c412b1e0d4ae597e7a212ef5447d1990a46b9816d7a90d6ec7493160b1abd860

Analysis

max time kernel
2832719s
max time network
27s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
05-10-2022 15:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Fancy Launcher Live wallpaper.apk
Size

13.8MB
MD5

ff85205dd23b73ced624661171ef5c20
SHA1

a72dad57cdcb556d7d8fb044052132a2e3d6ff52
SHA256

c412b1e0d4ae597e7a212ef5447d1990a46b9816d7a90d6ec7493160b1abd860
SHA512

9b21e356b713fd320da8bc59f3250e48f415cd3e3cf8c5fcdb02aac44afab04a1dee4fd2fb25c0054e2bca8579b680d2b312d749023ba55a074323a26d902452
SSDEEP

393216:0uG/XwWgvnvNyN0o7MJlzKg38Kd3RZL3LHx0:NG/AWU1EM2g38G3RF3LR0

Score

7^/10

ransomware

Malware Config

Signatures

Loads dropped Dex/Jar 3 IoCs

Runs executable file dropped to the device during analysis.

Processes:

com.larvaneous.launcher

ioc	pid	process
Anonymous-DexFile@0xe5895000-0xe5898c94	4092	com.larvaneous.launcher
Anonymous-DexFile@0xe1e55000-0xe1e5a9b8	4092	com.larvaneous.launcher
Anonymous-DexFile@0xc35d0000-0xc3766614	4092	com.larvaneous.launcher

Reads information about phone network operator.
Changes the wallpaper (common with ransomware activity). 1 IoCs
ransomware

Processes:

com.larvaneous.launcher

description ioc process

Framework service call android.app.IWallpaperManager.setWallpaper com.larvaneous.launcher

description	ioc	process
Framework service call	android.app.IWallpaperManager.setWallpaper	com.larvaneous.launcher

com.larvaneous.launcher
1⤵
- Loads dropped Dex/Jar
- Changes the wallpaper (common with ransomware activity).
PID:4092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/system/users/0/wallpaper_orig
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.larvaneous.launcher/databases/home.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.larvaneous.launcher/databases/home.db-journal
Filesize
524B

MD5
0746f96a13ecd70e80288192676a96eb

SHA1
4cecffb2ae2f00faf685d72864c5cbb8ffc3da59

SHA256
447a05e9453df4fc1bb2dd4bc6a4486252059eb10220bfd39428fa536c33a094

SHA512
7eee8c9ce0e3cfcbb1528e4b7619e3534d66cb3a4831501dcbfdc85d605543549ca993e0f800d3d08fdfcdb8dc921b9a6479ef1a242b0d8c36514842fe0e3a11

Download Submit
/data/user/0/com.larvaneous.launcher/databases/home.db-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.larvaneous.launcher/databases/home.db-wal
Filesize
108KB

MD5
d4500f8f0451f8b011dc764e6e8ff918

SHA1
30806795eec833a2b33fb56a685cd2556764b2f7

SHA256
847bda64fbbc15ac375801dc2eb1c6504dc64a3959db49dc99a7506b2df68ded

SHA512
233a4e262cc8632822ae044d7e71cda19180fd393b93689f84cb9f72c733c2059c9ef58b3b3a2bec85c04f1eb29e52faa9bb1bed4ba6809a9c59a444718eea65

Download Submit
/data/user/0/com.larvaneous.launcher/files/WorldClockData
Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
/data/user/0/com.larvaneous.launcher/files/addise
Filesize
2.2MB

MD5
9bff87817a31effa05a45b00848d7446

SHA1
628204a8401e1fd4dba40c59009fe1baa92193a7

SHA256
93e3c0631daf6864e92b532d69f3ae44b55b2c863747b1b0355ea8eff78b0beb

SHA512
437f272ce85078721f7758403c2322ec32d396ed9798c015ead8124a3bdd598e712bfe9bfebf4bc6c84d1a9725b392febed1f9a80680a2e97f22ed9f6882d6d4

Download Submit
/data/user/0/com.larvaneous.launcher/files/c++_shared
Filesize
4.2MB

MD5
1ba23d5c38793d81d3be5ba29728ea0d

SHA1
2fad0b497590f9ad0fd79fbd2e95aa76f9fdf4c2

SHA256
e9d9215946681f9cad6c24fefae66352f38ebb6a5d7074d3d88bdabd5b02bb98

SHA512
1d73124e2616731c633985305a0ed95f1a092481b45907cbabc3deaf927a739e3d4e3ffd89d8f6b43c4d3bd168f2d2ed7b931e4b155cc7f93ed7b95c0809d640

Download Submit
/data/user/0/com.larvaneous.launcher/files/disfnut
Filesize
1.6MB

MD5
79bf8097b952c7a3dd60a536c909fcb2

SHA1
de78dfb7d5e04f55a40232d8c2910fcc9759f3fc

SHA256
a214135535fc463e90efb795a7e38e5d471af27851f9a735643711c2a788a792

SHA512
29fde89427a5b696163e78bf022b08940afca895c32e571503a2fae268d8eb28db6b047d908b4d04891ce5eac6718f07411fa3a3797edc9f9f79af61bcdcd460

