Analysis

  • max time kernel
    3s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240611.1-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
  • submitted
    18-06-2024 16:10

General

  • Target

    bcd264a82e545a2f8668ed4142feb05f_JaffaCakes118.apk

  • Size

    1.2MB

  • MD5

    bcd264a82e545a2f8668ed4142feb05f

  • SHA1

    09c9189ff3f1121ea997693c43d13f6c74e2ed38

  • SHA256

    555ba3f7e9c78939a2a90a78f4d4e0734d60dcfd696480eb12f758d4f0e9a2f6

  • SHA512

    45be69a16b0d297d9888863e12b7fa8026b4fb3c6bfe52f8bd3f49fc0becfeefff415f83f03c2b4d1a5f7f465d175da48b1a60ade840a92d3ca83b38f87fdd2d

  • SSDEEP

    24576:wy/PQQZya1FTEpjH1NOm0Ax7F80wuWHFux:wkPP18LOm0K7FbWU

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Processes

  • com.ayl.lifebk
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4485

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads