43d08d76d6e42d8ee8631f347c5bd813_JaffaCakes118

General

Target

43d08d76d6e42d8ee8631f347c5bd813_JaffaCakes118
Size

16.3MB
MD5

43d08d76d6e42d8ee8631f347c5bd813
SHA1

d1ab3e17c48c32ed877d76f50e99682ff03257f2
SHA256

7b708ebad983142fd2f9e74a6ccca754ab5a170bbcd9502310a2bd866ebea77c
SHA512

d8aa1fac0580bd1ae75ed3686161ca758cf1cb6bfe5ecfcc052a86a3143abd22144bc1a44f087870a9bc7dfc23d1b58e99c70577641950f098dedc5760972d2d
SSDEEP

393216:pKqMUYQc7oRgzqB5tyuKscKtX5rXk5EuPn//NaG0SEo6WV:ZhYQcxzqBTlcaRk5EuPn/FiHof

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION

Files

43d08d76d6e42d8ee8631f347c5bd813_JaffaCakes118
.apk android arch:arm

com.iflytek.enterprise

com.iflytek.mea.vbgvideo.activity.WelComeActvitiy

Activities

com.iflytek.mea.vbgvideo.activity.WelComeActvitiy

android.intent.action.MAIN

com.iflytek.mea.vbgvideo.MainActivity

android.intent.action.VIEW

com.iflytek.mea.vbgvideo.activity.UserVideoDetailActivity

android.intent.action.VIEW

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_PHONE_STATE
android.permission.CAMERA
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.DISABLE_KEYGUARD
android.permission.MANAGE_DOCUMENTS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_WIFI_STATE
android.permission.EXPAND_STATUS_BAR
baidu.push.permission.WRITE_PUSHINFOPROVIDER.com.iflytek.enterprise

Receivers

com.iflytek.mea.vbgvideo.receiver.NetWorkChangeReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.baidu.android.pushservice.PushServiceReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
com.baidu.android.pushservice.action.notification.SHOW
com.baidu.android.pushservice.action.media.CLICK
android.intent.action.MEDIA_MOUNTED
android.intent.action.USER_PRESENT
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

com.baidu.android.pushservice.RegistrationReceiver

com.baidu.android.pushservice.action.METHOD
com.baidu.android.pushservice.action.BIND_SYNC
android.intent.action.PACKAGE_REMOVED

com.iflytek.mea.vbgvideo.receiver.VBGPushReceiver

com.baidu.android.pushservice.action.MESSAGE
com.baidu.android.pushservice.action.RECEIVE
com.baidu.android.pushservice.action.notification.CLICK

com.iflytek.mea.vbgvideo.receiver.WeiXinAPIRegister

com.tencent.mm.plugin.openapi.Intent.ACTION_REFRESH_WXAPP

com.baidu.aiupdatesdk.receiver.BDBroadcastReceiver

com.baidu.aiupdatesdk.ACTION_AS_DOWNLOAD_COMPLETE
android.intent.action.PACKAGE_ADDED

Services

com.baidu.android.pushservice.PushService

com.baidu.android.pushservice.action.PUSH_SERVICE

Android Permissions

43d08d76d6e42d8ee8631f347c5bd813_JaffaCakes118

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.READ_EXTERNAL_STORAGE

android.permission.READ_PHONE_STATE

android.permission.CAMERA

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_SETTINGS

android.permission.VIBRATE

android.permission.ACCESS_DOWNLOAD_MANAGER

android.permission.DOWNLOAD_WITHOUT_NOTIFICATION

android.permission.DISABLE_KEYGUARD

android.permission.MANAGE_DOCUMENTS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_WIFI_STATE

android.permission.EXPAND_STATUS_BAR

baidu.push.permission.WRITE_PUSHINFOPROVIDER.com.iflytek.enterprise

Sharing

General

Malware Config

Signatures

Files

com.iflytek.enterprise

com.iflytek.mea.vbgvideo.activity.WelComeActvitiy

Activities

com.iflytek.mea.vbgvideo.activity.WelComeActvitiy

com.iflytek.mea.vbgvideo.MainActivity

com.iflytek.mea.vbgvideo.activity.UserVideoDetailActivity

com.tencent.tauth.AuthActivity

Permissions

Receivers

com.iflytek.mea.vbgvideo.receiver.NetWorkChangeReceiver

com.baidu.android.pushservice.PushServiceReceiver

com.baidu.android.pushservice.RegistrationReceiver

com.iflytek.mea.vbgvideo.receiver.VBGPushReceiver

com.iflytek.mea.vbgvideo.receiver.WeiXinAPIRegister

com.baidu.aiupdatesdk.receiver.BDBroadcastReceiver

Services

com.baidu.android.pushservice.PushService

Android Permissions

43d08d76d6e42d8ee8631f347c5bd813_JaffaCakes118