Analysis
-
max time kernel
173s -
max time network
184s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
18-06-2024 16:10
Static task
static1
Behavioral task
behavioral1
Sample
bcd264a82e545a2f8668ed4142feb05f_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
bcd264a82e545a2f8668ed4142feb05f_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
General
-
Target
bcd264a82e545a2f8668ed4142feb05f_JaffaCakes118.apk
-
Size
1.2MB
-
MD5
bcd264a82e545a2f8668ed4142feb05f
-
SHA1
09c9189ff3f1121ea997693c43d13f6c74e2ed38
-
SHA256
555ba3f7e9c78939a2a90a78f4d4e0734d60dcfd696480eb12f758d4f0e9a2f6
-
SHA512
45be69a16b0d297d9888863e12b7fa8026b4fb3c6bfe52f8bd3f49fc0becfeefff415f83f03c2b4d1a5f7f465d175da48b1a60ade840a92d3ca83b38f87fdd2d
-
SSDEEP
24576:wy/PQQZya1FTEpjH1NOm0Ax7F80wuWHFux:wkPP18LOm0K7FbWU
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
Processes:
com.ayl.lifebkioc process /system/bin/su com.ayl.lifebk /system/xbin/su com.ayl.lifebk -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.ayl.lifebkdescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.ayl.lifebk -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.ayl.lifebkdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.ayl.lifebk -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.ayl.lifebkdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.ayl.lifebk -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.ayl.lifebkdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.ayl.lifebk -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.ayl.lifebkdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.ayl.lifebk -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.ayl.lifebkdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.ayl.lifebk -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.ayl.lifebkdescription ioc process File opened for read /proc/cpuinfo com.ayl.lifebk -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.ayl.lifebkdescription ioc process File opened for read /proc/meminfo com.ayl.lifebk
Processes
-
com.ayl.lifebk1⤵
- Checks if the Android device is rooted.
- Obtains sensitive information copied to the device clipboard
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:5031
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24KB
MD5653710ef7f6a06e00e981adb12683e2f
SHA1e8a1718747ff359c3084ec2c0f7f2586119c90da
SHA256e25f08c7a081b452f680b9b2b74bf4a758421833ff42f44a6ad6cd2510118dae
SHA512f69272f26176434c5e66183a55e72a9a0c85b9c6006de33618bc652930d98890beed77fdb73cc422d3854336457b2af64e5ac7346fa06668ead7a0178af4cce7
-
Filesize
512B
MD581098c681a9ff8dccfaf7516defdbfd2
