139381f22ada14b9b0789052e97e89bca58b31306b8471035802406577755a4e

Analysis

max time kernel
2880679s
max time network
169s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
23-12-2023 12:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

139381f22ada14b9b0789052e97e89bca58b31306b8471035802406577755a4e.apk
Size

5.9MB
MD5

ac40832b696bcd51adc17ace058841dd
SHA1

fc1ecacbce2fb3efec243f8a46bc8c46c4360fe8
SHA256

139381f22ada14b9b0789052e97e89bca58b31306b8471035802406577755a4e
SHA512

e399c2c6aaa8bd1d2df6f8d65db650d3efe3b80c64731238435d5b13bf43a301542c8d565a5be7b66a82add473329af400b725a17541e4f9e692a63da352aa10
SSDEEP

98304:9VNSsEZZFzSmACadE2hYw4xQRlqH0w/2MZRjcCHb+mhDg+jXj7GVpJrUI:fEZZFWTXHYwtD/Y/Lw6am9g+jXjaVpJN

Score

6^/10

evasion ransomware

Malware Config

Signatures

Reads information about phone network operator.

Changes the wallpaper (common with ransomware activity). 1 IoCs

ransomware

description	ioc	Process
Framework service call	android.app.IWallpaperManager.setWallpaper	com.microsoft.launcher

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.microsoft.launcher

com.microsoft.launcher
1⤵
- Changes the wallpaper (common with ransomware activity).
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:4611

com.microsoft.launcher:Capptain
1⤵
PID:4685

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/system/users/0/wallpaper_orig

Filesize
42KB

MD5
d6dae202a72905c1db6e97d8ac87530b

SHA1
cfaac8e1c60af9a339f321b764e5d622a9c9dc74

SHA256
6574af6e6c7155c1edb2a2359209edc3fe56175cce09e0f5b8a1094b3720247a

SHA512
3458238b0b147f7b984e998c9574bd279cf0249f352cc5c8840d16f04d2481b114cd58d8fe4477e9d162b2670dd94d17bd284fb931416373211c2b86024bf3d3

Download Submit
/data/user/0/com.microsoft.launcher/databases/capptain.channel.com.microsoft.launcher.db

Filesize
48KB

MD5
fc6885cfed7ec894b584c16e26f06d0f

SHA1
67fc50c9930b10b7bda7193e17c9f49ae9378840

SHA256
7a118b3445324bcf0a0d45f1957b68a5a6457c10a8bf83c7cdd538d2c4053bf6

SHA512
bb01b07400ccdbffb535b47e8d8d00fcdaad3e80f7fa20ac280ab57ac064be418c2785047ae81ad5716d34eead62a7a75b7b0edd9683505a355321410ff75dfb

Download Submit
/data/user/0/com.microsoft.launcher/databases/capptain.channel.com.microsoft.launcher.db-journal

Filesize
8KB

MD5
09c479b3d84e4120f64f4730f4060c56

SHA1
4b161a46d385019cb25ea0f632fd3e0a201c65a0

SHA256
73c948dbe615ffb6e7b26166bec2768ad82c1a1de6e89ee9016e3ec1a872cfcf

SHA512
46faab2235b9623067cd912e6c013ac3c19b1844b5d7ca153fde4afc2c2425a39f3cfffa4fd27c8e05bbc24526a32fb1797d52c638a9e4c4724edb1a12b7b32b

Download Submit
/data/user/0/com.microsoft.launcher/databases/launcher.db

Filesize
12KB

MD5
f41f531c07d4141546a531ff9caffdcd

SHA1
9dcac5aed06972d0ff6bd4cc1f1cdff85b36d3f5

SHA256
bb8dee5b5c3779f175abbd142722eb0022b98d374783aa80145b34614a4de646

SHA512
e0c8d1a820cb4c098e45776e8b50ea8c83944ef2e3f005cb0acbfc07688974d370f78100ae022f62564fc4c12acfdc43b710c18ca1c30f4f575bc08b9b12d2d4

Download Submit
/data/user/0/com.microsoft.launcher/databases/launcher.db-journal

Filesize
8KB

MD5
c68afd9d28e3a131808514620fe0a2bc

SHA1
3d649385275f03e6fa007550fd9a2be5fd3b7bdd

SHA256
5fd0724cd0531698be933a2030b2f59c5f6ba73916560cd3ff760ab424d4022b

SHA512
5edc300d3ad46889b1f4c4c99b391bb2f075c9625796a8a3b59474039be60aa944998ac2e57b237e079e647b07cce6ebe15c6b97c01b7e8beac13560cb8fe5c6

Download Submit
/data/user/0/com.microsoft.launcher/databases/launcher.db-journal

Filesize
12KB

MD5
8bfcb58ce1ca45ae1a1c1897570df5d4

SHA1
b3f077c7d6eb43d8089190dbcf10fae2a689ed0c

SHA256
9e9941108923a142fa913147dc127c79d7759191ce643a08805010289f585437

SHA512
c705e78d33a81b02cd2f8ecb123558d9fda19af5c59391a3dfdccd2f44e3f096297228d2743d00850b385b567e7903f0e9c73a8633e73403f97dab121b3ffcf1

Download Submit
/data/user/0/com.microsoft.launcher/databases/launcher.db-journal

Filesize
8KB

MD5
776d17ecd17ed6fb59f02cf582163e37

SHA1
f262bf906d1d3ebed78138c448b0685a913ea886

SHA256
47693ca86a0618ac3c2a74255126a6d1e521d85fb55ecccc0e5929093f731ee3

SHA512
f521c859ce271b084e18e21cab56efb75a62bffa2b91b632f5a865d6b0da7ca3a75c57e22133c4782fac297c4ed7a1dccba3423cbadb910a3183300293b806d1

