2f4bbc6d07c79ba80b7f2d588b585149_JaffaCakes118

General

Target

2f4bbc6d07c79ba80b7f2d588b585149_JaffaCakes118
Size

2.1MB
MD5

2f4bbc6d07c79ba80b7f2d588b585149
SHA1

f94cd95a9de5c4d36446c5159c3f9b72f775adaa
SHA256

9279160ddde568e031ddfa05857bb3e07c33038633a5d096d02f36dcf8fee56d
SHA512

49b9aebb019f1343d5ac1a1cf6c87e7dd2ca67834590cb024594e26f80c473c6bf0c394c52296fdc02aeb7bb74344b26aeabec3f1e5d6d89db301905ddfbf48b
SSDEEP

49152:USQLxf6SHzS3H9eer/e02ezk/e75i/WW2vKpe:US66i+9eo/3zCe75IP2vKs

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS

Files

2f4bbc6d07c79ba80b7f2d588b585149_JaffaCakes118
.apk android arch:arm

com.lionmobi.powerclean

vn.adflex.sdk.AdFlexSDKActivity

Activities

com.lionmobi.powerclean.activity.SplashActivity

android.intent.action.MAIN

com.lionmobi.powerclean.activity.WhiteListViewActivity

com.lionmobi.powerclean.activity.WhiteListViewActivity

com.lionmobi.powerclean.activity.AnimationActivity

android.intent.action.MAIN

vn.adflex.sdk.AdFlexSDKActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_LOGS
android.permission.RESTART_PACKAGES
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_PACKAGE_SIZE
android.permission.GET_TASKS
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CLEAR_APP_CACHE
android.permission.FLASHLIGHT
android.permission.VIBRATE
com.android.launcher.permission.READ_SETTINGS
android.permission.CAMERA
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.EXPAND_STATUS_BAR
android.permission.READ_PHONE_STATE
android.permission.PACKAGE_USAGE_STATS
android.permission.GET_ACCOUNTS
android.permission.WAKE_LOCK
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.INSTALL_SHORTCUT

Receivers

com.lionmobi.powerclean.view.OneBoostWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
com.lionmobi.powerclean.widget.click

com.lionmobi.powerclean.widget.SpeedyWidgetProvider

android.appwidget.action.APPWIDGET_UPDATE
com.lionmobi.powerclean.widget.click

com.lionmobi.powerclean.broadcast.NotifiCanceReceiver

notif_cancelled

com.lionmobi.powerclean.broadcast.InstallRefererReceiver

com.android.vending.INSTALL_REFERRER

com.lionmobi.powerclean.broadcast.ServiceMonitor

android.intent.action.USER_PRESENT

com.lionmobi.powerclean.broadcast.BootServiceReceiver

android.intent.action.BOOT_COMPLETED

com.lionmobi.powerclean.broadcast.UpdataBroadcastReceiver

android.intent.action.DOWNLOAD_COMPLETE

vn.adflex.sdk.AdFlexBootUpReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.PACKAGE_INSTALL
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_CHANGED
android.intent.action.PACKAGE_RESTARTED

Services

com.lionmobi.powerclean.service.NotificationMonitorService

android.service.notification.NotificationListenerService

com.lionmobi.powerclean.service.accessibility.PowerAccessibilityService

android.accessibilityservice.AccessibilityService

Android Permissions

2f4bbc6d07c79ba80b7f2d588b585149_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_EXTERNAL_STORAGE

android.permission.READ_LOGS

android.permission.RESTART_PACKAGES

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.GET_PACKAGE_SIZE

android.permission.GET_TASKS

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.CLEAR_APP_CACHE

android.permission.FLASHLIGHT

android.permission.VIBRATE

com.android.launcher.permission.READ_SETTINGS

android.permission.CAMERA

com.android.browser.permission.READ_HISTORY_BOOKMARKS

com.android.browser.permission.WRITE_HISTORY_BOOKMARKS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.EXPAND_STATUS_BAR

android.permission.READ_PHONE_STATE

android.permission.PACKAGE_USAGE_STATS

android.permission.GET_ACCOUNTS

android.permission.WAKE_LOCK

com.android.launcher.permission.UNINSTALL_SHORTCUT

com.android.launcher.permission.INSTALL_SHORTCUT

Sharing

General

Malware Config

Signatures

Files

com.lionmobi.powerclean

vn.adflex.sdk.AdFlexSDKActivity

Activities

com.lionmobi.powerclean.activity.SplashActivity

com.lionmobi.powerclean.activity.WhiteListViewActivity

com.lionmobi.powerclean.activity.AnimationActivity

vn.adflex.sdk.AdFlexSDKActivity

Permissions

Receivers

com.lionmobi.powerclean.view.OneBoostWidgetProvider

com.lionmobi.powerclean.widget.SpeedyWidgetProvider

com.lionmobi.powerclean.broadcast.NotifiCanceReceiver

com.lionmobi.powerclean.broadcast.InstallRefererReceiver

com.lionmobi.powerclean.broadcast.ServiceMonitor

com.lionmobi.powerclean.broadcast.BootServiceReceiver

com.lionmobi.powerclean.broadcast.UpdataBroadcastReceiver

vn.adflex.sdk.AdFlexBootUpReceiver

Services

com.lionmobi.powerclean.service.NotificationMonitorService

com.lionmobi.powerclean.service.accessibility.PowerAccessibilityService

Android Permissions

2f4bbc6d07c79ba80b7f2d588b585149_JaffaCakes118