Analysis

  • max time kernel
    19s
  • max time network
    134s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    03-06-2024 08:10

General

  • Target

    9111a9f43cd8eec64f827f2445a39b3b_JaffaCakes118.apk

  • Size

    11.9MB

  • MD5

    9111a9f43cd8eec64f827f2445a39b3b

  • SHA1

    b7132bbc28c45b8d5d8dd1d75269dfaf2ad926e6

  • SHA256

    cbd688dbe049aa0cf1c70179bc44a5dba0b7fb86c4cbf1d8805c1e4bed67aad2

  • SHA512

    ecf05d130e417e1d00cfa1b340d221d9364e66665e6a9733f2d8fd89105bfd20375d8507c839eebccae85801da04c2449dde34932ea5d4d186985e0b44ef76b9

  • SSDEEP

    196608:zRfvY6U7ITDJO7U19gOJrScrfqf1voD2BkBKNVfRj:ztZcKJfgerSifM1o6aBKNbj

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
  • Reads information about phone network operator. 1 TTPs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Processes

  • com.lx.launcher
    1⤵
    • Checks CPU information
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5215

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.lx.launcher/databases/UmengLocalNotificationStore.db

    Filesize

    28KB

    MD5

    000875e1a2106f82b0f0ead4e052747e

    SHA1

    5cf90b842489c3e12c9faef7ddbdf20d009a4291

    SHA256

    f338cd34759dc56064be9758b8f028b0013f70bb2e14baa81de9b1085842062c

    SHA512

    1dfdd9f99426e7592ba7958b5f37cd95c2cecd45bbcfd8823506718e5a48b73f691f5f5755618994d8fbe7118caf6c45fadecdac26763530b405be6fc39d4eba

  • /data/data/com.lx.launcher/databases/UmengLocalNotificationStore.db-journal

    Filesize

    512B

    MD5

    447805fd5defae7b48dbac05844b655c

    SHA1

    2ac3b10325835df93e7acc0bc6bcc30c10f5f0e0

    SHA256

    db39e11693950ed0e9dbc56f5c18753cb566a6a71f09da72cc128c046bd48472

    SHA512

    fdfd555c3b35a0847dcabbbe9678cbf6d8dcfefadfb6e713c5b68fe16287fa0f7c8e8444451981cdb29f70e496dbff7ebc6810586fb217ce0bdc9a17920d836b

  • /data/data/com.lx.launcher/databases/UmengLocalNotificationStore.db-journal

    Filesize

    8KB

    MD5

    64ddbefc1ccc564cc23d5fa638f45c80

    SHA1

    92fc76bee68d7365da76ef86e629a842e2e5c0b4

    SHA256

    64c0c9c21765c7b996e9db38348a73f2e4f7ed7f1b4c6f5a8d9413fd8a30e382

    SHA512

    aef6fb336c63ee67a294f24787bae43c116d7473908de59a89102d63533dccf4959fa67781b07396f957e6806cede2edc3a5cb471d4ef9d2b5ffb97047fd7178

  • /data/data/com.lx.launcher/databases/UmengLocalNotificationStore.db-journal

    Filesize

    8KB

    MD5

    4711ad2869ec3c32629b8dc309838cce

    SHA1

    d38aa5e64c65a25d8a5c6c24716e222a0000dbc2

    SHA256

    6bafc4af9d8a3e9b9162c050aed24e38055df0ba31b7c76b4d2651c5e9cc3af2

    SHA512

    32696645c6a5ac6f55a0810956879160ae29416c17c9cc4a6d4e33b4896228f29440edf98264191e0e0306f2c00b8d031b1027182861572f8ad5fba76806b896

  • /data/data/com.lx.launcher/databases/anallLauncher.db

    Filesize

    20KB

    MD5

    a0117ac537c6079fd449b8a1fff77ffc

    SHA1

    ded1598951a9b90375d9cc0c9f260539452187b7

    SHA256

    7156b4a7e81123b2d005ad6ab60ff8a3805b398c3dda2ec0df1ca03399383e5f

    SHA512

    f21b207641ed377ff9ead38702bb736d6aec3be1832446a2ec55431f2236d311484683aba18b17a5a9d1174ba71f9d0bb28147b7fa075555e334574367dcdeef