Download Submit
/data/user/0/com.larvaneous.launcher/files/lsplant
Filesize
126KB

MD5
f9cfb7996ce0c6cf7a8fd5d064a709bb

SHA1
53e02890ca6fb2c1cc1c94ff437ed038446a9df2

SHA256
c46e178c4a2a5817559f4b97cda29c21d159c332e998bb79b44bc2b805bae1d4

SHA512
4655d58e2c1eada4b24e0506e8bc8488be20c7682d1f472456ee7906781881f8e04f946c2c182554d12d0c5675d8e1a34f05424998f5d51a0b1c543197c8f6de

Download Submit
/data/user/0/com.larvaneous.launcher/files/m_m2
Filesize
614KB

MD5
37c06e11dc05d967d83a002b83ce5810

SHA1
a5c45e12b22324ff4f864b3f2ecd7b4ef129f55a

SHA256
5042208fa962525962aa69152918bc37a0d00aad2e793a11d422567dbeb34535

SHA512
8dc9cf75aa94041957e2bb9e230a1ddfbf4d1dd3508116207a6712e361a43552beb7acac8ea87c80ba4c235c3c49b60ad965a4d83536b07c9a5d31d027d58a41

Download Submit
/data/user/0/com.larvaneous.launcher/files/sjkkcue
Filesize
22KB

MD5
939bcd29e715cc3423b374e92b1443dc

SHA1
aa11ec16f13a1ba96f9ea7b66b0597618e63d04a

SHA256
0ba08bd99dade139cc3d370d7a41db51659fc288d47c43ad618dae7687c02af7

SHA512
bb199078cf04124a9e683027905919b3c40251ce490842cd8078f1a9679693c09885c77910805dc28d7ae456a9bf4435ac9e299924fafef1f556aba2e5523af7

Download Submit
/data/user/0/com.larvaneous.launcher/files/wallpaper.jpg
Filesize
16KB

MD5
3b0fb20039eaf8c6b403f98cc7f94963

SHA1
0f3791b6fa7c10e20ea19bf3ff28d7216b749a6f

SHA256
5c22b3e0466885453932a713a168f30908c8d8dcd8202cb6f495af23f35a20f7

SHA512
35781437a998e27712278d5c228f7d7146a4c788add391eb3370bcfd798e85632a71c0224f435b7afca332a45cceb38e745866126e8c9c0c7e61184dc12c92b3

Download Submit
/data/user/0/com.larvaneous.launcher/shared_prefs/docustandardose.xml
Filesize
142B

MD5
581a956807d5593276b78dcd26de1357

SHA1
d38cb16ebb3197e23700d7c6d8d1d0c92242d723

SHA256
80f0ed1f38e220e2dc67bc62619b2751352d7aad2eef75e95c0c73de5caf1354

SHA512
588b4adeb641f19df7089ddf136201220312e10d261624455b4191cd6ff4b3ddf794f1812adb94f1eff4d9cd6c0ea7320a799595fbeb837ec57d1337f296d44b

Download Submit
Anonymous-DexFile@0xc35d0000-0xc3766614
Filesize
1.6MB

MD5
79bf8097b952c7a3dd60a536c909fcb2

SHA1
de78dfb7d5e04f55a40232d8c2910fcc9759f3fc

SHA256
a214135535fc463e90efb795a7e38e5d471af27851f9a735643711c2a788a792

SHA512
29fde89427a5b696163e78bf022b08940afca895c32e571503a2fae268d8eb28db6b047d908b4d04891ce5eac6718f07411fa3a3797edc9f9f79af61bcdcd460

Download Submit
Anonymous-DexFile@0xe1e55000-0xe1e5a9b8
Filesize
22KB

MD5
939bcd29e715cc3423b374e92b1443dc

SHA1
aa11ec16f13a1ba96f9ea7b66b0597618e63d04a

SHA256
0ba08bd99dade139cc3d370d7a41db51659fc288d47c43ad618dae7687c02af7

SHA512
bb199078cf04124a9e683027905919b3c40251ce490842cd8078f1a9679693c09885c77910805dc28d7ae456a9bf4435ac9e299924fafef1f556aba2e5523af7

Download Submit
Anonymous-DexFile@0xe5895000-0xe5898c94
Filesize
15KB

MD5
49a41da53e8d3428d634ade48c4177dd

SHA1
e66a455b47ec820e8c30172a049059b8ae4a6124

SHA256
8a3821b76bcb56294c41b3d81ac9082404147b286e87c3f6f741a8ebf8aaabf6

SHA512
afffbc93c58fedee82673262619145b96a64fb0f9ff41bce70c711143a515a53cc30561b7aa42d7ed9475efc163290209a31f9df6d34deff5c8cd639a7cc0fdf

Download Submit