Overview

overview

7

Static

static

6

6c7913f194...18.apk

android-9-x86

7

6c7913f194...18.apk

android-10-x64

7

6c7913f194...18.apk

android-11-x64

7

Analysis

  • max time kernel
    49s
  • max time network
    134s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    23-05-2024 22:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6c7913f1940204a08daef5dc7ba09447_JaffaCakes118.apk

  • Size

    6.7MB

  • MD5

    6c7913f1940204a08daef5dc7ba09447

  • SHA1

    f1f3d6325ee5a2299daa3f6aa946632496f46876

  • SHA256

    caa1fdd052ba6cacb4fe8acf161f8bf2ec0a7d5848f5c40950a7697722cdb4c5

  • SHA512

    6f003e85b841f3644d96c2fc4cb4a511daedbdc85c1ee54b8f67c259e7f7b9144205431f60fc3b556f4059f5de6f0b39bb1e7c345a8ff514ac75a30e2ea5c325

  • SSDEEP

    98304:CK63Z9vqoz8UHdksRwN70rCh0quLw+CJqhUUICMt6bMib1e+uJQ0C:CKKZ9v1HOsaIrwQHsqhUUgkVb1IHC

Score
7/10
collectiondiscoveryevasionpersistenceransomware

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries account information for other applications stored on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect account information stored on the device.

    collection
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Reads the content of the call log. 1 TTPs 1 IoCs
    collection
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Changes the wallpaper (common with ransomware activity) 1 IoCs
    ransomware

Processes

  • home.solo.launcher.free
    1⤵
    • Checks CPU information
    • Queries account information for other applications stored on the device
    • Queries information about the current Wi-Fi connection
    • Reads the content of the call log.
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Changes the wallpaper (common with ransomware activity)
    PID:5147

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/home.solo.launcher.free/databases/soloLauncher.db
    Filesize

    44KB

    MD5

    f436ff01c4f79743127974584e3b3d8f

    SHA1

    38181b87ea02fbd36c00055ff03dd887041849c6

    SHA256

    b04385cfcef9256d0f04de4bfeeda732bd27720c59d8cef0b8fb7715c4e824f7

    SHA512

    0f22fc8e1050ef83bbf292bb4febb48d9dd08948390aa741a2d323d7f65ccb9889646b0110f99edeba63e69803b3a1c76bf8efaac36ee8f941d460fed2e0f6c8

    Download Submit
  • /data/data/home.solo.launcher.free/databases/soloLauncher.db-journal
    Filesize

    512B

    MD5

    29ef303c0a18b79799a38d99a8879776

    SHA1

    57d2688a4eb0bf8a4344993521c9bb25ce3286ef

    SHA256

    8b07b39edaad164837498553803909cec69e55cdff9dafe88cf653362f7ab637

    SHA512

    e91477396433eadcf9cbd867a9d1847eec14325ac536af5749029524cb706a3c596f2a3452c3274c3321b0c91b7955039b559d7c2b70e6e96259ffc21a6b80f7

    Download Submit
  • /data/data/home.solo.launcher.free/databases/soloLauncher.db-journal
    Filesize

    8KB

    MD5

    333189970c667d693702f023aa73dfcb

    SHA1

    bbd3451d421cc0ef81c124541cda94c88bb35dca

    SHA256

    5ff24566a471862f7ebb258612c4d5724916e93ff2436819288ca5d8699a4414

    SHA512

    b60fcabe15ecfa380be9a623d86fbfb9f3964bff1188dc3d51e07b78adba8830223806db004f45c2dc416b3fb466a711553b646a93bf0b7a888572f1f647996d

    Download Submit
  • /data/data/home.solo.launcher.free/databases/soloLauncher.db-journal
    Filesize

    8KB

    MD5

    dacf3ce559bd93989550b3c0eafdab43

    SHA1

    4540e1be089a27214bfa358990ff36deac39278e

    SHA256

    dfdcb82cf2e65604f3f472ef99146c56f31a5ad7b8c6b1c730a47a913b9d779f

    SHA512

    86cb423f38d6e3eb45340c4a127e07774036f3b42ce464329f4740478ba19e801f225c76ad96d8ec4a42a2b3eb99e64be7a7e242f6cf5e43964f98d741d7d67a

    Download Submit
  • /data/data/home.solo.launcher.free/files/gaClientId
    Filesize

    36B

    MD5

    e8bbe605685ad829e3951d8b8c477be4

    SHA1

    663bf9e1f4f98bc49dd79af966efc748b9eeff1f

    SHA256

    bc207364e8e4cddd0454defc17fd751097d8ca3d958f571e4e8a5e0784136b97

    SHA512

    334b7ae51baafe8d2c5cb135b386cb66a064bdfa8fa91519da803d77bea7bce9bff396258e0d04a9753260376631d184586118bcf28ac08b687cff695df03f23

    Download Submit
  • /data/data/home.solo.launcher.free/files/launcher.preferences
    Filesize

    15B

    MD5

    8045cecd3d5a4c893e3a75d47b17121e

    SHA1

    61f08d6c53ae857cfd4be1bf607a6c80e5e78b23

    SHA256

    9bd54ce2fe34faa03d173df22621b5c747e544ed354e521889b692c031ba99b3

    SHA512

    70d34c24ccb3f90cdf930f0e24d67441e2aafc5baa5ae95c5e288b788cf25df394254f9bf55d45a5893b78457873b6169b8868a4fd45364c2b485f90bd4c0099

    Download Submit
  • /data/data/home.solo.launcher.free/files/mobclick_agent_cached_home.solo.launcher.free
    Filesize

    121B

    MD5

    3a1f05d251b2bb6463687f68f4a13ce5

    SHA1

    d341e2ca657b8b567e87f94fff9ff6858cceb140

    SHA256

    7db3c66ad3f4344e71157e1e20fb2fee20f377e324459c119075f0062292babc

    SHA512

    2b7b55d4a36e86c74731d243dbcbc9060452f6a51b172024806f0fb06af9700ee5fd26202ea1fe621a3309fdec6e567dd36b651c421f8e11944dcaf0800b7da7

    Download Submit
  • /data/system/users/0/wallpaper_orig
    Filesize

    278KB

    MD5

    dea583808b935ef42b66c48d0101bd0d

    SHA1

    dc3765aac996f4d7e7135e72a002271208e61635

    SHA256

    71dde9f3a7aad21d4b4876f7d044eaa7b6db245238cf8e6dc86794f27001fe77

    SHA512

    686e1bdc3fc663e43ee378da5e3e9fe077f7649e78d3b83b29ec954db40b9cbc4ddbf48244b825a7a05be307d34f3cc13a141eeae9edce9339d019a3c0b3c5e5

    Download Submit
  • /storage/emulated/0/SoloLauncher/share.jpg
    Filesize

    70KB

    MD5

    1ca1ea11af21cbfba2e970355802f4b6

    SHA1

    eac864afa61b8699f729b37c34698727392346c4

    SHA256

    42c3235ee003ad9bf44067b2641565af384e34415a61a3e7caa7a6db0f82cea0

    SHA512

    d68b2e129ab2c5e1933469bbe7126cf3005c98a3ebd30378284148d7a6377e38b8457db1ff082c3cb523158c18f09402341130de9d399ff7df75451f12d6d1d7

    Download Submit