SHA1b5cf9163ff28b4c02c3e8970724c77cb7c2c6d8e
SHA2563d1c18bc61ceba9c713d70e862200a407414476befc7dda4d8426840d73a5572
SHA512ec6efc1cf96e1a945ab53fdf07100300379b960c203cd198c02961ed94ddb385bfb67f1110690dbc6b6c237292dbeb73371e95982e5b4e190763f06b004fddac
-
Filesize
8KB
MD5a28f150fe912dd74b6a717b24a70cad8
SHA105c78133d56b107f842c13e490af8ab092e7e1a1
SHA2560080441ab55583cae0ee56c5fa72d4a53079a36d8933b63b57b69d0fd66b7f93
SHA5121dc2d93827a5d1f28357fb8841bfd8ec30e66834b5973a5ba1286829b419491243aca4d38c370a50d9fc386f502ef65118f4bf22b9ec261278c86f26a9b54cf5
-
Filesize
8KB
MD51dc9e1cd03aa07c61328dd6fee9df336
SHA1c97b6f3c33f489e1f4eb173c439d8e9505143cdd
SHA256721f276ce401e3e813ce2c6144de5fe5dbd37440f692f293437c4c9c048b86e6
SHA5123e4a1590ca754d292c4f0d118e4577878b95fe15db184e01bdc380d7cf523e826c397d373043ed9a599eda139aa1ac97b98123bdec81a4d3cad8239a6f73e4e9
-
Filesize
512B
MD5f858a71729620cc6b47e2359b2868d14
SHA106f110598ba4361dde3e577c97bb0dc4dfcf5f43
SHA25627edc16c93718aafa1e05a9400aa5a2a529b89ace72bbf0954bf14e5cb3b45d2
SHA5125c94e656920fb314a2518ec24783ca47c9595019e8c29ac85317964e54f48b7c2cb49d225844c4f61ddee1e5a8d7e126d17e99740464a1f505406a43cd6a0907
-
Filesize
8KB
MD593d5ad07cd9a572ea3e9b5a6e7079a46
SHA11a1f50d3647428fb60d97b2f72546de3ef36d21a
SHA256814c0b01f7e6bc1835e238b70526a4d60c54933124053bf0ac3a10a86f84aa96
SHA5124e8b0c0b860ebda23ca27aee8a03ceba03b0e66b10a4d497d18c97746fdefea301c00f077cd7f3641b2007020301783d2a3de0534bb405d6db6d0ba93193bf78
-
Filesize
8KB
MD5ee2006ee97d46e2dd0d043e80dec616f
SHA1ae05d8c6ab3e421de31c5c7c2f6fc7c237924e73
SHA256eeefc7f596cf8b88a94dffe9f4167d89eb48ee45818def94a6ec6da561780fa1
SHA5123b80ca7b6b6aeaa7b40998193173a526c1282b223a034344aec3e335eb7cebafefa404c664b894cdf7eef1ea92d0586ca0860748189e81fec0ca863ec35a8808
-
Filesize
512B
MD5f49d63a302eb906e8b16d0791f1e82c2
SHA1554bf2cf10d26f1f93241341f3a77237abb39a67
SHA25693f224b5c49d9151cfa44d2d58f67043d18aeeeb6d1264b5ff28bc261ed70298
SHA512e99a6b9dfc489751706c4786d00edf7e4797828e727d542cce239d6deeacc953c2ddaa920ae8b8f9ddd1a7b61041e79f1b193008810ceed5d80c102ea8928901
-
Filesize
8KB
MD5ed91c6d9ad2c3a2bafcd1f6b322c230c
SHA134ef21c4cb2954fc470a6db4baec31854df04c80
SHA25609913c9f231039b250a8d5bb18a0ff3bb2ba1a4ab6674a1b7346547c2bfe977a
SHA512d7374e4f38480431e7795e881ceb156dc46b19a24b8f1fa60634d51fee3a1b9c9f90b3523876de7670d6e3083e2438a13a52c2a68826a8267f7922a3098aab58
-
Filesize
8KB
MD592ad6482ea7ab153baf2cbcbe9242fbc
SHA1cd327b759dcb7e4ea850f30ca1f14f252a2c775a
SHA25692115c1dd1312ecc577081a1030b812ac5f489bfd0e496cbf12cf10823429b99
SHA512f621487a5dbe4071185a5c63a9833f0b0712edafd2a0d09e4949f4a3849f0c95a15ce476fc1e69323c2ed2f1edd0d130889672cb4bf4b88d9d54b1f5c996e5ab
