Malware Analysis Report

2024-09-09 19:10

Sample ID 240508-whr1ysga7z
Target 2607d71f14a034162b27318a2f480fc8_JaffaCakes118
SHA256 934570325f0fc129b65eb89eda595d5dd1f055351c6485a96ea89fc9b8ea552d
Tags
discovery impact persistence privilege_escalation collection ransomware
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

934570325f0fc129b65eb89eda595d5dd1f055351c6485a96ea89fc9b8ea552d

Threat Level: Shows suspicious behavior

The file 2607d71f14a034162b27318a2f480fc8_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery impact persistence privilege_escalation collection ransomware

Queries information about running processes on the device

Registers a broadcast receiver at runtime (usually for listening for system events)

Tries to add a device administrator.

Reads the content of the call log.

Queries information about the current Wi-Fi connection

Declares services with permission to bind to the system

Checks if the internet connection is available

Queries the unique device ID (IMEI, MEID, IMSI)

Declares broadcast receivers with permission to handle system events

Requests dangerous framework permissions

Changes the wallpaper (common with ransomware activity)

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-05-08 17:55

Signatures

Declares broadcast receivers with permission to handle system events

Description Indicator Process Target
Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN N/A N/A

Declares services with permission to bind to the system

Description Indicator Process Target
Required by accessibility services to bind with the system. Allows apps to access accessibility features. android.permission.BIND_ACCESSIBILITY_SERVICE N/A N/A
Required by accessibility services to bind with the system. Allows apps to access accessibility features. android.permission.BIND_ACCESSIBILITY_SERVICE N/A N/A
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. android.permission.BIND_NOTIFICATION_LISTENER_SERVICE N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to write and read the user's call log data. android.permission.WRITE_CALL_LOG N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to collect component usage statistics. android.permission.PACKAGE_USAGE_STATS N/A N/A
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-08 17:55

Reported

2024-05-08 17:58

Platform

android-x86-arm-20240506-en

Max time kernel

125s

Max time network

131s

Command Line

com.tencent.qlauncher.theme392

Signatures

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.tencent.qlauncher.theme392

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 monitor.uu.qq.com udp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.14:443 android.apis.google.com tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp

Files

/data/data/com.tencent.qlauncher.theme392/databases/download_database1.db-journal

MD5 f2d53db626c2fe56865621a1d793e0a4
SHA1 9f454a9465b94927254e5d928d68ff682d6d0166
SHA256 91d8c24260656cc82a2ca52a7206ecd35a02e96b601d6c327cce0516bcda92dd
SHA512 6f7c16230d1b24cf2bb07f8834a502768dcc3f19e2f906ecd681051af2b7c2a2c0b96bb373ca79c06a9f176fee26fadd9a448144468998ccfaee2f7fbf2c5180

/data/data/com.tencent.qlauncher.theme392/databases/download_database1.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.tencent.qlauncher.theme392/databases/download_database1.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.tencent.qlauncher.theme392/databases/download_database1.db-wal

MD5 6f79aa8dfbc11a3c6072b6406abfdb3f
SHA1 5ab7e45b26d46fa458b5be0c9fecce9e202b5a85
SHA256 c77e9121e7abcb683882f760f621735b8caa3704673d8a8fa20be9d5f9ab5e52
SHA512 9c4c761aaa607e7188025068dfd8f82a86f2ae7b1ca32c44e5691b8d47529cbaed0305273bbf1dd185d26b5998d3446793ad5bc091e44665c0e8a1c5690164cf

/data/data/com.tencent.qlauncher.theme392/databases/eup_db-journal

MD5 79dc64d857f39fde37e2cccb91ff3f60
SHA1 9f4f1150d232a854baaf7ba2c59aeddc4fb9f595
SHA256 adf1decbc9dbf4cb4ad36bf77670f88d299046dfa7bcd4b28150cc56aabc310c
SHA512 dd7c66a9669a275e7cf6f3fca58894d8ff81a94744e9b213ce0f877ed2e5941be3483a85d8892320aaf4d86807b9a32b5cc9064420e0c2dbd2c3f928bb3e8176

/data/data/com.tencent.qlauncher.theme392/databases/eup_db

MD5 ea25a44c5f7c3d2763b0cec8ea033906
SHA1 d4fd1e205f7ea89a879d8ac5bd8b0251da78f8a3
SHA256 f0319d89aea03a0cc6295b5a43c784cc4f91954e141c520c2b9e8070f9171837
SHA512 8f13640208499d841e6c0007909d2bab4f14e33ba20cc6e6440c429a7245bf352cc3fe9bd0538033668348415fbc20c9807fcee7201dba48e1070f56ab859cdd

/data/data/com.tencent.qlauncher.theme392/databases/eup_db-wal

MD5 66c9edc49997b77c6b36ee31476d196a
SHA1 4620542cd667c2663287731b4f4f5a4b99de6b0d
SHA256 f47239ec34bbfa4b50abaf3801f67e6d6f69fec72851f8549a70d267d4875738
SHA512 b58b9272423e4dfb4bf9d1f8f2fd3cf74083d64b19ccd57254c98a37b19ae2528f662a6eb98049b724f1e103274bd6afb98820d2231a8c21b30fd8915ac11fb9

/data/data/com.tencent.qlauncher.theme392/databases/eup_db-wal

MD5 a4af568f70228e2cd95b62d318427008
SHA1 b38d9782dd5d7469844f8327c07b85040b570f0d
SHA256 f1a0ac2d9cc762074e08387574afd2cdbf05b36c467f0913bb17fad50ccc8dd7
SHA512 939d37b36b934f2035b3705b2133775b858dfef1bce9de01cebf7fd2825652a8e6ae0276663971c2bf77efc83d7a28dfb73577e3d3847b0828744235ff66cc95

/data/data/com.tencent.qlauncher.theme392/databases/eup_db

MD5 c7e86172ffd62146455f7918763fce5d
SHA1 dfbac78df41bb6d73ffe4bcc80c888dcf07c4a83
SHA256 81cd48af94c851adfa766e6e6e100be83551560f40b0a5c1fd8003f0d63ab3d0
SHA512 fda47a630f59122ba8dbbeab5affcb7a68a342b5ae5af26d761d119a4eb09a35f0cb2d0117862967f90c08471929de9a28b0c897b157271523e88ae59ccf9907

/data/data/com.tencent.qlauncher.theme392/databases/eup_db-wal

MD5 5f20ea3b0da2509c4229d0b8a66b313f
SHA1 47aab05844f60fdbeb438df7865ef18c9abb44f8
SHA256 95dddbf526f06de38d0be41db283e891ae2c125fe3e213859e40276e7c8a6915
SHA512 35dd3821f0cf8d42ba57aa6e2782b4a67bc03f22a58fc30bd94a53c03b5418b8721f4a290c33910b094dca09a247c50bf29fd773d97c56e872ac67e4e32c3216

/data/data/com.tencent.qlauncher.theme392/databases/eup_db

MD5 e35aab696ce331e43d11f3cab91b38b7
SHA1 f34710a45480dc98b8cf4511804245514833fe94
SHA256 3007c747e513284afab333b3ae2aff9814d70755ab300d4261e805177cd02eb2
SHA512 9cca537565b24db330d4b4e85215671f0f14ca02e69e840d160990bce133189a057fcb09d9a0ea4aa0be1a890ce53288e09714ddbac8ee99b92e69ea1752e942

/data/data/com.tencent.qlauncher.theme392/databases/eup_db-wal

MD5 70712ef86818cfba7ab82b8945fdfb3f
SHA1 1018587393d1d75601bab7d35bb2d4c5692c4d14
SHA256 735ed6e32aae6b3ae6518b28a9c192ac4016beb0b2c349dcdf101a27bb54d1dc
SHA512 c53d96caa03632727f5c89981894aca691062a7dea142076e2842c4c1622a5614c0654b8013f353cd35d91fbe579d4939068a3b5a061c75f1108096dccf6abdc

/data/data/com.tencent.qlauncher.theme392/databases/eup_db

MD5 dbc465ff7e4f5d822a29290b8934da28
SHA1 041b767fb17be7ff110761248af8ac06c31e343c
SHA256 5bad67019abb6e3b5c25b84142fe378d0465d7d84eaaf3392d7c1752ad880e57
SHA512 c8e3e758825398ebcdaf805751d48a86396549b4ad5e24d6ef8aa306d92870a5b987ca76a22395dca4239f0641b7a6bd2f8d667d6e8b0eab47007e247b3026f4

/data/data/com.tencent.qlauncher.theme392/databases/eup_db-wal

MD5 97e3c330268bdcfed221d7aeedc6d8cb
SHA1 03597429090adfa3654f0029d73be105d21e1efb
SHA256 2951c5e6c7e84b8e0d465c4583838a3997b05a6dd93e13745041de3312187214
SHA512 ebb149b4a69574b3291f3e8a74955a73a831ee7b7392d445f5624a4952b90375f9be6ef3e1f81deff0523572131ba045b9fa04233b1d23ae650677ff8e0e1d36