Download Submit
/data/user/0/com.microsoft.launcher/databases/launcher.db-journal

Filesize
512B

MD5
f99be4b2d0c7e2d24ae43b89f5f55088

SHA1
aacd6bf63477599ca158580d579de5e00b50a2c0

SHA256
85c5a1e88f0c6aea3e7580a73a2c874da479e5a767d6bc0d3e9e2860d87a9848

SHA512
978c27a36dbdbae7993c8e03c9874ad3818bd7586ca65fa0ed876437d7067e998175eb5e6055a9ff91098950b6c227532651f251e53001e04b4136b38963383a

Download Submit
/data/user/0/com.microsoft.launcher/databases/launcher.db-journal

Filesize
8KB

MD5
f16c2cf04ae98fe6922df3b836ac367f

SHA1
ca5560fe45f87ebd727d4b3c57bd858bc95d45bf

SHA256
49fcc3be3e9c4c894c2bac13cd4a5b69feaa121b4238f0bc08666b28b8eadf29

SHA512
61136de7f113f9b7477929f0d4a17ed70ce92cb75b93e7130b059f3a9b36286d4a888ccadd52c7b722cd0e10313c62602f480963491914617f68f4a9c169887c

Download Submit
/data/user/0/com.microsoft.launcher/databases/launcher.db-journal

Filesize
8KB

MD5
c02cf832bec02ac91496bb0408d4113f

SHA1
25acf14957b836b0fa96d89840ef049f47b5ba95

SHA256
2bff7f999fe89286524f24c45c64fbf188fbebc078830c9c6ff785e931816799

SHA512
419c8659868d8e6c70e9fabfe556f891efde27573a8d21fa4057b226d8de3d78917038287a280cde8dec43a270eb0511c8f628f64054ba51744d173a8540b072

Download Submit
/data/user/0/com.microsoft.launcher/databases/mixpanel

Filesize
28KB

MD5
3ebd5426ebdcd88bb5acb9eca20fba37

SHA1
b630be0325b53bafe7a5fd0ec430fefdd929b498

SHA256
0be0d785f14286134082dd4a03fefea2ebd773720bf61f3efd4b439f81abe7c9

SHA512
14c3fe6ee4c1c097afa8e1381ebb69ebf0da2ea3c6f5288d0978399a92fc096aae5df2f609fb16696507f7055b6d7068a53f03079e7d3a8ba6a2bd667b7ee7b1

Download Submit
/data/user/0/com.microsoft.launcher/databases/mixpanel-journal

Filesize
512B

MD5
52639df121ad7b9ad002eeab270b04e3

SHA1
c8f47e0967e877913aa714349adbd5c840707997

SHA256
eb19a10d984cbe59028b7f61d1491ecbd556c0de63cc415d30066c81abb4091b

SHA512
352ada02d5a43da32d455d53b060db523eff56c4461029120e3be8c96bd7f3832e97d22929e5dc926b8fb74dfe9fe2472da663ce4bd045fb5a0c8cf7c8540294

Download Submit
/data/user/0/com.microsoft.launcher/databases/mixpanel-journal

Filesize
8KB

MD5
925a525b969dcb1114f8f54f49aa44d3

SHA1
987fd58b7c80e8f3987ad63669ef46361e2543b0

SHA256
bb4f929f94a1e490e9885ed15a8eabb3ae6d63323b1b5e960a28ff5fe3b56c41

SHA512
d61e9600b9622225ca66ba4dc69f5c5cac2ef829d16ec737dfcf2372a3203b93cde1d5dca97f25b4df6c15ef6656e6b66774e567d4606fed2ecb7bef15f0fb1b

Download Submit
/data/user/0/com.microsoft.launcher/databases/mixpanel-journal

Filesize
8KB

MD5
e263b3fc6cf3d59d211b8582e0f2f75e

SHA1
4a578e7e55f28e93aa69d2e2ebcaa38e33b2f955

SHA256
5ee0bf41c3fb98e45ccabae8b129a1e34e60d9c25f5a0c3bf78e1d2401e261b3

SHA512
f6495f192f2ecf0d9d38283c52ef75b02838b0316e3c165ee3fb1447b2f6de63ca70e7de02f62e922cf791e24108ce448a0c01fbb75877aea34c2678e4b27647

Download Submit
/data/user/0/com.microsoft.launcher/files/configuration.json

Filesize
1KB

MD5
59e4e0a97e52ac33616795eca3a285ac

SHA1
b31813f2ed0ae8ed6847511033f90a56991ed1c4

SHA256
5e4327fc7881c3ec8b36a95684999bb7f2f3acab532b1d8252e84fa16c77e25d

SHA512
31d3e59d4ff51a4861aa30e7ba34344a1740b231b6eb1602495a08a23e0a3d22c7e70f5a2a63ab480f68a3429fa6e80d2fad1bd114c00b00707c34f93130e604

Download Submit
/data/user/0/com.microsoft.launcher/files/me/loop/applications/Applications.bin

Filesize
9KB

MD5
4e9b2c403d704c6ddd674698c65e1565

SHA1
e68b792aa2f685ebb5d78fe0a25a3cd9ab74b012

SHA256
49bb503f480c3bf07374e7a4cb1540ac964c970217ef467de251dcf845e1b520

SHA512
320023a50641e542eb8c70db1f85fad7af920f4ba984a0b38c52990b20df02d0fe0b193846863f7887377f2a465efd77cf772036a03542d402ec10fbd9ceaa96

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads