56b1a7404c249a0574b4e025b61702ef_JaffaCakes118

General

Target

56b1a7404c249a0574b4e025b61702ef_JaffaCakes118
Size

5.6MB
MD5

56b1a7404c249a0574b4e025b61702ef
SHA1

692116a881fa60740fc805c06a9b2235a57ac39c
SHA256

26b33a29dec3cb2a815d05668962caf2a01a30107985fa001058889637c10fc6
SHA512

d30f9dc0b4177dbdd6a8eb3b370c8cd8244eec479b1bbb16aa3e420723205cceafcc008cecbc99d49f0466a2738f4174346b6a6a410e81079fd1e3f423b7f7b0
SSDEEP

98304:i7iHT1nVYM3Lv1qsvWMit9Qu4QTDfjeye2rjr7r2qrmrVvrk92YDXqRREi:iEHdL1qsvWnMu4QTjyGPviqqxLYDanEi

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 5 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

56b1a7404c249a0574b4e025b61702ef_JaffaCakes118
.apk android

com.hp.mit.atmobile.kfc

com.yum.kfcmos3.SplashAct

Activities

com.yum.kfcmos3.SplashAct

android.intent.action.MAIN
com.android.launcher.action.INSTALL_SHORTCUT
android.intent.action.VIEW

com.hp.smartmobile.ui.WeiboShareAct

com.sina.weibo.sdk.action.ACTION_SDK_REQ_ACTIVITY

.wxapi.WXEntryActivity

android.intent.action.VIEW

Permissions

android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.SYSTEM_ALERT_WINDOW
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.WRITE_SETTINGS
com.android.launcher.permission.READ_SETTINGS
android.permission.VIBRATE

Receivers

com.hp.smartmobile.push.BootBroadcastReceiver

android.intent.action.BOOT_COMPLETED

com.yum.kfcmos3.push.Mos3PushReceiver

com.hp.mit.atmobile.kfc.INTENT_ACTION_PUSH_NOTI
com.hp.mit.atmobile.kfc.INTENT_ACTION_PUSH_ORDER_NOTI

com.yum.mos.atmobile.wxpay.WXRegister

com.tencent.mm.plugin.openapi.Intent.ACTION_REFRESH_WXAPP

Services
alipay_plugin_msp.apk
.apk android arch:arm

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

android.intent.action.MAIN

.activity.Alerter

android.intent.action.MAIN

.activity.Welcome

android.intent.action.MAIN

.activity.Updater

android.intent.action.MAIN

.activity.PageForBrowser

android.intent.action.VIEW

.activity.CertBiz

android.intent.action.MAIN

.activity.MessageActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.SEND_SMS
com.aliyun.xiaoyunmi.alipay

Receivers

.AlixReceiver

com.aliyun.xiaoyunmi.alipay_exit

Services

.AlixService

com.alipay.android.app.IAlixPay
com.alipay.android.app.IAliPay

Android Permissions

56b1a7404c249a0574b4e025b61702ef_JaffaCakes118

Permissions

android.permission.WAKE_LOCK

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.READ_PHONE_STATE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.SYSTEM_ALERT_WINDOW

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.WRITE_SETTINGS

com.android.launcher.permission.READ_SETTINGS

android.permission.VIBRATE

Sharing

General

Malware Config

Signatures

Files

com.hp.mit.atmobile.kfc

com.yum.kfcmos3.SplashAct

Activities

com.yum.kfcmos3.SplashAct

com.hp.smartmobile.ui.WeiboShareAct

.wxapi.WXEntryActivity

Permissions

Receivers

com.hp.smartmobile.push.BootBroadcastReceiver

com.yum.kfcmos3.push.Mos3PushReceiver

com.yum.mos.atmobile.wxpay.WXRegister

Services

com.alipay.android.app

.activity.Cashier

Activities

.activity.Cashier

.activity.Alerter

.activity.Welcome

.activity.Updater

.activity.PageForBrowser

.activity.CertBiz

.activity.MessageActivity

Permissions

Receivers

.AlixReceiver

Services

.AlixService

Android Permissions

56b1a7404c249a0574b4e025b61702ef_JaffaCakes118