/data/data/com.tencent.qlauncher.theme392/databases/eup_db

MD5 afebea4374db54b7c7bc0292c0ab738f
SHA1 d707206aecfac1cebfc6d1d2dfbe571565731711
SHA256 ed7936ac600b14d66b9172c95c0b0e1078ee9823c2a39b6d95679bdd9b6337e6
SHA512 ec574d9ad0a1ae5aa07f49be1bb728f677880dd27db50140498a4332dc2e44e85700f0096c0af9dd18f40658c24dd58e5fc4673767560129c869c750aaa3d72d

/data/data/com.tencent.qlauncher.theme392/databases/eup_db-wal

MD5 dd814d4c6943167c8f444c9e276c2a17
SHA1 664a91c7d5f68b9ffa09eacc2d11110cb2d062da
SHA256 3f6c00dfdfc1b6d4b85c66f2042a2a1167270c7e8c0074cbdcc337e8dcfe818a
SHA512 555838ec52702610c153f6d06289a43295471f55f37e779478e2282b268d15694e7e2c0fbe57a75a01163699c91585123149d89a721e4b24c8a637800db0ea49

/data/data/com.tencent.qlauncher.theme392/databases/eup_db

MD5 a1bc56b46e4617ac349413c3068a7203
SHA1 e44cbc616565b47fade2e2a87aa7b56c96130ea1
SHA256 e5156abcfc25937d87b900ec3ce0548d958a018ba44173e156eefc1fd37724c4
SHA512 dc2d0bc1d573ddb4a9f9e4c9a0a09def5bfa2f518bbd9bfd6ddc9609730a60eba2202c442c98185eed49b99282f3e885b64589f9e405427b179acec962e6b13e

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-08 17:55

Reported

2024-05-08 17:58

Platform

android-x64-20240506-en

Max time kernel

143s

Max time network

167s

Command Line

com.tencent.qlauncher.theme392

Signatures

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.tencent.qlauncher.theme392

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.202:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 monitor.uu.qq.com udp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
US 1.1.1.1:53 strategy.beacon.qq.com udp
HK 203.205.254.111:80 strategy.beacon.qq.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
GB 216.58.212.206:443 tcp
GB 216.58.204.66:443 tcp
GB 172.217.169.74:443 tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
GB 142.250.178.4:443 tcp
GB 142.250.178.4:443 tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
HK 203.205.254.111:80 strategy.beacon.qq.com tcp
GB 142.250.187.206:443 android.apis.google.com tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
US 1.1.1.1:53 strategy.beacon.qq.com udp
HK 203.205.254.111:80 strategy.beacon.qq.com tcp
HK 203.205.254.111:80 strategy.beacon.qq.com tcp
HK 203.205.254.111:80 strategy.beacon.qq.com tcp

Files

/data/data/com.tencent.qlauncher.theme392/databases/download_database1.db-journal

MD5 3fc3895248e2303fd3f3b4bb2b1fb58c
SHA1 3cb497a4b821c8f816987200c13dd998982377d7
SHA256 69dabaee9f6d109a55569adbe8bb4f18afb90541dba02334035d7303ed879a05
SHA512 be5e618db9ad2a054a85035ebd06076e473f583021f9a5ea3fe3018b45892162e5ff9fb776628a611e9609a6d5a7a8937ec67c1002b2f14e845f6d4a8771dcf4

/data/data/com.tencent.qlauncher.theme392/databases/download_database1.db

MD5 8e3ef6d833424a2e3164215d190f4c01
SHA1 9fc5b9219e577aa4dec58e1b82423816c7fb5f0b
SHA256 0c5e1cf552421c30b282d6c587ebc7f8143d498629485ae2fe5d6e1686862f49
SHA512 2f992ea450410e0a0b54e31e28f2b037a3f97c204c3677c593a09a140e896c30540760d018edfc2d9849c19b5da47f627bd1fdecac9f7009792f059c0e9b54b5

/data/data/com.tencent.qlauncher.theme392/databases/download_database1.db-journal

MD5 5b41aa8313bc9d45c7c60064e29867a1
SHA1 caa6afa0cbb55cafe5a2b8bebd99dcca5cb56ed9
SHA256 a44275e670ff4f74d6a291dab61e3a932d018f9fcd31ffc95df60c35dd218b68
SHA512 4c51da05b1229d4a8d074c22396845ec1ad4817cc937686069dea0cf62c69d855a19e229f775c9bcbf46ce6c1e6118b2efe73665d31e8c1445c1ce39508798f6

/data/data/com.tencent.qlauncher.theme392/databases/download_database1.db-journal

MD5 7949911f82571a812a4cec06527923b4
SHA1 21d8397b6a7b84e3953e7369615fb9dada4683d8
SHA256 4c284ad2535620f704138f9e0d4ea565c46288b34fec9dd9ed6e6a0675117918
SHA512 14973615a8c1e90bb586dd9674ba9ccb6961fcd748204350771c98538dfd637e418c85f54baba5775eb48fc09dcc410c51c80afbd52dfaa65057104b619d7042

/data/data/com.tencent.qlauncher.theme392/databases/eup_db-journal

MD5 70c9a45058d54fff64cf2c9007b8d7f4
SHA1 1dbb7b6397765a7eb395c742c973fb90b2de277a
SHA256 54ae7ff47a797d1c1f7a63ec2ad5381a33cb82e905f3a33cde62dc5c9658b319
SHA512 12c4aec8fba970adaec68e1feeac7e94bcc13e4139eb7411b88a923ac8d4cc46217a12ba711cea4f0094b72d4e58ebd51f6bf7a75099516496de75edc40997a4

/data/data/com.tencent.qlauncher.theme392/databases/eup_db

MD5 e1ab7cbed3fb53c12f309deb97988d2e
SHA1 bf26f7301643ca198721d10017ea63de94718084
SHA256 e4d36cbc27ce2fe1e354ac6a145cdecb096b55e6cc5cb6d1f00eca2a2cf05e0f
SHA512 9b162cad2eaa83ad93952b8a8ebedab0a32f014b6c74c357965f073c2cddad90582de7ce012d6fa012aba60bb2abe9f39fc159fce358a68a6422a4557e72acc2

/data/data/com.tencent.qlauncher.theme392/databases/eup_db-journal

MD5 f8d36d8b6b4d15941b674a80106dd152
SHA1 5446ccb8f666071878f4645bed9026f54f104b2b
SHA256 acb94a8e9bbcef02ee9325ca1ca240a0febe7b2d96035b92407d7640241a72db
SHA512 75df67addd5f0ee39296bafce52214c8522905ad2f63de0e5fef400dfb1ae082e99fa3f4dae93461549801ca96546d387f827309fe36999747348ec894c427e2

/data/data/com.tencent.qlauncher.theme392/databases/eup_db-journal

MD5 3d64d708a00e204e4beae0dbd6b0a93e
SHA1 6702d94253498e324f69ea8ac53bd7e90a68b4fd
SHA256 d128bfffa0b3f9e2c7b58abd93b09643e8c7104c4a272b59c7a095194e5b56d4
SHA512 b9ca2ec84194102397cbae18746fa26f42d3f24df41825d8689dc15acf73631bb36043cdb6c1ed86729288c6208e8217da42f11654a442435a3f84761c3bfb75

/data/data/com.tencent.qlauncher.theme392/databases/eup_db-journal

MD5 08399010ad4324186fd4122673956109
SHA1 1fc1c899e3eb085d989a006d288ae0807603fe4d
SHA256 37c6efda3f995a0db1d982899d5a166d169166ff62111ca1d15baa8ae1b59e3a
SHA512 520667ede1d7debb2f863a463672282bfe9c0d705ca52898cc46568165c83ad83b6e461b2f0bf209d5f163948612dcfcd9374c76325e4aaf542ca3b31a257fdd

/data/data/com.tencent.qlauncher.theme392/databases/eup_db

MD5 23841f1e0cee21bc2c283570aa5b2f43
SHA1 68ed0e3bf8d5dff914619f74b1e37dcfadd16ddf
SHA256 e17f984e0e24df8a5c4d875218cfa9b110665cd11c9df30df8ddaf2a19a45836
SHA512 120466eaefc668272eaf2b1a75043415840c1a5c53ce06644e1ae282a7d4bc985a69b4f2ec293c619f7d0075d36644574be14a59d2685e8e71e6bfe5cc7ec4de

/data/data/com.tencent.qlauncher.theme392/databases/theme.db-journal

MD5 899bcf7b0ee2939d70b53cea7fe172fa
SHA1 393594c847b4d32949841feca9f23e33d1b9a4ef
SHA256 524d746d7b002be72c8942cf4d241f0630eca24a2d5d8ba5cd60960b59d513aa
SHA512 46425d31289225451a7d1aa7895b3b31c09ebb4a3327c0e11bf9e882c4a42597864ab692f9c204dd182a25f7e454be14045a46492ddefaf729a7b650e8f8531e

