Analysis
-
max time kernel
173s -
max time network
185s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
18-06-2024 16:10
Static task
static1
Behavioral task
behavioral1
Sample
bcd264a82e545a2f8668ed4142feb05f_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
bcd264a82e545a2f8668ed4142feb05f_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
General
-
Target
bcd264a82e545a2f8668ed4142feb05f_JaffaCakes118.apk
-
Size
1.2MB
-
MD5
bcd264a82e545a2f8668ed4142feb05f
-
SHA1
09c9189ff3f1121ea997693c43d13f6c74e2ed38
-
SHA256
555ba3f7e9c78939a2a90a78f4d4e0734d60dcfd696480eb12f758d4f0e9a2f6
-
SHA512
45be69a16b0d297d9888863e12b7fa8026b4fb3c6bfe52f8bd3f49fc0becfeefff415f83f03c2b4d1a5f7f465d175da48b1a60ade840a92d3ca83b38f87fdd2d
-
SSDEEP
24576:wy/PQQZya1FTEpjH1NOm0Ax7F80wuWHFux:wkPP18LOm0K7FbWU
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
Processes:
com.ayl.lifebkioc process /system/bin/su com.ayl.lifebk /system/xbin/su com.ayl.lifebk -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.ayl.lifebkdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.ayl.lifebk -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.ayl.lifebkdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.ayl.lifebk -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.ayl.lifebkdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.ayl.lifebk -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.ayl.lifebkdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.ayl.lifebk -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.ayl.lifebkdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.ayl.lifebk -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.ayl.lifebkdescription ioc process File opened for read /proc/cpuinfo com.ayl.lifebk -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.ayl.lifebkdescription ioc process File opened for read /proc/meminfo com.ayl.lifebk
Processes
-
com.ayl.lifebk1⤵
- Checks if the Android device is rooted.
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4210
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24KB
MD5032abd6bc70ad7c9484f10a7daf57bc7
SHA112e3c03375192814883d5fd1671e2b0c64b0ae43
SHA2569cc41eaf3228c605583528005cadbf69eb145da3943e09e3732677423dcbe976
SHA512aa28b2d8e87dd6364e15b1c99c52758f937585c126cda7db38cd2b4e5fb3c3e5775a92cd1d5ae68b03a6c59e7473766d670f03e3ee30e8ee53c2bba1b73f243f
-
Filesize
512B
MD5e3ba9389857af16eba13b5511406b1f6
SHA17ab48304532c7981bcccaf27a009f067182fa9d7
SHA256985745e5e6c32c460ef8bf4f1a2b462ed34f841753d0019480227ffa1f5e5534
SHA512e05f3c54c134cdb0ccd6338056b6a1413cc45367992127790c736b2baf3839074c11d4338f1727fb4111507577e7f4a5f7713a6bed5cb08175dffb20c1cb64e4
-
Filesize
36KB
MD5408eeb831990f47debe1c7acd44d1200
SHA1f5c60c250e22ce904c520046efd4f95e57e5ddcb
SHA256c362e0c536b0914c406683f0e7ea4fa8958275b1e83f6ade67b2e55b13cff865
SHA512d95857d9c89069a8f1ba6af83548551a5a02060f80ab799b44d5da1dcdfb52e4d8addfe45b4efa5b71b350d22ea658fefa5ea701d774f045f2d1edbfb13ec520
-
Filesize
512B
MD51dc3e024cc6f14575679561b11565de1
SHA1fca6e9d1ba8c790b888492c87a932c88c9f988c2
