Analysis
-
max time kernel
3s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
18-06-2024 16:10
Static task
static1
Behavioral task
behavioral1
Sample
bcd264a82e545a2f8668ed4142feb05f_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
bcd264a82e545a2f8668ed4142feb05f_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
General
-
Target
bcd264a82e545a2f8668ed4142feb05f_JaffaCakes118.apk
-
Size
1.2MB
-
MD5
bcd264a82e545a2f8668ed4142feb05f
-
SHA1
09c9189ff3f1121ea997693c43d13f6c74e2ed38
-
SHA256
555ba3f7e9c78939a2a90a78f4d4e0734d60dcfd696480eb12f758d4f0e9a2f6
-
SHA512
45be69a16b0d297d9888863e12b7fa8026b4fb3c6bfe52f8bd3f49fc0becfeefff415f83f03c2b4d1a5f7f465d175da48b1a60ade840a92d3ca83b38f87fdd2d
-
SSDEEP
24576:wy/PQQZya1FTEpjH1NOm0Ax7F80wuWHFux:wkPP18LOm0K7FbWU
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 1 IoCs
Processes:
com.ayl.lifebkioc process /system/bin/su com.ayl.lifebk -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.ayl.lifebkdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.ayl.lifebk -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.ayl.lifebkdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.ayl.lifebk -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.ayl.lifebkdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.ayl.lifebk