/data/data/com.tencent.qlauncher.theme392/databases/theme.db

MD5 a365ce2a7be72a1736f11e9afb7288df
SHA1 dfefaf9728757da4076ab6adf79d9932681b2d21
SHA256 dec004a5f4f1f903132baa8d99bd2da5da17ebd3a086e8a0d3e59bf8c8d82591
SHA512 7ffdf78e0c39085c3872c24e372be991d62d953e89a3e30690d053223cc7b034aafeee4c3fc4062d3f9ef6747c71476f786f76d795b1fc759084844ad017b305

/data/data/com.tencent.qlauncher.theme392/databases/theme.db-journal

MD5 32f3d711b851dfda1b208905331c59bc
SHA1 95a129151332f3ac546a7fded1749c82b0008722
SHA256 8d9c216a8f335e1e90f7ac8222d71220d9b5e95d2632b29305f22503089d3592
SHA512 ef5b409d199e50d25913e0844e890696b071317838a05f571c02abedb076b0917ff8f4d8eeb13f549276fa1ad4c8642dff4a67c84d2793bf7c30579b5c5cd029

/data/data/com.tencent.qlauncher.theme392/databases/eup_db-journal

MD5 a9e0a3296a12ee257187ce0f91e28aac
SHA1 2555fdbb69d572c414bd5ec8fdf628ae23db108a
SHA256 275bfb1a150acd3555508ececdf0d68c682604c3fbe46f379ea5e629ab8abe75
SHA512 d11a3275f4b78a6fe24c8f78c980f1eee19bbf7973a69ab122329c31fb35b6d4a907f34aa974c545b5ae88dc7c76f15608c599784198f6d6525baba6a336bb64

/data/data/com.tencent.qlauncher.theme392/databases/eup_db

MD5 aab9ae8daebb1f9771e18a72a7f3e6f8
SHA1 f9e64a1764505119cdcf3ab4f97fab25e6124d6b
SHA256 f22d95dfeacb8d4e5d046205d4a474137b7d7d9f58490a7fe9f15203d19fa58f
SHA512 c0266dbaf810c7aa74f840cba743f3bcaa187874fa6cd91b6d19ebcf219abba47348f0d110c0880a2185e7df023e15748038f9406add485a3c6ecd89d6482c29

/data/data/com.tencent.qlauncher.theme392/databases/eup_db-journal

MD5 ed87a4d433f3a1b88047b8c168b05aca
SHA1 ea4ceee2fc1e8b0cbadde67c75d066925f778668
SHA256 eefa79fe8d04263ae5914922a06394a7e10439a1a9a8f110ef4632bab34f029a
SHA512 3435443b6894774900ff1f76b8156eb21461a68426bc6e77138f0c3cb79102439531ed0a3ae741fa1c0ffe07f59366875d7073779660e1591bb294a90779e201

/data/data/com.tencent.qlauncher.theme392/databases/eup_db

MD5 f39e946045304d4612ef5ac5659e50ec
SHA1 7276df98c3c34ae7a130be60f64c3c5d8ef01c9f
SHA256 5e5970cf6adf5a7fdfc9e1e0d7b85ccc652a06231099b2a1f8a74aeb2498d028
SHA512 1d18ff31129981073d3c3c14a744b28525776713059c2c1bb8d89cd3b88d9aad8a873e31c1441c9ea19dad0c19ed51f61f76325563d885df3267b97471bf2561

/data/data/com.tencent.qlauncher.theme392/databases/theme.db-journal

MD5 3d659d8dd2fc41731e15d3f261072888
SHA1 5f67b88be6e2aa2bca624689c377ce1c19b87225
SHA256 dd81265c976c2735247a51298e5c783edcb106dbcd1a0531036c603e75a2d050
SHA512 82d8fdee53783ab9be3d5af476ee8705fb7dd9169fc52ed7edcf90893e2549ea6544150927487e4de4f813a71cbbcaa496b9f85d4212a6646ce17c5cc8905155

/data/data/com.tencent.qlauncher.theme392/databases/eup_db

MD5 6ef6990cb251b7ff8021c788cbe5b8f8
SHA1 ebe467bdc9ae6d2d316dbb804dfec4e3a236ae1b
SHA256 264aa149404e272cea32f6154ea831b7dd8591fade0d6ee802f72f41385d940a
SHA512 a5c5c597c8d8c5ff3f6e11a2a24113b6dc58e37a4ceeadc88fdbd62b70ab135801afb163c5b8bee85eae3911e7b5816a3e1c7e2fdaca1011e140186df5cedafd

/data/data/com.tencent.qlauncher.theme392/databases/theme.db-journal

MD5 43bc67e1c193b77d6b0648a119306d5c
SHA1 b8d52beab5d7a896ec5b2ae77f52ebb8241c1923
SHA256 2626c9dbb23690302141b444114ec1b2ccdbc6a55685ee33b4138245f666fcdd
SHA512 9676ecff94c7633f087ca21f02bc7975afca478de6a2fb3bb99d376ce96dc7cdb2e3ca74c868003a892430420c74964e33a11199af8cfc9ef2efb86bc46bbf52

/data/data/com.tencent.qlauncher.theme392/databases/beacon_db-journal

MD5 d382c2c1a8ae72da5c1841dcc14086b1
SHA1 fb33dc80722f9bb93a2165133ebf8d78d331a551
SHA256 9c197ff795ef3c85d387068ed0ed7bde9bd1bd73bb6257bd41caec62af0b94dc
SHA512 7c602395702727f7417289fb3871608e09229e19c8fd44e660b25338071f2bc4e0367d7abfe47be17666539c9e7a15c10cd23fac25786bd7a9645220a5dd50c4

/data/data/com.tencent.qlauncher.theme392/databases/beacon_db

MD5 496896034378dd3b5f7564d7abd40684
SHA1 efd126316807295a536a4de8ed378fe391f98381
SHA256 54ba3e70e23430558b0a92eb3c8650e3f723873dd7d5857a7c1b469440e915d8
SHA512 6eec9fa7f8f7faccd6ee621f938fa63c50c43d4bfddaf5429927262cb846650d2c9b86018309e79389a5ad638bbb27284c0724e6657123440475d6d7de0c882d

/data/data/com.tencent.qlauncher.theme392/databases/beacon_db-journal

MD5 3e6dd3c60a7a3176cbfbf226f36e40e6
SHA1 41f6a8a00f02d76b53460040dfab30c11e5f11d2
SHA256 484783f92ec3cac241619aad2ed8bccf984cd9b55d735e15761a91c45c47cb2f
SHA512 60ff4e0758bbcea1d69cd4bee479f6ddcc3e97c1e532674f2cad69e34c8a7941bdab4d432f158295d7fa2ed683ba8e72d78a40c2e6fbb5d2fb655e42620d8d5b

/data/data/com.tencent.qlauncher.theme392/databases/beacon_db-journal

MD5 8ef9ba56148e46e8f32efbf9f1cff017
SHA1 4156ff38d3023754f9508fd546a5ad41c11b125a
SHA256 4b24edde6b33664426a00ea3dfdbedb003f6651ce49afc37f33750de99da5250
SHA512 6a15cd699da578dd2186bb226f1880de1fdeff2c9856311fe45e5c9b280d3cc9fde1d0965a6411e8e74d8a6fcf563b05402dd2c28e2b1c36296fcfa7cfa87c52

/data/data/com.tencent.qlauncher.theme392/databases/beacon_db-journal

MD5 595244c66ace2825ac1bf9ca243526ad
SHA1 3760bedb2c82738cc59db9b3f71eb8200ee9a399
SHA256 c2ee3073ba2d98bda983ef52820429cd97a36a6f2b7e7f76e4392757939a898d
SHA512 6a9b32e6ef6b0308bca615b1dfe9f2a767558da4686f7f9bc924589a0bd5414b480875d56a981b7a4b7311f787cd36714859055f5870d1273eecee272e293f6b

/data/data/com.tencent.qlauncher.theme392/databases/beacon_db

MD5 8a2106ec092a823851e1e7f24b53766a
SHA1 9a8c45d6110a2772b0003f77f9127ccfb45b4648
SHA256 e1aae152a2a7f513609e6a0c36acaef080a24756321d149c9820ab9b45a739e6
SHA512 a46ca8d0fd81dee7bc3e96ed13a95e86dee8b94611c199bc3bc486438e95cebc58c7027a0bb6535e764c41a3c58c567b8f8941f9baa828d5e04514c94eb6fe97

/data/data/com.tencent.qlauncher.theme392/databases/beacon_db-journal

MD5 d1aea77bb19238f11714252902f814f2
SHA1 d216edc3c816a1d051bea9fc7de5bf70234f50e2
SHA256 27f3479c10a8a532b6a52a4860ba34eb28f861ce119ed313336be313311f0370
SHA512 6a2028e0177ba971cecec0b5137c40bfd23732b6e78d21b427a2c11aaf53d4756ba19087b97f006f6e65604d9b5c098273592e7524569f57d9ff772ceae5ce57