SHA2566590a4003dd2ce68da39469141286dd1799ae65ed69d3492800460bca6a7b49a
SHA512fdbf5b47c07b1955c28b9e01fc31eff9701b3da33db0dce4cbb41e9ecdef0c1386e0e880dff0ee478d35b182d1d342c407e558cf59c0181c3a6ffc249d868651
-
Filesize
36KB
MD5cb543a09993c65898cdefeb3a96802a2
SHA138876cc21faf516aa74ecf3cb6ff219db70fe263
SHA25687fbdd6101ffe0fab4b968046d94e3d96cc19254e85233d412716b968e396e41
SHA512824e207fa0ddc9b440ae22b60929425e075ec0acd24ba9506968a8f8ccfe77c27d4fdae2afe5332ffe35fa7fd612aa7c62f37b39375fa57ba7df49be473f34d2
-
Filesize
512B
MD54a6b5bdf7642ff521c65cc8e1f7a31b7
SHA1cdfdd7498aff5feead6ae03317da7f22d51c97a8
SHA2562ea9b9c73c0881cd8ab8e6caadf9c70385fe9778ed23d0493894f0deb60b5438
SHA512d78baa9fd0be282dc68b337cae6fb4c9655e65c6fb42fa6c8df3e964e646a4e1dad231fc50a193529c14f54a2640a2a7351ad0a26b99ece64a3fb95608a49486
-
Filesize
36KB
MD547c8e91b00aa86ce9f9f26528bff38b4
SHA1d1cf2f1072a5312114446b13dab8900aa5cc769f
SHA256a0e6ba65647620d5fbecdb386c7e0e54392b7cbc9aed1c319753bb2ccab49bee
SHA51202e11ecce804a842bc292618f9196098d94b3e9cae6fff2749c76b48ae828d802696006d5fd70dfa83d62d9678cde4316f78fb5a5cecaa847cd045ea210236ca
-
Filesize
24KB
MD59c37108c041a67252d4fb5059436eb9f
SHA1f65bdd652f9b2a098993d2aca0be2578e8eed20a
SHA256f4a3fc85419d0e98a0312af88fdeadf75bd9969460820043559d6ee45e7ace55
SHA512d7b92b0b4900439a28552339cf7e80e2937887c7de796e10df0bec393d136bdcdeae47991133a5c144547ac2ffe484b9c99e60280246858f6ae9b8529c5d8548
-
Filesize
512B
MD5a83c3fa577da0f8c09b6b7f40b4caa33
SHA1ad92f47e4a52f81ed60b26935eaea7e76cc5ee14
SHA25669671d6d4d76b6001614fdf019096dfd2907ea8908bc3038b79ef0afae091332
SHA5122a3b5bf840f29daae02df97a25da434cbdaeaca5a7921d2222659011b5efd8da8c533b92c79931390b5d8ce8fc2313b87f1fac5802f9c9991c5305e4f13a6c69
-
Filesize
36KB
MD5abf8e442967a3b6b45ce341e6a628b19
SHA137774e177ccd3dd418640d4edc67d050a25177ee
SHA2566256099d8940a0bc0c4c47fe2782a050097816671fee1bc194368b5752fccf51
SHA5125dcfef2ec23ac4687c1b13b26056f2db37f6442895b142d5448d789ac3e538529ba84d8069d6ba536536c87f5a372b56cf50b517af86fd1cf5cb871d4c6406d8
-
Filesize
24KB
MD53f46387c5a9161a06c35918e4715e9e4
SHA1f03b4527b29495a3f50be85d6afba301e9e3f1c1
SHA256687a930724a6054924254f945ae475e34ae87ebdc2054881c34317cd91d46ca9
SHA512614fa11f57f1ddc2750185eb908a580f1ae1ea53d4f4ff6881610942a36554b918138af7103859821d90cef12ea68bcab1ca0e4548cc5a78ee7a3c658b37f3ef
-
Filesize
512B
MD503204f5ba849ff1ceb8c51c2982892e3
SHA1c0b97883636c1c744488f24e9203ca2dd9bf09ca
SHA256a1c234eda93cd471d9a3df562cef9c4fd30b09c9bfe43db89919fe1fd453a19b
SHA512dd3aa70471c93684c5677a8410563ba0ae7c773b4a272e149e5a1d45e97517efcfad2aa270e11d1beaaee7beab4ba53095aad32a4dfdb5bf04fee9f7accf2e58
-
Filesize
36KB
MD5b2cf9ae24cb102a0568bef681d84b957
SHA1f960af6f02d6024906e1d7026ea497882c34af85
SHA256391deca548014dcdda2cf68f63836aee8c38b9178340ae957a4d4c17c3292a6c
SHA512dccdd3bc8b227bdb0297c9ea771d7fdc8699758fcefefc1d852e2c218160e15366828145b4a7d9f6be7a02d15746b76fd795759387995f7a54c29466a6e8c550
-
Filesize
24KB
MD559413190ea19211285b5c0fed44c19c8
SHA1ee67b7590047c3c17309f6e6eed48556aabe4c92
SHA2563511c95f09883c65de19c3be645faa921aa3baa92d21b5c284133da349158e2d