  • /data/data/com.lx.launcher/databases/anallLauncher.db-journal

    Filesize

    512B

    MD5

    12eca19ff9357513025477147654dcf7

    SHA1

    91dc4c3c26b668098ae9a3312a0883dd01edbc60

    SHA256

    719ced89883e508ca93323a89320d86708d4628c1e2b0af763c08b329a998455

    SHA512

    da6951a84d90aa9233ff9f9968b580677ada26451381f0791e02375d4f100d9df2fed73283aef95a51def5d7ffc114d08801ca7147ada345f5848b352c9ed807

  • /data/data/com.lx.launcher/databases/anallLauncher.db-journal

    Filesize

    8KB

    MD5

    f01eef68a102308c20b3c4944b7da331

    SHA1

    7f81f534c99ab64bb036337e5356814dffe7d4de

    SHA256

    4d49306849c3f835eddbdcc15a427b189c0698bd089c8e1a7d11931ecd669a0f

    SHA512

    ceba4dbfefb9a7d8103079d8a00a832ee1b3e392f45b93f2fd133a54e1710e94849e4f28978ac8302a4efbd357b80cb19eb566321c4236edf312978a74c826d0

  • /data/data/com.lx.launcher/databases/anallLauncher.db-journal

    Filesize

    8KB

    MD5

    23b4128a9ad29040d3c9d8f9f5a4ff71

    SHA1

    a6dca97ac43b93f7999a5438b20918b4eb190182

    SHA256

    b4fd5cfe29a66b4d9adc482e12cba8236d149c039d7729d252e08697825322ef

    SHA512

    9fe9583d7973f3955f8abf1e34e1075cd5bf3a181e29b229eb8c23052223849cff70ce70a699f1214c26f5f6d6c21127458203ebb26aee6dad3a13b24ce7dcba

  • /data/data/com.lx.launcher/databases/cc/cc.db

    Filesize

    36KB

    MD5

    0908e924aa236931dc7166fef6e00862

    SHA1

    7782648d6d8f6e835bd47058d4852932c096a467

    SHA256

    38f8548795ca7470b449dd1de9598c07a247ba59883c0764c9c96ff0b7d31d7f

    SHA512

    3c16fbc5172aed04cd206e776c46d26e911732c6e3631536410a71f1d217449475727ac9b3175e827c5ce645a1da9e05900258ee6ca27c936a9060f241361dee

  • /data/data/com.lx.launcher/databases/cc/cc.db

    Filesize

    36KB

    MD5

    67c12933d1e0e63d9801a6aa43092ce7

    SHA1

    b6936908554e4a1986b8eb08289e2d3545e8ff74

    SHA256

    abda5dd4cc2e7dbb951637c4b49d6990f9f34411fab4dee1a387dbcc8e7eed40

    SHA512

    db8b818daa3ff4ec7678645f84bf8b45c809bcbb758ea78b28982d071572655bba2d20e6f1ca4f0d057ab34fa655c5bc40457dc65050180351a2fc04a47175dd

  • /data/data/com.lx.launcher/databases/cc/cc.db-journal

    Filesize

    512B

    MD5

    e582bca57a0de45fefc5f5711bf466b0

    SHA1

    3d097827440e65d9e96d8b7e7da4cc2a67221417

    SHA256

    21fdbbcc8f727d135b9836b97b542235cd3061d70c07c4ef08ec6b4de5963961

    SHA512

    8bd341b8465b754a4d08ca526554cf7e32ac8b2bb5c4b321cd6ab49296d9ca7028f2244875730b2ce9864c82a3de8f265a3b002e00a6c165a76806ebe13f2184

  • /data/data/com.lx.launcher/databases/cc/cc.db-journal

    Filesize

    8KB

    MD5

    fefa0dd79b1dde99d976c6b40ec40709

    SHA1

    c1da5eb179b221f58ff1985c3c2c7d6019ba33a6

    SHA256

    c4961ce1195229a95fbcb33db7bd4af87f26129c90255a1ac3249a2d497225ea

    SHA512

    739b716dee667bedb27d61174ac798babaece0fdaaeb1361c5fd1f1ab77327429524f6addd3821eaf4a852f924c14dba408c6ea91d24a4135642cdfaddc387d4