/data/data/com.tencent.qlauncher.theme392/databases/eup_db

MD5 3389aff8d9c59594d8a1b1273440c87b
SHA1 53686d30bca5e51bc18bbb04eecdcb489a04c46a
SHA256 087ddf2e439b1b2c27c8206cca5f5712a10ea8a4c6a068a42f553e861b82fe9d
SHA512 91c8b239ccfd60cb9d75c7289c1046562b19d824a5d698e4b55908c52cf89b16889c70b4dc47f68472e3506d8718f3adf01b1768ce84388272374ac2bd05dc37

/data/data/com.tencent.qlauncher.theme392/databases/beacon_db-journal

MD5 9409f3252f4780d910118592d9b8ec14
SHA1 cc5cbfe37a0e8d38e483439aae56aec6b0b1a83c
SHA256 8474f1e3d47a6ce6b933b869d981bbb6ec6fb7bf74d068c4794bcf389a23efa7
SHA512 c8308d869850dc205d9ed6af74de272a24894cc19423929ebe1c4881c3977a5eb5741120866845ab7237e93b6168d88614bcd830020df2dd1e297332bf624c3c

/data/data/com.tencent.qlauncher.theme392/databases/beacon_db

MD5 46a2ce0970a12035074fa6bb3c05125b
SHA1 d19266827184a8b8b168149bad769187519a315f
SHA256 9d6ba3ff22a97cd0e362c19c02f9b8ed315336ccd040505eeded8aa7c86e07ff
SHA512 1f5e3d751118c8cb2391e61f51c00c78a618784141266b2d25db7b4ae613ffa62c58d12ec8b913789add59077d8eccd7c3fa2fc008750f3f2bf11c1eef8df887

Analysis: behavioral6

Detonation Overview

Submitted

2024-05-08 17:55

Reported

2024-05-08 17:55

Platform

android-x64-20240506-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-05-08 17:55

Reported

2024-05-08 17:55

Platform

android-x64-arm64-20240506-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-05-08 17:55

Reported

2024-05-08 17:58

Platform

android-x64-20240506-en

Max time kernel

13s

Max time network

147s

Command Line

com.tencent.qlauncher.lite.onekeylock

Signatures

N/A

Processes

com.tencent.qlauncher.lite.onekeylock

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
GB 142.250.200.10:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
GB 216.58.201.110:443 tcp
GB 216.58.212.194:443 tcp
GB 142.250.178.4:443 tcp
GB 142.250.178.4:443 tcp
GB 216.58.204.78:443 tcp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-05-08 17:55

Reported

2024-05-08 17:58

Platform

android-x64-arm64-20240506-en

Max time kernel

14s

Max time network

132s

Command Line

com.tencent.qlauncher.lite.onekeylock

Signatures

Tries to add a device administrator.

privilege_escalation impact
Description Indicator Process Target
Intent action android.app.action.ADD_DEVICE_ADMIN N/A N/A

Processes

com.tencent.qlauncher.lite.onekeylock

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.232:443 ssl.google-analytics.com tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.14:443 android.apis.google.com tcp
GB 142.250.200.4:443 tcp
GB 142.250.200.4:443 tcp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-08 17:55

Reported

2024-05-08 17:58

Platform

android-x86-arm-20240506-en

Max time kernel

146s

Max time network

160s

Command Line

com.tencent.launcher

Signatures

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads the content of the call log.

collection
Description Indicator Process Target
URI accessed for read content://call_log/calls N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Changes the wallpaper (common with ransomware activity)

ransomware
Description Indicator Process Target
Framework service call android.app.IWallpaperManager.setWallpaper N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.tencent.launcher

com.tencent.launcher:tcm_service

getprop ro.qrom.product.device

getprop ro.qrom.product.device

getprop ro.qrom.build.brand

com.tencent.launcher:plugin

com.tencent.launcher:tcm_service

sh

getprop ro.qrom.product.device

su -v

getprop ro.qrom.build.brand

getprop ro.qrom.build.version.snver

getprop ro.qrom.product.device

getprop ro.qrom.build.brand

getprop ro.qrom.build.version.snver

getprop ro.qrom.build.version.day

getprop ro.qrom.build.version.number

getprop ro.qrom.product.device

getprop ro.qrom.build.brand

getprop ro.qrom.build.version.snver

getprop ro.qrom.build.version.day

getprop ro.qrom.build.version.number

com.tencent.launcher:plugin

com.tencent.launcher:qubelitestat

/system/bin/sh -c type su

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 monitor.uu.qq.com udp
HK 43.135.106.212:80 monitor.uu.qq.com tcp
US 1.1.1.1:53 cfg.imtt.qq.com udp
HK 43.135.106.184:80 cfg.imtt.qq.com tcp
CN 112.90.140.213:14000 tcp
CN 183.61.38.168:14000 tcp
US 1.1.1.1:53 dispatcher.3g.qq.com udp
CN 180.163.210.30:14000 dispatcher.3g.qq.com tcp
HK 43.135.106.184:80 cfg.imtt.qq.com tcp
GB 142.250.178.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.213.14:443 android.apis.google.com tcp
HK 43.135.106.212:80 monitor.uu.qq.com tcp
HK 43.135.106.212:80 monitor.uu.qq.com tcp
US 1.1.1.1:53 tbstx.imtt.qq.com udp
US 1.1.1.1:53 w.html5.qq.com udp
US 1.1.1.1:53 wtest.html5.qq.com udp
CN 116.128.163.92:55555 wtest.html5.qq.com tcp
CN 36.249.65.140:443 tbstx.imtt.qq.com tcp
HK 43.135.106.212:80 monitor.uu.qq.com tcp
CN 117.135.171.182:14000 tcp
CN 180.163.210.30:14000 dispatcher.3g.qq.com tcp
CN 14.17.41.159:14000 tcp
HK 43.135.106.212:80 monitor.uu.qq.com tcp
CN 122.189.171.73:443 tbstx.imtt.qq.com tcp
CN 140.206.160.242:14000 tcp
CN 112.90.140.216:14000 tcp
CN 180.163.210.30:14000 dispatcher.3g.qq.com tcp
CN 122.189.171.103:443 tbstx.imtt.qq.com tcp
CN 36.248.43.191:443 tbstx.imtt.qq.com tcp
CN 115.56.90.107:443 tbstx.imtt.qq.com tcp
CN 122.188.37.134:443 tbstx.imtt.qq.com tcp
US 1.1.1.1:53 monitor.uu.qq.com udp
US 1.1.1.1:53 strategy.beacon.qq.com udp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
HK 203.205.254.111:80 strategy.beacon.qq.com tcp
CN 119.167.147.66:443 tbstx.imtt.qq.com tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp

Files

/data/data/com.tencent.launcher/databases/launcher.db-journal

MD5 13428b9aee7f3e0cfae3c11b227b7665
SHA1 6fd00edeacfcd3761b867288494fa760a4fb12e6
SHA256 f91c285e77bdbcd2bfdc25777054f0562ed526c62065690791185142866e7c63
SHA512 05778ff9ff4ac065ed977d7faff4daaf3d6e8386c6e8a92ce80b3a2d6814b215ab19386849aa4defd3db4a4ae008843d5690360a8a82cd96ea29aa503f9523b7

/data/data/com.tencent.launcher/databases/launcher.db

MD5 bf57bbadcb344546fadec8a030bd8fbc
SHA1 47ed10066774586f6523ff0a08ff78428653a504
SHA256 fe9e4d7ba3a71cc62acd21f6a98f3632ae605e76ab9f2f6cb0539c93815dbfff
SHA512 36747e367a6a90618bb73d5296369c933a0e47aff9aabe4921b88186a87844ffe7446e89880fe4ea44d87488d212b9d0ba2b46887a0671aa66f009cd1d38d694

/data/data/com.tencent.launcher/databases/launcher.db-shm

MD5 2a90bb7842692160026cb129d4b00ffa
SHA1 b73532a4b0361b683971327f7db7bd6dd4c8709b
SHA256 8ea5dfa584c1d07a4dded528f1b85adfe14f6fe87a8dae3f68cde492c0c57fbd
SHA512 df89414106f72a3dff6d8287b999e421cfdd0934fc12d40ad9b9a2ef364fe9e994aed1ec59a325fb68a64fe4cb3808c1ae875ad0947baa8097d4fbc7034af7e3

/data/data/com.tencent.launcher/databases/launcher.db-wal

MD5 e36392411dc97c48fc9e5b529c245ccf
SHA1 544da043267ca68e69da59457ca006bba1c1100d
SHA256 d5de3b0e205d991019e97cf4cee445d7d335a576492c00733868c8b202150d61
SHA512 5da31202917f0347fe73743f712e8657b876ab5bad455a7419f3f3970ba12cffb89f36a874ac4445a1944d6d6797d17110038618d4a906c2dda5bdd3b5a9ff6a