-
Filesize
24KB
MD50831e7409f4719cf4cae2e154106bd73
SHA104f6b7592f36fc7c3aa8befb3ea6cc247c3b3190
SHA256443349b5ad00c150da1f10fb05ef5905ea42f92826469a52bd24c9ccdb133331
SHA512e2f7e79713153daecd31aeae488fac12415ee9792a749eb976ec9f210889c43eda42b53391bc2aa46a3ff59de3602865ca68bcc58af96894050718468e253796
-
Filesize
8KB
MD59aa0386fe40fd3d9159da46d967aa252
SHA117cbb5eab77b5a005575745325a264a0aa440461
SHA256660c0a98cfabc7bb0f5811c24a13acd61bda617ab80b34a1688bd8e8e5793061
SHA51272c5b6074857bb456104229e69b5137e30657be105796db5be48499eda44be6b2564e6e8c9e6baf1ea74899178e68ad9cbf67d54412312cadbd54bcd0fac1fae
-
Filesize
8KB
MD5f0f15836845698d1e50d04e065902557
SHA118f76fba9fa234c4c079a3fae009d23b795cbb66
SHA256ae52a66f06737a2b6357a79632b14c30910a4eae82e8c37cc716874383df8e5b
SHA51212de0a645007401124d552962749914bebca97b8a30deb67fd0140e6796025955c3d9645fc8d19639af9001bb4f4275036d4a507c6545b9c87d4351332266971
-
Filesize
512B
MD5cc858e7c48d71be8c8126dfc5e820537
SHA197707634d2a9707fa3a067a2ba13931e0b73c586
SHA2566b4e371463a1c8ca27a2c1729e0f3c1c398283120def867b3e2af05c036f19cf
SHA512cc126719a469204ea0687c3ecd144b89d0d0d4a6e31b3d8b0e34aa62ae6aa2deecc12de5520bacf05845cfbcbdd3e334551f7244dfb69e223b7aca581a950d39
-
Filesize
24KB
MD5ecbff9653eef62492fc88d864bd03eef
SHA1ba72b8a8e90d4264e28c94d6b6caf78a04a267d3
SHA2567dca83b099edb9689164bedb8a6e99292e1dd02c63efe1671dc1275e4b5ce3c3
SHA5124018fbd16e983db63f5e7d59c919c20357674cac3796aef290f4399e4e1d26e7842f8dbfa67d26a54ca8fdb82c583fc449fbc2ac39c0c8f94f454ad6c8a53c2d
-
Filesize
512B
MD5d62d3f4d61fdae6d2ffdad779c90bc30
SHA183f035ae4ffa6c81508b433299efc84524e1339a
SHA256bac7e4f621ec084a3a9fa101a113e07db3070f9bcba33a7cebc9047cbee2f645
SHA51280592539b05f5cbeea42440a9ee55f73fee244939a00e92d8634aa5dd9194e4f977c14a4b5e40f9bc13fc5082b871b5ae9f53bbb1512eb0397b0630eeeefffc4
-
Filesize
8KB
MD5fa9cafee1f15bd8e1b669c1d23bcb802
SHA11656d3869145e87092a92257c5ad6e5b930a5e03
SHA25670d37b6aaff684944647f96a1fddb0b004b1deba0925c5cc19b04e02538e212d
SHA5123db7e6a7899c15bd368dc458e955e15f596f12c381843bbebb9060a0ac1f0d0897709c231529999494450c313518de53c870c0bcd00835fbc04e0336fb35df4d
-
Filesize
8KB
MD599067ae68ef72e08e753f56f1d12aef3
SHA1c06281c41c448f89f22f684b240b2851b123c9c4
SHA2566c98ac91df0f3b919f53871ca691fa838abc3c33d1869302b6d6d1a5baedd236
SHA5129470b0f2bba5769e00f0c04056d689d0155d5a5ae4242e376aae4aa169802498d7750c2b0a6d26a338e282b5705336d366c1bcebfc1828e96e86ec9f1a52455d
-
Filesize
24KB
MD518fe38af58e5f87856a790c33aa701e3
SHA1c6891a756dd4fb4dc0579264bdeddae216b38d6e
SHA2560406afc81c76b3b2e95bf4856a2bb48ad44ba02e4c45b45b64d1a495da518b4b
