5758cc443791abe6ad93d0b466cf5155ed947f54e5b2ff747a94a7a95032381d

Analysis

max time kernel
6s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
02-05-2024 00:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

MoXiuLauncher_alone.apk
Size

5.1MB
MD5

fc0b35ac9f52a680ae190c34fb5d0535
SHA1

47070f7b7706a4a6d74fa9663f63f6290410730c
SHA256

c187625ced04eedd4bf3708e289af4c7ad62a6bbda7095eb8272cc79fec585ca
SHA512

7cc201a03cadf057e621e83cf0c0e5ad3cc6d53384c46ff890ad62fa24d987e7fe4941e5e515b838defafe32bab4c768824678dec57596472bdc719502f56172
SSDEEP

98304:oNZ1jLYnW3i7fW8VjXvEum7199wC84gj07Nk55yg3EtKmHGafX6I:mjAJvJm7199wCxgsN0vEtGafqI

Score

8^/10

banker discovery ransomware

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.moxiu.launcher

Changes the wallpaper (common with ransomware activity) 1 IoCs

ransomware

description	ioc	Process
Framework service call	android.app.IWallpaperManager.setWallpaper	com.moxiu.launcher

com.moxiu.launcher
1⤵
- Checks if the internet connection is available
- Changes the wallpaper (common with ransomware activity)
PID:4494

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/system/users/0/wallpaper_orig

Filesize
170KB

MD5
d8701d53e7e8f336711190f6e394153d

SHA1
e760635059713ebde0636353e55b25d44848c2d4

SHA256
5f057450da192b7b69b8e0085602ab10871af7884aa495b76e02bf3bca0bd3ec

SHA512
223555d535a95e5152dc967d45cfd7c7f1b21bc861836269945a3033f2e2798922b06989215796dd49037604f3b5bbf485877bb7c7b744834388ee2137166b5e

Download Submit
/data/user/0/com.moxiu.launcher/databases/launcher.db

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/user/0/com.moxiu.launcher/databases/launcher.db-journal

Filesize
512B

MD5
11587aab8c9897453ee9c7d093f25900

SHA1
08f260d0023c6c1d08a6e7bfb5c4a623ab9204f9

SHA256
ee5fd1a2417f9e5251788a6c38c28de319e5cc76c3d915b4a502edb290b76729

SHA512
0d48d646ba9b100e426d52352c64401f9b2e2d3a263ba6832563768e8434e5985d700e7dcc029c3792fe48bff2944cde52cc0be616baa1500c13ea435c2ac5d0

Download Submit
/data/user/0/com.moxiu.launcher/databases/launcher.db-journal

Filesize
8KB

MD5
cac270e3e1b90bab50be36464977717c

SHA1
cce7be3d2406b152d22ac49173ff04d2ab3a0a8a

SHA256
493b7ca3c30b68aad883b8e796a19c60b6eba05ebfa9a69aa09868d44174784f

SHA512
dbab787aeb90bfd4a67c550dc1a2e0a60f6b00cfe9329facb8640c8168e60d1e6585c45c211655bcab49d08b0429a68d95fabb4fb4258ccc321ec27642e57527

Download Submit
/data/user/0/com.moxiu.launcher/databases/launcher.db-journal

Filesize
8KB

MD5
86fd81ec274174e8c2ba248e8c64dc63

SHA1
d52b3b932738d8786a53ff135968d2d77847e775

SHA256
c10a70504eb1b233cf0393685214b3c4e9e84dde08f88ed00276f4570fbe4b7f

SHA512
073d0a001aea11436a7c570d4feb2e7b6d6bc370a9acb8aaf5492d2f0d168d747422536758992074a26b2fe031c0b5af876b4c1ed3e0513c0bb0d0d9197022b2

Download Submit
/data/user/0/com.moxiu.launcher/files/launcher.preferences

Filesize
15B

MD5
8045cecd3d5a4c893e3a75d47b17121e

SHA1
61f08d6c53ae857cfd4be1bf607a6c80e5e78b23

SHA256
9bd54ce2fe34faa03d173df22621b5c747e544ed354e521889b692c031ba99b3

SHA512
70d34c24ccb3f90cdf930f0e24d67441e2aafc5baa5ae95c5e288b788cf25df394254f9bf55d45a5893b78457873b6169b8868a4fd45364c2b485f90bd4c0099

Download Submit