/data/data/com.tencent.launcher/databases/eup_db-journal

MD5 5056f6d671f35e286b21c1f645d545b9
SHA1 b4fe10857ebbd6db8f467242470e9a549ef8a1af
SHA256 fdd811c642b56e66f51287e7784635d0315695f5891ff1e8b7f01011a478c5f4
SHA512 46d31c34cfd31bec4e7041635008afe0a1d718d22d4e39e1865ba0945bc603b78230d6a5455df047c9c16089f328d7e3721698eacaecc95aca61c5b11c9ec0ef

/data/data/com.tencent.launcher/databases/eup_db

MD5 0a7c2287a47f5420cca6e64ea959b1af
SHA1 9f67143a3bcab70d26b9b7ba4b232be70f1a031f
SHA256 e67814eabd960d39f17c6dfe5319f1640955b4b9b0464ff2898555a5b8076ee2
SHA512 ac3ff0eb9ae66c063f05e2c8d2423294c1bddb0eedb1816fa92b8e3e5afab88374798f4297d7774d4619e6bdd4f180238889346d82e7737e5af851b2f6d5a7c1

/data/data/com.tencent.launcher/databases/eup_db-shm

MD5 bb974d9ccd7ae2290ca297dca4d3a663
SHA1 ac43dcc084e416aa9c1e5542d41b062f0c97d62d
SHA256 8e8251a8f0c3f876afa15ea06132189b76c187f897b07c33d3754e5b0a7157c9
SHA512 0e51edf5b19c273d1ee42c44ca04bb454c102e7030780feb5092f9d331ed33fe446f76abc01d61686f2d203b39848a96634bc70f2cb921ca54f8050da66cb362

/data/data/com.tencent.launcher/databases/eup_db-wal

MD5 6cc781f85a08716153fbaa94ad7d43cd
SHA1 15407e2f73111f26ca04a3125a2e8210a56ac6cc
SHA256 e752bf20f5b142bbd40ae8c543c08976b8fb58e3de55226eac1ca4a3781e531a
SHA512 29ba3dfe6baa7189e8ef9fd33e97a478f788056b8f612607129c79566b236cfccb3f7904cc5a6859a1e5ddee3f8f2101b8a76ffd55c295f116178a43c58e1e78

/data/data/com.tencent.launcher/databases/download_database.db-shm

MD5 1bcecce344634286382c32daf7b2ee5a
SHA1 7146ff0e23d3849e48b11c682a215652287caad4
SHA256 eac1b4098a7cd687bbe31a035bb76c70b0c65a84f0ee2fa6610b44f01c84806d
SHA512 0a1e560f7181090a4d5517c7b0db06384e0da7000f7476c0720cbf4d17c6452a02604acd6c261b3c2cb5f97e527f0c639fab52bc38496cecccc7269f68465a2c

/data/data/com.tencent.launcher/databases/download_database.db-wal

MD5 e43355f100ab0b05e93b1e1705d122e4
SHA1 47566805cd347d8171b608eea6591181242bfe38
SHA256 a0f14c8819504afe2a128494b84fcd07cc4c1aab60e8a93decac23440e5c7cd1
SHA512 920df9484dcf69ed422273091701207ad8c093bd2733787bcad642acd9a010cbdd800d2783428d121e31d49659f414dc8d10b8b47a908952f263a3b2331b8d8e

/data/data/com.tencent.launcher/databases/settings.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.tencent.launcher/databases/settings.db-wal

MD5 f3ee4aefa65a24141e7c52eae5043606
SHA1 e51fc9ca905461c666ad3511db8628bc1b40f6dd
SHA256 2ab816fd82b8a887ba6e37c6234e9d8d797a69f55df537307057d41a182ac379
SHA512 0b24abc6aa1f328bb51b90b066e9cdd89506da0d4d55bcd0ecaa12ced900611e76a737981ea384b81695a0ac340e5b884e49eb09e1093b9279b8729a420ab937

/data/data/com.tencent.launcher/databases/eup_db-wal

MD5 36ae8bb8285ddc9f6090f943c5784094
SHA1 8e7619a863fbd6e3b50f8f1825167474bead5bb1
SHA256 d8b527181fb21c998c7dfd8ab61648e98dd438638c732e73c585c37b8dbbbc86
SHA512 eed36af55a64448832151c0d6524d8b271e66c1a1655f53996048cd64e9cf2db7f8b655d4839a9989dc68e580280043bd3b3a36c7840a777d02c84dad996dc3b

/data/data/com.tencent.launcher/databases/eup_db

MD5 20035c2111afc282c66f483e2aba769a
SHA1 9f161c57f15167d459e247bef3feb2999fd1fe02
SHA256 4b8104052d60c4848b391ff32911ff23c6a13a5c12d888dadbfae9140a4aa2a6
SHA512 fc78fb76f6f6380b0013be5a1177a4c291a0bb8af3e394b602ddea2681bbc98f970a8c9d0ff78a93e047d96e635b6876ed9024541514062b4552145c5073e06f

/data/data/com.tencent.launcher/databases/theme.db-journal

MD5 b2734c24c0f89b2fd5adc9bb345d037f
SHA1 ddafb2fc24fe9106f078ac0fc17bfdb7046dcd0d
SHA256 34a2d6eb14503fdd3d7062357828589cc1db4bf73d7282b3d4db49a65463c1ef
SHA512 9ed51424086d74a993fdb01e04ee3dbfd7a3fb0922916f822fbd1dce33593dfc02f211696c8fef31fb5572b80a5e19a2d2e400db2360799b8d5cb743a3b3aa8d

/data/data/com.tencent.launcher/databases/theme.db-wal

MD5 f7631aef3e0db0060429c79c1e38bd62
SHA1 49c4bd3f2e9365bdfb8dcb02b12d1049e42a00b7
SHA256 89210615202f8b51a7a918b80ea76d4dcce2d05de9a2bfc6f712e89968ee5882
SHA512 39798545591d21c496ca7d761a12ae2d05907f38a04cec06aee00772c21b85e545ab1c4323205f013c90287434ebde03b5f644e66b626d6377eabac348aa3ef7

/data/data/com.tencent.launcher/databases/opt.db-journal

MD5 00b31134d634e46dbd4eacc0b82d9fd1
SHA1 d37d58a9ee8a529252b27cb6744918a3ed2cea3c
SHA256 68eb73a546d08c5bba83ee3a3fd92b5a4128ae1c8725ea46ad8667b01c20d757
SHA512 abd1200965169c109d4600c4ac7d27a2688a58a097daabe88ea52bfcd9d15a17749ce6ab42315648748dc9091642066a5a74d1f0d29b022825e50074deaadbd4

/data/data/com.tencent.launcher/databases/opt.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.tencent.launcher/databases/opt.db-wal

MD5 ab9c6ab2946f02c98fac5cf6eab177a6
SHA1 4c3e93f4a834c82cd03f16fcf63d9af2da4bf485
SHA256 8a3e91f1c6ffece11b0bdc93e53aec38860bf85252215e43fca2fe50011abb8b
SHA512 403cbf2ed2b2ee378223f6995b542bc97481682b0dcf1acee6040951ef90f82cb74d6d0ee260acfb99230e61c8a27151648488bc0446e16f499a5ce07593444c

/storage/emulated/0/com.tencent.launcher/theme_file/com.tencent.qlauncher.theme392

MD5 7af2e866326d0514dbeb3859d747e7c9
SHA1 a447cd8b762649474b833d0160e48c4f8e89aaa6
SHA256 9107f5d8322775b267325aaad10d8682098bfb68fd7404cf7f8f184aa3c2afa1
SHA512 e2a4136398f65f5f99306acd268157be62009a390602e6f67a5c72a24432154e4172fe5fc24cd207790928a97fa2286e40300281eef035e98d05566acc1a9795

/data/data/com.tencent.launcher/databases/0M30092F87174IDS-access.db-journal

MD5 26e256ccfe304dcb8b7817bfc2406f9a
SHA1 db88c710fde2a83dddaeb2547a0c5abb99eafb0e
SHA256 ffd9170e72506c600be427f88007b132d2b841122d3202245f556820708940df
SHA512 70f696e2e25f554e0e2a24de55ae649b2c478586f766c88901bac3755f893b760142eee80377e3e2f8da9dc89660ab0d955a9a01f6ebde7f471085f42000c32d

/data/data/com.tencent.launcher/databases/0M30092F87174IDS-access.db-wal

MD5 892511339f027e3c03d43942362af9e2
SHA1 722d681c6e1ea303f7fbe85c466fa7ad5b496fb3
SHA256 9a7416d00f7f5c2caaff3b526a75e6d02022cd5058ddcac64d0ad890662f0fa0
SHA512 42781f401b30a0001b1db7991145faca1f3382c2f09beb826dfcd6a7489a1ae70b1d2df6e46d320d1d62aa1b32698b231408a40116b44f5eb62539fb91c12652