SHA5120713ec95c92b5d8faf3fb30545c197c5fe1865f05e850f06846f35fc0b473d0f85cfb60572b1861defda63c52ac88eee9d4b71ceb184c5e1dd8ecb29333e1438
-
Filesize
512B
MD5ef789c75654fb68206a847f5ba6bcda2
SHA16ba1b800a9e05cca1e59f3d8cc59121f404d6b34
SHA25609247b94aa5dacc2720525c552096a497ccec030361d1cb7cb7401a3772247a4
SHA5127aecd9b1cc49d566ef614c4e70e7c099f8517faab291c65c5f0b242a2b1ed61caac01bdef4fc2714cff26232a0fc2f1eb0a9bcb3085f17b518bda85fbc17479f
-
Filesize
8KB
MD568182ab97c1a8e466c3c7b060fa32da0
SHA129f6afafca1116030c79462e7b4554756cf85e31
SHA25634c22a077dd15d5c39639976bea969df0479dcdf5769134cda65535f2b229d2f
SHA512168124d115f431edb347b1b00e0fe3420f49251b5265a7b24c7eb1695f1cefbf0138f2d667bfc50d80a2643bda2133b4f882be72f00a4c605dee762783ba2468
-
Filesize
8KB
MD56fe5c57cc2cdf02929fbbde899117a33
SHA175cdfa13e124c3ce55025f3cbfc0b918a9ee9af4
SHA256a8e8fccbc7692300051779404eb5ada4227fd6e39d8eb6ce8f328a23ba55a712
SHA5128d0c028ab687c59f21e59b27c3ec2da2a68e175f7c80f31936e5c9fe591dd4bcdf62e6564a2198a4dd34f2b085f22e0fa6c710fe55134b06d7cbd45327f8e17d
-
Filesize
24B
MD5bc51a59f793204e53617040d713c7232
SHA15920db5e438f7486bba3ed204dddf9206f24d388
SHA2564ca23b0af17845231164e7d8531b7177f1e27afbd3e0f9b6fd4c2aae457363e5
SHA5125ff5ef4057e87b6e8e2f0048694fb56eb86c81164ebc792706a0f328985c54f8fdc3851afe07559af875e9d108c608e03d84ab4c201b6d750ddd8c5008ecfec8
-
Filesize
24KB
MD5083bd5e53e85c1499b3f3f39a8b27c05
SHA1539208db3761fbd4628dbdea4da20d47364982d0
SHA25610cf0e705cc51a4da915dfd2e0360bf05fa0dc1caf52b9755a93f928c4fd4ce9
SHA512b8ddeb321ee6d7233282e625b28cfeb103a50983b312797ad0e156596500c524072050240415b85f70c4989a828276ac17333be52fa6f9dab8a81443ece37589
-
/storage/emulated/0/Android/data/.youmicache/.CCA9582BC81E888EA674F157E5540CF8/Sw2Md3B4xR5gT1h-journal
Filesize16KB
MD57efc3d6649ebceca295d3dc0fdfb51a4
SHA1ad613bea130163be00eb394e7cbec264710ee24f
SHA256062f82cbcb58ea1cc64512b025be932ee50e2b5ac3b5cdb9ffa332c0525fcefa
SHA5121bc45adeb5b8c0b4df207dc7d75f3fb7dde6bd4d65a8d8e5eec7d5d18f25a8d2e01aa54c2fd474182d48e3598df7b41e64cc66d72a9eff7d0b2f53a38da76ad2
-
/storage/emulated/0/Android/data/.youmicache/.CCA9582BC81E888EA674F157E5540CF8/Sw2Md3B4xR5gT1h-journal
Filesize16KB
MD5b3f72490aed0c7a27945c2540b7ae7e3
SHA1c44dc8604ebd7a22aa614d1b322d49bb639ed5e0
SHA2567cf586b663b224d561f52c01c18dc25acc2f9b2ea545cda2c6db650ef7c061eb
SHA512d426f2e1836111cd3ff9b3734d94a46f1b1ce68a7bb0001f7b6c9ae6ab5565c72dcc96ff997f524964413d227c7881001a2a48ae09336b7a9d6350fbceb238f7
-
/storage/emulated/0/Android/data/.youmicache/.CCA9582BC81E888EA674F157E5540CF8/Sw2Md3B4xR5gT1h-journal
Filesize512B
MD526912818f0fa5bf38e777145c9f4317f
SHA158ce4f562aff84e266ccb7ffd0f9969df7f7b722
