2c5034a22790d138c6822a75f118a817_JaffaCakes118

General

Target

2c5034a22790d138c6822a75f118a817_JaffaCakes118
Size

16.8MB
MD5

2c5034a22790d138c6822a75f118a817
SHA1

b538288355608ba92c5f110181f4320c12531dc2
SHA256

d758c44b80f193d1fed7c060e0f54cfea0ecae1d860f570c46ca4272ee0ae048
SHA512

352060a1043f80d69d5f10ecce504562d9085fc3bbcab9ed911bcfb1a20c4f4ddeb99851202a681b3e0e8a15a606c391e5c0ae6dd7bce5fe6bd41e958592e8a1
SSDEEP

393216:jvAHW9oipzES1cNxqEcHuYHhvhsq5zVvDbawRaYyOWt+mHUS8Alz:jvAHqfpzES1EoCizViwJwHn8AF

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 8 IoCs

description	ioc
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Required to be able to access the camera device.	android.permission.CAMERA

Files

2c5034a22790d138c6822a75f118a817_JaffaCakes118
.apk android arch:arm

tv.pps.mobile

.WelcomeActivity

Activities

.WelcomeActivity

android.intent.action.MAIN
android.intent.action.CREATE_SHORTCUT

.FrameActivity

android.intent.action.VIEW
tv.pps.mobile.action.VEDIOSNIFFER

tv.pps.module.player.video.PPSVideoPlayerActivity

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

tv.pps.mobile.ipd.qrcode.CaptureActivity

tv.pps.mobile.ipd.qrcode.SCAN
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

.greentail.GreenTailActivity

tv.pps.mobile.action.greentail

.games.FlappyBirdSharedGameActivity

com.test.action.PLAYER

Permissions

com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.READ_SETTINGS
com.android.launcher2.permission.READ_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.huawei.launcher2.permission.READ_SETTINGS
com.huawei.launcher3.permission.READ_SETTINGS
com.huawei.android.launcher.permission.READ_SETTINGS
com.anddoes.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.READ_SETTINGS
com.fede.launcher.permission.READ_SETTINGS
org.adw.launcher.permission.READ_SETTINGS
com.qihoo360.launcher.permission.READ_SETTINGS
com.lge.launcher.permission.READ_SETTINGS
com.aspire.mm.permission.READ_SETTINGS
com.bbk.launcher2.permission.READ_SETTINGS
android.permission.RECORD_AUDIO
android.permission.CHANGE_NETWORK_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.BROADCAST_STICKY
android.permission.SYSTEM_ALERT_WINDOW
android.permission.DISABLE_KEYGUARD
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_MEDIA_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_COARSE_UPDATES
android.permission.ACCESS_FINE_LOCATION
android.permission.VIBRATE
android.permission.WRITE_SETTINGS
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.WAKE_LOCK
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.CAMERA
android.permission.GET_TASKS
android.permission.SET_ACTIVITY_WATCHER
android.permission.READ_LOGS

Receivers

tv.pps.mobile.push.PushMessageReceiver

com.baidu.android.pushservice.action.MESSAGE
com.baidu.android.pushservice.action.RECEIVE
com.baidu.android.pushservice.action.notification.CLICK

tv.pps.mobile.push.PushSystemReceiver

com.pps.cloudpush.action.DELAY
android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE

com.baidu.android.pushservice.PushServiceReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
com.baidu.android.pushservice.action.notification.SHOW
com.baidu.android.pushservice.action.media.CLICK

com.baidu.android.pushservice.RegistrationReceiver

com.baidu.android.pushservice.action.METHOD
com.baidu.android.pushservice.action.BIND_SYNC
android.intent.action.PACKAGE_REMOVED

.gamecenter.AppStatusReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED

.widget.WidgetProvider

tv.pps.mobile.action.widget.click.intoapp
android.appwidget.action.APPWIDGET_UPDATE
tv.pps.mobile.action.widget.click.currentimage
android.appwidget.action.APPWIDGET_UPDATE
tv.pps.mobile.action.widget.click.preimage
android.appwidget.action.APPWIDGET_UPDATE
tv.pps.mobile.action.widget.click.nextimage
android.appwidget.action.APPWIDGET_UPDATE
tv.pps.mobile.action.widget.updateimage
tv.pps.mobile.action.widget.restartservice