/data/data/com.tencent.launcher/files/libs/libblur.so

MD5 5dcc45589459853ef9f2f46c441e50be
SHA1 41da974bae2bf9fc6ac21a3c5c427419567c1767
SHA256 ef8f0b6cd686c2c4bbc18e71b14ae1b84c63eea75a9e424b0e6b43dd4d16af84
SHA512 21cd568450f0124ad2dad023d8302aed49f1f90991f4a69b82d4609e13786341bedf446e2bce386a02c4fa88fbe00541e8c408eb3a3c6990e8fb5fc28a90df7c

/data/data/com.tencent.launcher/files/libs/libbspatch.so

MD5 8018c2a4aad05de14709f5e03bb04ba4
SHA1 82961bd084ccf0176bcc24a0aebebe7fc61d2cc4
SHA256 a55bb4c21f2cce83fc9defca8e70eeee90e0c9660ccf1364d1d58ca226eaaae7
SHA512 c5af6e0b6a3db926ffb77e82d93673e4c89e3d5f86ff29559834483c5a5411c97881ffa7d337249a5f4db693920d73762ee8a868b755de5de225ee572fe15b9d

/data/data/com.tencent.launcher/files/libs/liblbs.so

MD5 0b35104d837fb0e9520f949c12e7f6f3
SHA1 01a8fab5a80ddfc603abf5d42e3184675b619600
SHA256 897dc0399ba8ce7ea23d2eb676dae2a712050347a5b74caef5693e3ff183dfb6
SHA512 536db2178f453f8f76573668a96f7c879db26c52b3d34ed90f0f19d21367f293c277bc7acac096ecf8d342e93a79f98b27bec186d9e150581928628efa8d3f34

/data/data/com.tencent.launcher/databases/launcher_function.db-journal

MD5 d0b4c41e8d4c79a2768677ae6b2aff0c
SHA1 22d58eb9505d01d604698b74b496e0f2d2ae1c01
SHA256 d71c65dae0c3716c4ca187adf87b0e8c392cf466326a7b20e20747c59d2187d3
SHA512 9b1a76d053cc60c52a50502950e59df6a66b0f49de350bd992c9cde97bd5ce2cc76063ec5844cb413d1edbdaa36e7bb0a5ae4c3425cc3b1ef0ca55f18bce9977

/data/data/com.tencent.launcher/databases/launcher_function.db-wal

MD5 da9beeb27a32ed7c3a42bca87c7a4006
SHA1 14beb0573f58dadc6d80dec3494433fa1877d9dd
SHA256 7789f99dafcabf6bbf9527dccb4bc2ab085e516901d8f4b8a9fe8e913d1dca71
SHA512 4038b45b52a942880be829a3b10233bda436ed8277941a11ec1b74a8332cded3aa4c5eeceb918bec541b08b5c21bb0d43aa46fa7ea7dda02b8a27d7451deb779

/storage/emulated/0/Android/data/com.tencent.launcher/files/wallpaper/proto/default_wallpaper_392

MD5 47e58540774c456bb995f946d9485d99
SHA1 d4c58a77fa17661ca001fc7cf37c77bcc32f7323
SHA256 ab4aac0bff6f4eb772b26947b7133fff8ec3cb1b16daf972bdd0b407015ab05e
SHA512 04eb7614e30c54937c8c2367f6d8a5fe824ecd8bb9e34a291ecb22bab15113b842d6d3517c67020a0dd26ab28376b044333973d4c18e965c03e44d1c18552418

/data/data/com.tencent.launcher/databases/hd_icon.db-journal

MD5 c789c2e701578b3f1f781b42996dd8cf
SHA1 4ac919c1ebf1b130d5bfb4a4f668d0e12aec761e
SHA256 06a79a47975660fce0af7ac2aab183b628de434eaafcd8f1cbfb043616cb0209
SHA512 fb50a029a5a90f3a1da76cf6e09c236af366c467ef654be46d55329c6b5624cc5ef74108084be7f46b1e4b30891f2cb4f012d1e3437bbda31db483951bca8d7b

/data/data/com.tencent.launcher/databases/hd_icon.db-wal

MD5 e58228167522ca52596eb1e369d9caaf
SHA1 2af8ab33dcaf7e4aea978bbe579db4ab6b425750
SHA256 7220dc6b7bd693d3f29c8afd4350701039d69483185ab5c9bf9568be438a7ce2
SHA512 8d2555ba8bca46db5c05ed54f9001a784a7e5ebf63a78dd9aa87056fbc251e57476f519d40e74d62f0932bf5e01480c811101c3c18a96d92e9db35b57de74dfd

/data/system/users/0/wallpaper_orig

MD5 de9c5cd9c2c751187ef36fe265c24f07
SHA1 3e7db58dcd84dcd0a0117bb489447f6edd56a497
SHA256 7aa09187b3445e8a9ce346d18486ae5a70d879b7c73fa8512ff1328fca8de98c
SHA512 bb7272150e5976ee985e8134fc78f1002e289f3ecc4fd0cd2ef0dff852329755d76a19aa1da2b9e1bdca66ae7f0b8a322b85b8b92657ef80c154145308c3c9a2

/data/data/com.tencent.launcher/databases/launcher.db-wal

MD5 c415df9c4b5de1ea1bbc4ec638f5faec
SHA1 c865c15547ad697b221e57447e804932cf576808
SHA256 b30ad6a083e03095498d7268da67181ceb73cd29a30f520d443375ca8f88bf79
SHA512 0a388841e6893270b9e08afb0f4b22f2e06f5917a64c6547edc34445e189c2d2bcc5ab3c5c8f9517eda9b155e76635e07b2054ecaef043ebb8bfcea504e926a7

/data/data/com.tencent.launcher/databases/eup_db-wal

MD5 72343eec8901984d74f014100f7a7db4
SHA1 f13686d40e328da0e15cdc61bae182cfb12ce75f
SHA256 aaf08c7d9170a27554dcb50e79b50b4cf76bad8ad703c6ac53334a150db286d6
SHA512 f9264a93560a43e39382b12eed44294752e621dec74c47371d6a30147bfd32c82e73ea2c9266a5d2b225945e7155459bcf3fdcd550afbacd81a729ee35b0a270

/data/data/com.tencent.launcher/databases/eup_db

MD5 a6248a81feb5de21526e320a4baf60bb
SHA1 be80f70e691e31ae724951a7885e045078d62b49
SHA256 70e1d679364ed3678fd9f8bf885838651ef5880e95f3443ab56f32fe352e8e08
SHA512 5ca71b33c7c71b8990a2fb5450bf6bce4214f3c58335639293a0e65f57abe2637cb55c16e915dae2eb906a7f9573cc7248559960f20cfb58bc3f639668ba0d02

Analysis: behavioral4

Detonation Overview

Submitted

2024-05-08 17:55

Reported

2024-05-08 17:58

Platform

android-x64-arm64-20240506-en

Max time kernel

143s

Max time network

158s

Command Line

com.tencent.qlauncher.theme392

Signatures

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.tencent.qlauncher.theme392

Network

Country Destination Domain Proto
GB 142.250.179.238:443 tcp
GB 142.250.179.238:443 tcp
GB 142.250.179.238:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.204.72:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 monitor.uu.qq.com udp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
US 1.1.1.1:53 w.html5.qq.com udp
CN 157.255.244.15:8080 w.html5.qq.com tcp
US 1.1.1.1:53 strategy.beacon.qq.com udp
HK 203.205.254.111:80 strategy.beacon.qq.com tcp
CN 157.255.244.15:8080 w.html5.qq.com tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
GB 216.58.201.100:443 tcp
GB 216.58.201.100:443 tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
US 1.1.1.1:53 strategy.beacon.qq.com udp
HK 203.205.254.111:80 strategy.beacon.qq.com tcp
HK 43.135.106.42:80 monitor.uu.qq.com tcp
GB 142.250.178.2:443 tcp
GB 142.250.180.6:443 tcp
GB 216.58.204.66:443 tcp
CN 157.255.244.95:8080 w.html5.qq.com tcp
CN 157.255.244.95:8080 w.html5.qq.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
HK 203.205.254.111:80 strategy.beacon.qq.com tcp
HK 203.205.254.111:80 strategy.beacon.qq.com tcp
HK 203.205.254.111:80 strategy.beacon.qq.com tcp

Files

/data/user/0/com.tencent.qlauncher.theme392/databases/download_database1.db-journal

MD5 c0fd84ae1f713f3191363cd05a29f6d6
SHA1 dba0810da7f176a51015ee69805b319166bbe3d6
SHA256 26b05f75cf991c5e42143d1e0ba156e8ee3074cb225639bb2f348178a4380ea0
SHA512 e54da9afd8491724418a54ccde790c65d33e2df9048e657fc1867e63e2cd4a9fc0e75caebf82e4f98362b70ab10b9b5fc15b3d7c43c01d9bd3a7cb3f09b17523

/data/user/0/com.tencent.qlauncher.theme392/databases/download_database1.db

MD5 87aae0eab8ac310a0450dab688c831cf
SHA1 d92132003943db4dc83f18306f897c64e01767eb
SHA256 ab98ffc2c1497cfc899e3d158f8668ea4d23aa1a148afc86a35d1a92c039798f
SHA512 b167bc4b5f9f9de4f6beeefef2ae6531ab9119d7ce19e4c87c1a447199ff6bd19410f8776f626f75c061101ec449a60825b7348bee954834761f79f6ecf26456