  • /data/data/com.lx.launcher/databases/cc/cc.db-journal

    Filesize

    8KB

    MD5

    c86a69e984b6af6710abce7186b0e291

    SHA1

    21c7158ada0024d5e8ea0a68299c23afb0cd5010

    SHA256

    197453676c4862eb2bd02b1916d018921de9a5ad1364b3d8da3f8172440b49de

    SHA512

    a805b2c388bbb87754bbf648749133e2b6f273228e2e6f38eb4b12b35efe1b832941f751e78c28fead84e6e05d3d549c6d8eb323030d05e82141e63b0e8cbe34

  • /data/data/com.lx.launcher/databases/cc/cc.db-journal

    Filesize

    8KB

    MD5

    ac19127ff6df37b061f8dc8f496ed7df

    SHA1

    eeb09986f9c20ac82fdbdced1240e23b7c0d38b4

    SHA256

    dadec2cba4241360753aeda73f4d173fc3935814fcaa92885bcaa4ada7f15340

    SHA512

    a5efb1ae50b2dcbad0e70155afb7dd89b420c57b274c09c22da9aabfd98106a21bb882f7e3715871a98226f97b920b389d1846be1cc1fff51ec7a94efab35b49

  • /data/data/com.lx.launcher/databases/cc/cc.db-journal

    Filesize

    8KB

    MD5

    9300e92f7ab2a97fa0674eb357b1663f

    SHA1

    2c5f16de5dbd2110880418dba555b7e37bbf4f2d

    SHA256

    43adb8b6eb01645b54d1746420f4fe55efe9b88dc0ce51544c7e624231f8d7aa

    SHA512

    ca31bf7ede9656d1e3eb72b7ebfe408aa6ca11593d4b50148e461bf4431134981b45fcc2952226a61f9066e1cca2ef6b3f7d5e4e77c31245d61859ee7d8b93af

  • /data/data/com.lx.launcher/databases/cc/cc.db-journal

    Filesize

    12KB

    MD5

    93c1f64efbfbbaf175a8ef11fa85fbdb

    SHA1

    6de354d460fe5b9d1314ca8823b052728b79aacd

    SHA256

    5a3dfc812586949b60dd288172d12f17187a67f4ecbeb08b6a357bdf5258c871

    SHA512

    a31f1b48be2cd66256d1224a5e57125811f8af000f7bd50863410d5fc4027ea48e0b9bd15e15a1b8741b46044e68ccfd87245953e9c4ae02d742421a19c5030e

  • /data/data/com.lx.launcher/databases/download_status.db

    Filesize

    20KB

    MD5

    fa63b36e30f8cc2030a74a9ff1baea30

    SHA1

    689a1c3cc70c5a4e933e0f39b233e602580832c7

    SHA256

    62c616369b05deef0a22c4ee8014e78d8f7564106d0feb580bf65ab4cd0a62b1

    SHA512

    ba6f0f445236f103800134f8fa47d283f03f30fbef9f19c0809e17edd568b89d143d32f6277de169a0d07037f072ad9b5463395ab081b8713bdd292ef0c32ca2

  • /data/data/com.lx.launcher/databases/download_status.db-journal

    Filesize

    512B

    MD5

    2cbbd3ea34dea4294d09775438c912a2

    SHA1

    15401618478ef5762ecd99c2413fe6fb2dd7e223

    SHA256

    7e7c804a9031fc3dacbf7ab8658b27041ccea877a06dc05facd83f032e16f5ee

    SHA512

    7f1c0783525e71e074e879db8d6df1603a413282f6163fe4626e28abb78562fa97c1e3d492666611fe296dbd4f76928a9efe81b1426b40f991ce272852e04d9b

