381ae3c457c5630e95ba3ae0e0beea42_JaffaCakes118

General

Target

381ae3c457c5630e95ba3ae0e0beea42_JaffaCakes118
Size

9.3MB
MD5

381ae3c457c5630e95ba3ae0e0beea42
SHA1

567feba2223480e7717df87b8e966acb21619d22
SHA256

475f6220b6a335b86f207fe8d6c31202ea1d7755ef0bf64bd46d490aa7475811
SHA512

152a5fe2103e95dd57f15231932b3b3b52c5028df3c814f00e685c2b82cbb74e97a3ad7d892ba62b59104b9147d133e73e4a33a708fbf15772d6551a48fd9bb0
SSDEEP

196608:3AMnWGVJBar3+XbnonCaeDCwlMA2Ua5wSy6RdnWy0/L5kjIdjpr:hnWkBc6boCrlMXUaGSy8u/Ldjpr

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 16 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA

Files

381ae3c457c5630e95ba3ae0e0beea42_JaffaCakes118
.apk android arch:arm

cn.eclicks.wzsearch

cn.eclicks.wzsearch.ui.StartPageActivity

Activities

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

cn.eclicks.wzsearch.ui.StartPageActivity

android.intent.action.MAIN
android.intent.action.VIEW

cn.eclicks.wzsearch.ui.CommonChelunSchemeActivity

android.intent.action.VIEW

Permissions

android.permission.RECEIVE_USER_PRESENT
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WRITE_SETTINGS
android.permission.REORDER_TASKS
android.permission.READ_LOGS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.VIBRATE
android.permission.CAMERA
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.RECEIVE_USER_PRESENT
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WRITE_SETTINGS
android.permission.REORDER_TASKS
android.permission.READ_LOGS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.VIBRATE
android.permission.CAMERA
android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Receivers

cn.eclicks.wzsearch.ui.tab_tools.TrafficControlWarnBroadCast

tools.trafficControl.warn.receiver
android.intent.action.ACTION_SHUTDOWN
android.intent.action.BOOT_COMPLETED
tools.trafficControl.query_violatioin

com.umeng.message.RegistrationReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED

com.umeng.message.UmengBroadcastReceiver

org.agoo.android.intent.action.RECEIVE
cn.eclicks.wzsearch.intent.action.COMMAND
org.agoo.android.intent.action.RE_ELECTION_V2

Services

cn.eclicks.wzsearch.service.QueryViolationService

cn.eclicks.wzsearch.intent.action.queryservice.start

com.umeng.message.UmengService

cn.eclicks.wzsearch.intent.action.START
cn.eclicks.wzsearch.intent.action.COCKROACH
org.agoo.android.intent.action.PING

org.android.agoo.service.ElectionService

org.agoo.android.intent.action.ELECTION_V2

Android Permissions

381ae3c457c5630e95ba3ae0e0beea42_JaffaCakes118

Permissions

android.permission.RECEIVE_USER_PRESENT

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WRITE_SETTINGS

android.permission.REORDER_TASKS

android.permission.READ_LOGS

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.VIBRATE

android.permission.CAMERA

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.RECEIVE_USER_PRESENT

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.WRITE_SETTINGS

android.permission.REORDER_TASKS

android.permission.READ_LOGS

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.VIBRATE

android.permission.CAMERA

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

Sharing

General

Malware Config

Signatures

Files

cn.eclicks.wzsearch

cn.eclicks.wzsearch.ui.StartPageActivity

Activities

com.tencent.tauth.AuthActivity

cn.eclicks.wzsearch.ui.StartPageActivity

cn.eclicks.wzsearch.ui.CommonChelunSchemeActivity

Permissions

Receivers

cn.eclicks.wzsearch.ui.tab_tools.TrafficControlWarnBroadCast

com.umeng.message.RegistrationReceiver

com.umeng.message.UmengBroadcastReceiver

Services

cn.eclicks.wzsearch.service.QueryViolationService

com.umeng.message.UmengService

org.android.agoo.service.ElectionService

Android Permissions

381ae3c457c5630e95ba3ae0e0beea42_JaffaCakes118