gms.gcm.ACTION_TASK_READY

Android Permissions

140f645d1bf27a85b073df505cfdff65_JaffaCakes118

Permissions

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.CAMERA

android.permission.FLASHLIGHT

android.permission.RECORD_AUDIO

com.android.vending.BILLING

android.permission.PACKAGE_USAGE_STATS

android.permission.ACCESS_NETWORK_STATE

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.GET_ACCOUNTS

android.permission.READ_CONTACTS

android.permission.READ_PROFILE

android.permission.READ_USER_DICTIONARY

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.VIBRATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_USER_DICTIONARY

android.permission.ACCESS_WIFI_STATE

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.SYSTEM_ALERT_WINDOW

com.google.android.c2dm.permission.RECEIVE

android.permission.WAKE_LOCK

com.qisiemoji.inputmethod.permission.C2D_MESSAGE

Sharing

General

Malware Config

Signatures

Files

com.qisiemoji.inputmethod

com.qisi.ikeyboarduirestruct.NavigationActivity

Activities

com.qisi.ikeyboarduirestruct.NavigationActivity

com.qisi.ui.WebPageActivity

com.qisi.share.MessageShareActivity

com.qisi.ui.ThemeCreatorActivity

Permissions

Receivers

com.appsflyer.MultipleInstallBroadcastReceiver

com.qisi.widget.EmojiKeyboardWidget

com.qisi.receiver.ThemeEmojiSoundAPKEnableReceiver

com.qisi.receiver.ApkMonitorReceiver

com.xinmei365.fontsdk.receiver.FontPackChangeFontBroadcastReceiver

com.qisi.receiver.EmojiFontReceiver

com.qisi.receiver.InstallReceiver

com.qisi.receiver.ConnectionChangeReceiver

com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.kika.pluto.filter.KoalaAppInstallReceiver

com.qisi.datacollect.receiver.AgentReceiver

Services

com.android.inputmethod.latin.LatinIME

com.qisi.service.FcmInstanceIdService

com.qisi.service.FcmService

com.qisi.service.FirebaseJobService

com.android.inputmethod.pinyin.PinyinDecoderService

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.iid.FirebaseInstanceIdService

com.firebase.jobdispatcher.GooglePlayReceiver

Android Permissions

140f645d1bf27a85b073df505cfdff65_JaffaCakes118