/data/user/0/com.tencent.qlauncher.theme392/databases/download_database1.db-journal

MD5 87fc9096b9298e904494cc2970f2ee0b
SHA1 768cc60a6ee4440642a163c95df54daf52789e7a
SHA256 fa82fc29ec4e33d86dfd49980fbebb554f1846d68d8ac9c1c4369e22e3b216a8
SHA512 4b9c05ce77fe624b8e1584a1cbb049ae3be42511642fe52db2336a1fd720028d6e98f0c4686aa7027e6681ff506e8b8e3a404f40e68757a7494f730c4dd0b482

/data/user/0/com.tencent.qlauncher.theme392/databases/download_database1.db-journal

MD5 8ef8706b326b87fb1f3021ddd022f1c9
SHA1 e8b01a1f9eb64f787a6ea709f50ea20df5695bd1
SHA256 fc232cad861e52ccb701aba77a9bd66a5ddcb604589f6b56bea3cf0577c1f5b0
SHA512 393c4eff0881f91af0ef52b4e5cb2defa3f498828bb21129d202d979d05afc643e4b8dd60616a6f74dfabb85fd0af758e4de57dfb9a96c06b16360feeb5ca1be

/data/user/0/com.tencent.qlauncher.theme392/databases/eup_db-journal

MD5 e15bfba45d459cc0404da37fcbcc88e6
SHA1 6c6c53b35fb8329cac85e3a8b9ff94f8313a02b3
SHA256 146169fda0c7f567ad8817d14154dd77e541b7f3d3733e568046e49e244ae8ac
SHA512 83bca4d4efe980b2b0a6287d923f4ffaa37a8f14c08184e505ce18445d718cd576db878fa0c0bd38dbf23cd98352825a6c1189cbb198ff8174051c8d2cd1212a

/data/user/0/com.tencent.qlauncher.theme392/databases/eup_db

MD5 7795528d4b203aa3720af2babd7c4450
SHA1 0451bf944d0c99d6360482ebf4374d6a473f394e
SHA256 381d323605d5700510a0cc2e3f0c6bd1349cd211fb8a15ecbdc9f965f2ff13c1
SHA512 06cdb9c2e822d4d956238351aec2886688df47876c4ac5518ff12659d519a3b7b9efdebee94fbbbaa11d52096525d4d9bf1661c7bb486cacc61904ef9cb76763

/data/user/0/com.tencent.qlauncher.theme392/databases/eup_db-journal

MD5 9b8172528b6c775e4eec52d12bbece27
SHA1 fcd580d4d2b518dcac845261e071fe60ff5fdfb2
SHA256 a55e9c547ac91e08dd1e8f5f781d8b836501c45718f84a4a14fc2f7e6055eaa9
SHA512 e8e52004b4e737bb2900c8da34f7ca8efd3f68a0d3af6b33deef53cf7165fb21a0fe15c561e78fbbefeef1a0331d9bdc0f4ec90d79e494ad119ff469808326c1

/data/user/0/com.tencent.qlauncher.theme392/databases/eup_db-journal

MD5 21b78fc6e2390161194498d023813f8f
SHA1 d8f9c0e634247320aee0dd0706bf2e5dbe52490a
SHA256 e277906871f2b8fd97820e90defcc21d5e618a45aedace58b2d83de42c474b4e
SHA512 bb6767484b09bdcd8a775c3cd9ea15acde2305992c5ce81f00e501a116b25f6b89f4bd4f9d27bdf16ba3df0db2d76d7718b934137cbffd74cf3764065dcdea3f

/data/user/0/com.tencent.qlauncher.theme392/databases/eup_db-journal

MD5 5ef6066f25031392f3f962d1dd17ace3
SHA1 91a2e15a5efad17851ccaf69da44b681d7ce0d97
SHA256 decf659c3e2056be38d5879b06f883cfea88740edfad9358243fde3b51f12815
SHA512 09aeef769a106d007a3492ef0b1d5eaa6ec892c4d77a7d2abab90da3dfeb94341c3479e76b203da6789f59033a4264e7a257789ebc6fc5564576258f97f07682

/data/user/0/com.tencent.qlauncher.theme392/databases/eup_db

MD5 e453e58c94f8196959686dd04f563163
SHA1 bcd4e3de38f4a7bcd7c79ff97ad02dd7f145b18f
SHA256 f566c5c812ec8876be17ced2b3eb2582859d46fa66afd4c722c32f39085bad4e
SHA512 4542108ece738a50a1581e49b552ca9d60febcca619f2db4924a5dc5ac3bc2685e82781b6ad1d0d6a33fc17704bc281dd6fcc2cd4dfa7913ac0873377c237898

/data/user/0/com.tencent.qlauncher.theme392/databases/eup_db-journal

MD5 35842a80ea7c6c408e3d1e7d9f06e09c
SHA1 7443d28b0ffe74af3f460ddc81fb43ae3214eac0
SHA256 820d6ce824f3bdc05381560cbd6873de14ac65174f48b8e6747597ffea16f7fc
SHA512 51934b25273c26afca636de7265c190649e53c8e86cb3741d2ef2c351e6b2c989f8c8556367a17d4ec338f3615dbba693c27a47b00ff3f2f8942ec97e1cb6f1e

/data/user/0/com.tencent.qlauncher.theme392/databases/eup_db

MD5 ffeeffb6d157d9ee1775d2974aeae615
SHA1 08f8f192ddcd717e17cdfb784480a593a868770c
SHA256 c8009008545712dd568f982ad3e24ae302a6cc1756ba1d6a35ebdbfea17f8727
SHA512 884ca396da5f2670971577c0ce1eed9a55537f350dc1dbbbab8906b8e702c0b4d8a940459c029f036285fb3413f29607457b81ececbf9af288cc8b4500d5f846

/data/user/0/com.tencent.qlauncher.theme392/databases/eup_db-journal

MD5 c55a4a2cc0adf2259c5780bdbfa9150c
SHA1 3b3b7c5e0794a4dfd3fb1fc22b2a0ff46df39ada
SHA256 52dc56634f9be3801e1d913a2d9dd1f8cd0e65f4f29e8e195629a519cc004e02
SHA512 9f58a2800fda2dbd37985d101d86ac15fa7d499e50d57dff8962a9ef7a1a7ffd018c57127252392284b9286562e4ccc8974a8ca861a6b8ed267d6b9c71dbdd57

/data/user/0/com.tencent.qlauncher.theme392/databases/eup_db

MD5 e67ff81cb3f4d3d4fc48b3536e46b2dc
SHA1 7140392b6961e20faf023f6c939822b4db0e7fd3
SHA256 ce61a9a7a1eb7a883b3422129e13a7084a87b6baaab419a6b534fa32308652db
SHA512 9f32c4fcae948043c6f49c5b412455601cf859aae4e468b61bb1cb264c7cdc372533135ab8dd8ec649258b336584b0e6fc4669335f3803e0ac916476ae55b898

/data/user/0/com.tencent.qlauncher.theme392/databases/eup_db

MD5 b30b2be4402e4915cc7aabf27015b5fc
SHA1 94f69a1ed3430553e795b391c7324ca3b8838e3a
SHA256 f4d81063582ccdd1d0189ff27fb26e8ee7dd1fa10bb6d183bf25d586f8b2a376
SHA512 33ee5ce03922c42fdc357109f6445727b4c968a5983978be6d2c0574cfcf07d6de4291869868c04bf22d8ee6f46a19ad4b4b83ef2394fc56a203a94fc2544f0e

/data/user/0/com.tencent.qlauncher.theme392/databases/theme.db-journal

MD5 b171c9057ec92cbde022b5219e659cf8
SHA1 6167d694ad319e387e5f63dfc4635be7f28507bf
SHA256 1b77788310e3e915b09fa3573a2de7bab544d107e0fc22557697b8d6fafe5112
SHA512 e4c09dd5d76c582dff5b1006f5f54b9884c403e341cc77a4445de04f20b00dc2ed9911a06ea9742793d70ac93e667dae10cdd13cd291b4699763b980e4d74dbf

/data/user/0/com.tencent.qlauncher.theme392/databases/theme.db

MD5 7c8e340625b5fcec72ee83c38900f21b
SHA1 97e0e65035873c2e8b2fa3c1fbe57900f623ac26
SHA256 ef1a3726909a7156ad5a3e2650ebc674ff52c1d2cc893dbe370d74a0234a7db6
SHA512 6c47a899c955d6aa0803d5afb426fd6a58aa0164736e6488197fdcc338033b6c26d162e0c38a12881b85245cf7622823509f409c752d65dce20714892aab3cde