.widget.SearchWidget

tv.pps.mobile.widget.SearchWidget.SOURCE
android.appwidget.action.APPWIDGET_UPDATE
tv.pps.mobile.widget.SearchWidget.INPUT
android.appwidget.action.APPWIDGET_UPDATE
tv.pps.mobile.widget.SearchWidget.SEARCH
android.appwidget.action.APPWIDGET_UPDATE

com.baidu.android.moplus.MoPlusReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
com.baidu.android.moplus.action.START
com.baidu.android.pushservice.action.BIND_SYNC
android.intent.action.PACKAGE_REMOVED

com.baidu.android.defense.push.PushMsgReceiver

com.baidu.android.pushservice.action.RECEIVE
com.baidu.android.pushservice.action.MESSAGE

tv.pps.bi.receiver.BIReceiver

android.intent.action.USER_PRESENT
android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE

Services
AlipayMSP206_PPS3_V3.5.4.0619.apk
.apk android arch:arm

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

android.intent.action.MAIN

.activity.Alerter

android.intent.action.MAIN

.activity.Welcome

android.intent.action.MAIN

.activity.Updater

android.intent.action.MAIN

.activity.PageForBrowser

android.intent.action.VIEW

.activity.CertBiz

android.intent.action.MAIN

.activity.MessageActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECEIVE_USER_PRESENT
android.permission.VIBRATE
android.permission.CHANGE_NETWORK_STATE
com.alipay.notify.permission.PUSHSERVICE
com.alipay.android.permission.BOOT_COMPLETED
com.alipay.android.app.gphone.SHARE

Receivers

com.alipay.notify.BroadcastActionReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT
android.intent.action.PACKAGE_ADDED

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

com.alipay.notify.push.NotificationService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

com.alipay.notify.poll.config.ConfigService

Android Permissions

2c5034a22790d138c6822a75f118a817_JaffaCakes118

Permissions

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.READ_SETTINGS

com.android.launcher2.permission.READ_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

com.huawei.launcher2.permission.READ_SETTINGS

com.huawei.launcher3.permission.READ_SETTINGS

com.huawei.android.launcher.permission.READ_SETTINGS

com.anddoes.launcher.permission.READ_SETTINGS

com.htc.launcher.permission.READ_SETTINGS

com.fede.launcher.permission.READ_SETTINGS

org.adw.launcher.permission.READ_SETTINGS

com.qihoo360.launcher.permission.READ_SETTINGS

com.lge.launcher.permission.READ_SETTINGS

com.aspire.mm.permission.READ_SETTINGS

com.bbk.launcher2.permission.READ_SETTINGS

android.permission.RECORD_AUDIO

android.permission.CHANGE_NETWORK_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.BROADCAST_STICKY

android.permission.SYSTEM_ALERT_WINDOW

android.permission.DISABLE_KEYGUARD

android.permission.ACCESS_DOWNLOAD_MANAGER

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.READ_PHONE_STATE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WRITE_MEDIA_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_COARSE_UPDATES

android.permission.ACCESS_FINE_LOCATION

android.permission.VIBRATE

android.permission.WRITE_SETTINGS

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.WAKE_LOCK

com.android.browser.permission.READ_HISTORY_BOOKMARKS

android.permission.CAMERA

android.permission.GET_TASKS

android.permission.SET_ACTIVITY_WATCHER

android.permission.READ_LOGS

Sharing

General

Malware Config

Signatures

Files

tv.pps.mobile

.WelcomeActivity

Activities

.WelcomeActivity

.FrameActivity

tv.pps.module.player.video.PPSVideoPlayerActivity

tv.pps.mobile.ipd.qrcode.CaptureActivity

.greentail.GreenTailActivity

.games.FlappyBirdSharedGameActivity

Permissions

Receivers

tv.pps.mobile.push.PushMessageReceiver

tv.pps.mobile.push.PushSystemReceiver

com.baidu.android.pushservice.PushServiceReceiver

com.baidu.android.pushservice.RegistrationReceiver

.gamecenter.AppStatusReceiver

.widget.WidgetProvider

.widget.SearchWidget

com.baidu.android.moplus.MoPlusReceiver

com.baidu.android.defense.push.PushMsgReceiver

tv.pps.bi.receiver.BIReceiver

Services

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

.activity.Alerter

.activity.Welcome

.activity.Updater

.activity.PageForBrowser

.activity.CertBiz

.activity.MessageActivity

Permissions

Receivers

com.alipay.notify.BroadcastActionReceiver

Services

.AlixService

com.alipay.notify.push.NotificationService

com.alipay.notify.poll.config.ConfigService

Android Permissions

2c5034a22790d138c6822a75f118a817_JaffaCakes118