SHA5126a65fc51ea3e163ed1da558c2f4e911857ab4d3b15bc27135a4639e8fed9022fd6d89b4dd39a39b3bcc69060d7565f68ef23bcde4e622a2dd823e9fd217d314e
-
Filesize
512B
MD5f6cddef27aeef83696ae85fa2c23a97b
SHA108c73c8f53cac6153feb04f1b0d794e575a8b049
SHA25639dc61a86fb390465cba9dcfc8a5365a14f18c5f4d576dfc7a2b5fd18b585526
SHA5121c64eced03b4b14f2ff3d39510f0cce830ec8e122a7ee49482976199aa92421f2fc2bc841490226e10b2e23fbcfd2a317ebf5fe39266415e1f523ecdf8c304bc
-
Filesize
36KB
MD5a3a205e9c99fe3124360523333457ba2
SHA1514f47af680fcdc71e748081cef4a44ba3150ad3
SHA2560706cd5ec9249610750d5df3864d1f3515bc187834bbf797e6155634f52a893f
SHA5124d90f58fafda0f68088685eba5caa069c6dd4495756fabd3497eefbf272c325ac637cb67308b911b1eeac7465b3b8d999f201d552a7a8bdb65c9a999ce3acfe3
-
Filesize
24B
MD5bc51a59f793204e53617040d713c7232
SHA15920db5e438f7486bba3ed204dddf9206f24d388
SHA2564ca23b0af17845231164e7d8531b7177f1e27afbd3e0f9b6fd4c2aae457363e5
SHA5125ff5ef4057e87b6e8e2f0048694fb56eb86c81164ebc792706a0f328985c54f8fdc3851afe07559af875e9d108c608e03d84ab4c201b6d750ddd8c5008ecfec8
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/storage/emulated/0/Android/data/.youmicache/.CCA9582BC81E888EA674F157E5540CF8/Sw2Md3B4xR5gT1h-journal
Filesize512B
MD564006117683fd7d9f628cb8f54bca4db
SHA1519a8791998c40e7518c9c69a8c3a17c95155f33
SHA2560abb20d1827fe21eb5a695a14b79e96cf735f22e8cd5e81fd74ab1f631c394eb
SHA512cff394810b5ded4d189d432a441d620e2fe3562bf543480336d3069582f7a7bdb4dcc5b74d7c1510c06ffb67e37f772a0e22041815698a000eedea315d1fca06
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
289KB
MD5a6687def2de2b6ac5e241a22b5ab012a
SHA16eecb3ee6476fb67ce3c63355d321cc73bb0f0c9
SHA256dbcc0509175834a7d5576617e10ecbec353d80e1bfb89d1e54890ab53a0180bd
SHA5129330603ccffa2020d3858d47f64424a76c0370aea345759638de7bf8d3331f10909c7321b9687a4b179093e5068e7ca9941cef10d47b48388c4aabd50f868e08
-
Filesize
12B
MD555ce2a0d54825212393d502c1b385f6e
SHA15cd9dbf218c5ef9246b49f0cec18469ef7a356c9
SHA256069a80460ad26eaad5bc9a1a0032ee3df70f5633ea9c32a594abfabf638a1fab
SHA5125938f704eac7d577c79e6002b814e119f1180e4c62763950189aaaeb7460a3edacf84841f44a8cc7f15d66dd6b2c1a7121ec76fcdf1db2ee9983374f33344d52
-
Filesize
13B
MD5715a19f2b7dc41a5fa0ada4c77aecc60
SHA1b725d4ed822e29e90247f1b2b7d33be7034d4d14
SHA256cad7e2efe84fc07233fd2a671c5f258219764a6eccca3f704120afe27b15e97b
SHA51223dbba205b30ee0c437e2d182f5fe61fa4b2d47e7db36d861682d3748dda9bfebadf88c42b72861c4d2dfd0dda744dc9e1258e8572059814d93ceb92a6317842
-
Filesize
15B
MD50c10dda6c0803b0aba2432404ab4b7d6
SHA16d7296e47620a42a3b1707b04195cd4d509d3ef8
SHA256046c39fec550c831995f1238bc43d951c3b5685a2d5248cafb08be716117cc20
SHA512b36d6c6b809672e7fd53a6fecd0a0d1bec898abc3255b8ad6cc76688e4dfb5c4061b0ef5557ef70ba73638209cbd83669d353e8d4b6bc76ce8bf36731fce8120
-
Filesize
10KB
MD5afae783ac947cca5b8c1d71ba1b492aa
SHA1a1960e0f03be6433d0eee76ba4480d0c800c581b
SHA2562fb8f1fa33d1748dceab4f16179ff27cf9eee2cd475fbbba2ed6b0811cbd8708
SHA5126170afc4d6fd4375e6907a71381fc9bf16c1b9d35d926677c546c61037da0a11b4f8d8678ff4f25a8da45231fa2f691666b95cf5372f776fd456bd72aa44fe59