SHA256a793aa6a4cdb15825f58ff842bffb035c72d9eb8da45145786db1fcee31d7ea7
SHA512f2a1766fbabab20df25a8b97d04e7c6e1b99546fbae3fc7e8a542450df280e173bbb288de8c9478b99be39581d22678db0e2245cf999dbf30e7526ed3ce7b86b
-
/storage/emulated/0/Android/data/.youmicache/.CCA9582BC81E888EA674F157E5540CF8/Sw2Md3B4xR5gT1h-journal
Filesize8KB
MD5d527ede9b7c17cae9e40563b55602f5f
SHA1b11b62b984b94a6b3fb247dce3fe4a96386484f7
SHA256ec2aafb8cf62ad9d015c9d6189fee96a7780dceb74a534f139f42f73eb4c18e2
SHA512198c7a27be25c63e8738ba0404831b7e2540399441af5572de1bcbb3c53c497febaf4c152829e7e199cf5b0c784ce046ef1c4da821d7593ae88f7db99ce4f6ab
-
/storage/emulated/0/Android/data/.youmicache/.CCA9582BC81E888EA674F157E5540CF8/Sw2Md3B4xR5gT1h-journal
Filesize8KB
MD5fad09d41bbd40edd84773daf962877e8
SHA181990423cfae8f49236f87eeddbd025bf9042b3e
SHA25641f7f450cbc216dcd2118e5ac7df23ae86355c8c0095c92c8ae52c41c5cbc9eb
SHA5127c68544c46f5e498f170b4ef9f86b29316aee94f2cff7d717d1e099122b22842a7d97934617d7ddceebe355f89ae39b45f377a7716c94c7701608fd36e9b57e6
-
/storage/emulated/0/Android/data/.youmicache/.CCA9582BC81E888EA674F157E5540CF8/Sw2Md3B4xR5gT1h-journal
Filesize16KB
MD53514575f6faae7ae456c8f8392d5fad9
SHA1af9d37d456ce10a5d04ab4b98e21e2fefcee6e26
SHA2567aef1f7ee76b99fbc65f10e392c3738f5c9830398c259073636e31e704f5ebd2
SHA512bc185c1ddc2f33c6fd75cfceb5bf13dd5fe0d5a59829bdb17375a18fc2af71bb392a9b19870db1245c1957b1967c3aa25322fc3d0fb542d1a86449a6ca866247
-
Filesize
12B
MD555ce2a0d54825212393d502c1b385f6e
SHA15cd9dbf218c5ef9246b49f0cec18469ef7a356c9
SHA256069a80460ad26eaad5bc9a1a0032ee3df70f5633ea9c32a594abfabf638a1fab
SHA5125938f704eac7d577c79e6002b814e119f1180e4c62763950189aaaeb7460a3edacf84841f44a8cc7f15d66dd6b2c1a7121ec76fcdf1db2ee9983374f33344d52
-
Filesize
13B
MD5cf4892211df3092b1c3b408c217710fe
SHA1a324d71915d621485151ee253a47a8f451ab907f
SHA2561ec2035ba596453cd7dec161e804bb82cbf8494d90d518d0fc78185f2a7a5ebb
SHA5126acd6e837f326264ef51b9fc190ce273b0ca0ee83a908e1eb24633d7a30e08906176bf51b3a7c51b00794f2651779474b783e660fd53a3e9cd82faac7ca38c67
-
Filesize
15B
MD50c10dda6c0803b0aba2432404ab4b7d6
SHA16d7296e47620a42a3b1707b04195cd4d509d3ef8
SHA256046c39fec550c831995f1238bc43d951c3b5685a2d5248cafb08be716117cc20
SHA512b36d6c6b809672e7fd53a6fecd0a0d1bec898abc3255b8ad6cc76688e4dfb5c4061b0ef5557ef70ba73638209cbd83669d353e8d4b6bc76ce8bf36731fce8120
-
Filesize
10KB
MD5afae783ac947cca5b8c1d71ba1b492aa
SHA1a1960e0f03be6433d0eee76ba4480d0c800c581b
SHA2562fb8f1fa33d1748dceab4f16179ff27cf9eee2cd475fbbba2ed6b0811cbd8708
SHA5126170afc4d6fd4375e6907a71381fc9bf16c1b9d35d926677c546c61037da0a11b4f8d8678ff4f25a8da45231fa2f691666b95cf5372f776fd456bd72aa44fe59