/data/user/0/com.tencent.qlauncher.theme392/databases/theme.db-journal

MD5 419331ce295f8f190a3e3a3394ad8485
SHA1 b75469f7e9b6fb1ba1f2559da5da0399b0f79884
SHA256 9213c409aa7c7c39752f8de5836b0e4092b65250d41a48b8abd6888bf9f4be59
SHA512 209a6708be2bccae7cc2edf4279cc32728670174b7c17d22065b4a111bfc5d556c669b7bd7642977279d9f22c339bfb49188e11273b15c1ddad8ab362cc66bb3

/data/user/0/com.tencent.qlauncher.theme392/databases/theme.db-journal

MD5 5e5e98430a8a3c437a0a78e9f0cab6fb
SHA1 6326873531dbfb8005fc25e94418b951281a5d73
SHA256 36348daeaf5d938f37fd73f710812756e3fb29eb0bf7059278d2beabd6e44ae2
SHA512 d9ae15cd8daaca8127255962025a896d61acf2f9eb2e35292b5b9a82d7a121c85d094cbd1b5ce3269abf5d297f1c865ba0d150a0a26b66ea9dbff261b21684e4

/data/user/0/com.tencent.qlauncher.theme392/databases/theme.db-journal

MD5 8da7ebf1d363793a4884113e563b8179
SHA1 b0c885dcaf3628b5bce94d45d1677277c6df955a
SHA256 bee8fb05df1048245b0efbe4013914bdcaa182225326da1b0711a95da82f5486
SHA512 e72f635c1437986aa99530415d01d7ffe718234ff90194c3ab3387ce83a77246aa274abac2c60adcbdf789f74b32caec38a857eca5100f77aca1ac039f90fc1b

/data/user/0/com.tencent.qlauncher.theme392/databases/beacon_db-journal

MD5 369e7db5e3a8f907b9cb089c909e5201
SHA1 c6b0fb91f074a25b1b130dc4c99b461c6e616c6c
SHA256 74521376963d2657983ce1dfa70e46ac5ed63da25a28b260c281f3746061893a
SHA512 70c46f6f9ea2a6fd387d1354a657dcbbed02a66d0b05e0b7dfbf5493319df5097a15f24fb96eb8ee4314484311c83b34df95e0e52a1059d41150d05bd652618f

/data/user/0/com.tencent.qlauncher.theme392/databases/beacon_db

MD5 2cf00b121925ff54aff17f0846a0844e
SHA1 3654327a0e040962c9996e7261454d4b625124cc
SHA256 6f01d9e525e4cf81e2139ad3754915a95ba9c9b097bc13bd4b9459c1a97a14d5
SHA512 e3020820e759500af9c5a460d449411d7703438c0eff6790019362f619e5dd7c0a1f90a1925e1203725318bcbf43b75264147cb1fcf91f0cca699c81ea730f84

/data/user/0/com.tencent.qlauncher.theme392/databases/beacon_db-journal

MD5 18a15e12fbdaad6b78b9f2f627cc47b8
SHA1 583c4d7708d3b1cd59195d6df110bfd27df87d0b
SHA256 6bdc1d6601ad38bf3af814ab72c48dd1747ea989c7499ef6bf692502c2ded617
SHA512 5bcc0d64b5d26d725a397e9108da0c1043425e13a074cd5f0b4855b29ecfb72095353035929dbb2bcfcd2fd3d3953585058cc31f0d39c2d9b3736c0c28f8047a

/data/user/0/com.tencent.qlauncher.theme392/files/wupData/wup_pref.ini

MD5 ffb1aeea142936ae5771486d5f3090de
SHA1 e4235b34656929ac0f7e91470442c2ff914c0289
SHA256 d6d018042857e58adc493913aa418ece544038129f76920a9fcb10db8fb1535d
SHA512 17376ac48b0cf6ae5a3984f42709736e739463d4b61330cc60d86d8be7f5eaeac70ed3d6d22498b419952ccddf56e9ac96ad78e41e329ba62872a9f355eca305

/data/user/0/com.tencent.qlauncher.theme392/databases/beacon_db-journal

MD5 7774709400bba4fa6ffb8fe2aac81aac
SHA1 37d7c9abc87daf7812bcc00617036bd3d50b2dc1
SHA256 06f4c658ddcee0bd93c8181f78b21b25d6b3872fdc40d1564a396881335b087f
SHA512 ba4f2584b61ed20fc304f6fe0799fe941ce42e78099e4bd7e617d01e37aed0702d45fdbdae23d724e42386a7fe1458347f9d9cc171e9bfb4d2f67ab5681ea51a

/data/user/0/com.tencent.qlauncher.theme392/databases/beacon_db-journal

MD5 423505d2b96c97a587c8d2ec02fd847a
SHA1 017b4a9321a9b37393d1547c2a06d614d7b08d1f
SHA256 cb8fb1128cd7b3f7b7103ae0f6c55964f18a7a278ce008a38ac080dfd263b542
SHA512 e3187ddc93a4520112204970281c755f32801bc6574a86ec229fda64657434455c409eafe9edfe0bf41d612a256a4e316d45f683376874856318b19e92c7121b

/data/user/0/com.tencent.qlauncher.theme392/databases/beacon_db

MD5 bce923cbe93923d651aa1ace0ef79364
SHA1 3592f508cee0e02651af126f92014df69960f92a
SHA256 8893b17e549667ea41f9f6fe75c8761bb10f9c5549a18d6ac196c609605c4bd1
SHA512 6854df4087757c533b4617ec171321893c39f9e38ffdb99e2a8da7155729491287e05c1d82c320db170d95c2a5a6acca03c4cf50930ebdebd174b9faea93d58f

/data/user/0/com.tencent.qlauncher.theme392/databases/beacon_db-journal

MD5 c6fc81a0fd22658602d975669ccd4e1d
SHA1 021edc545d49ed78a615915b512735eb79b7feb1
SHA256 5422dc850dff6de46261a7359de542dc987fe9f520c80a4910bb64faa6c1255e
SHA512 bd54e6edc71ed599a8d2884a56269c3a18f7881e8f5058065537dd8a6773fa751a00b0312f999f3686168cc9e1ba8953d37eb0cec2a7e78c83b01036a43c716c

/data/user/0/com.tencent.qlauncher.theme392/files/wupData/wup_pref.ini

MD5 446befdf913d767bcb3d6f5f883d4b1c
SHA1 4a34494c017396a9ca89e093b5e1b9153faa2d67
SHA256 395d43f7e22967a41ed23c1974133798b7cfe75881b3d528ba8865b6627766cd
SHA512 e3700f1a8a5f78bfbd3fa84b57c3fd2dca5d4653a14a3a1369bda24e4719481d733ee8e6b3ac21174cf9797b4c432ab8eec77cba8684bfdaacec8f0cd1ba9a9c

/data/user/0/com.tencent.qlauncher.theme392/databases/eup_db

MD5 5808d856487e844c903f5902985da763
SHA1 4210741d82d0e3d9fc9e3b7a4645af2fd5ce69f9
SHA256 0c8bc0ca08ab870b0ad1305067ad5cd5376a7730fa975047779d637b22bf2136
SHA512 d08a65c9d9a5a685b00c1a1ef255203283304d17dbbf1dc408dedb2777f2c9342ec193bc56ecd4d197c4128bc44b2b3d3fd8af4cb09bb4287a471bc47434e38a

/data/user/0/com.tencent.qlauncher.theme392/databases/beacon_db-journal

MD5 700fb5e82e7f5b260e5e61f803f9e74d
SHA1 8899e3514fae5316a65ac5dfad1317ff71dbbb7b
SHA256 d96402e67859dbef3814b8378216c09d4a6bebd400ea0c1249dd8911f3ef6865
SHA512 9801e1272e1084d3cd1494636d552a529d9592572a7178fbfba6bc796210939f885d41c938dca22775523956607221220232eee42cd33bcb220ec2fa1d380919

/data/user/0/com.tencent.qlauncher.theme392/databases/beacon_db

MD5 01d5d656ede493ced3a21bd3e6e6aa75
SHA1 3434f62d99c58e79e4923f3241435b5a2049acda
SHA256 5ea63c148614e45f4f8e4c1628e2f3ff6e25480b5bc6261b9b2e8e38fb74bc15
SHA512 d308ff225849bb481ec881ffde3a65c340d7534252596cc8991fc8e03e70543c68d324422758120f9aee7bc2b94b984483bcab939d9481b22fc82848a4a5f86f

Analysis: behavioral5

Detonation Overview

Submitted

2024-05-08 17:55

Reported

2024-05-08 17:55

Platform

android-x86-arm-20240506-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-05-08 17:55

Reported

2024-05-08 17:58

Platform

android-x86-arm-20240506-en

Max time kernel

13s

Max time network

131s

Command Line

com.tencent.qlauncher.lite.onekeylock

Signatures

Tries to add a device administrator.

privilege_escalation impact
Description Indicator Process Target
Intent action android.app.action.ADD_DEVICE_ADMIN N/A N/A

Processes

com.tencent.qlauncher.lite.onekeylock

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp

Files

N/A