  • /data/data/com.lx.launcher/databases/download_status.db-journal

    Filesize

    8KB

    MD5

    6c9ae4adb58462c6c0cefc89e69bc235

    SHA1

    77800b80a75759515c506b05f5b3fdb4364f06a7

    SHA256

    f011b98a11aadab5e51883566f9ca08112cbb0977f30f110672a0bcb7ed77e51

    SHA512

    cff0c10e01b90b73a3b1424e4e39f8728dd49fab93588baa17093f5cc6c75b57d4d3e3beca6bd37940961dd5cce341cbcac8b33dceeceb92b7dc728ab968675e

  • /data/data/com.lx.launcher/databases/download_status.db-journal

    Filesize

    8KB

    MD5

    ec47d6e19144792e83ee2a6071fcf744

    SHA1

    d63a1fe483a770801934cf4c721af9af2556d2dd

    SHA256

    44c1af2b8107336dd923f7738b9e217097644feb582500f1a90021e3a5e94131

    SHA512

    a036e174968f9adae75b905f68a016eb1155c0bff6fb065182683d06594f43aa50b89a210a72c3ac1d70a39bb43eb3efd6d9729310c8a2feb31eb5f0e137df0c

  • /data/data/com.lx.launcher/databases/google_analytics_v4.db

    Filesize

    28KB

    MD5

    cc380f910524fadd875e200a16fed776

    SHA1

    47d0c2f01d12d67b4850552b2062f2a1578c8a4d

    SHA256

    23e77ad339ef36b604643bab90d5ec657a167357c4af5ce5b67df4232581c262

    SHA512

    f7246f90f50f487e19f83b8c8d9847cc58d1368267874db59bf7ea74631f4b1d87fa4b08695864a269f116a8b1db9a64852f3b030fc468749edcc03956f062e7

  • /data/data/com.lx.launcher/databases/google_analytics_v4.db-journal

    Filesize

    512B

    MD5

    c942030a7f8a13f0dfd55fe68755f47b

    SHA1

    6a33bb74f4148d67b6a540eb10f79d43b035bae0

    SHA256

    bcfd2367ea38837216391ab4f07e840191e03a5652fb7956df6248d9301da6b5

    SHA512

    2b5a9c7cf3159a1e8b48d4478f9d1bc3999f02b0303ef294015b393c56b5fd461b46857b3bf402144a102151c326e79ee1a0b42a6535f0f16e5dafb62dbdfae9

  • /data/data/com.lx.launcher/databases/google_analytics_v4.db-journal

    Filesize

    8KB

    MD5

    f2a33de06661b82dfe44a55782e9637e

    SHA1

    ea8ed2c9259b0fb7a467c349e34f2fb904267a72

    SHA256

    3d73f747d3222690f85939f66a3552af9286f6eb3e28ee89a0d896824a84441c

    SHA512

    06c409c1782d69f6ac7b7c2c7e8780d3420391915124a801ec78b62a4540ba98a8a0fd28e949f5ed9f344288ac3568ac5e1aa0397c42fcc52102c8e297df9339

  • /data/data/com.lx.launcher/databases/google_analytics_v4.db-journal

    Filesize

    4KB

    MD5

    be760208cc485c2316de193497c6bd89

    SHA1

    43bf1ba3c72bfb9b13ffe09555df10bfe938e0e4

    SHA256

    2e4317c9f464137931440327690f2eb3235141c6de40c28cebd5f2f5b3971f5e

    SHA512

    df68706814673e6f265e4a66d576c5383df97ee90543796d61ce12d9f27b68b0b498715bed955ae667b6c83eddfddaaa8d7ca3ecee89a41c608dcd868fbd3614

  • /data/data/com.lx.launcher/databases/google_analytics_v4.db-journal

    Filesize

    8KB

    MD5

    e6fd2936375839b2b992ff001906db2f

    SHA1

    797939dac3d3d7317499deb57ce6d81513adab1f

    SHA256

    917416cbbb738d891e3ff0e130dcb91a82c5c657134460102535beb9dcaefc89

    SHA512

    fe4f1628eec3483fcc3dd3841a229ee3dfed1555196dc75e032dfb15f6fbd88278f2d4d39661c424009054b6758547acf17dba43002d0b623edf6b9fb4f4ce54

  • /data/data/com.lx.launcher/databases/google_analytics_v4.db-journal

    Filesize

    8KB

    MD5

    8cdcc9c438979ec60427c0b0859ef9e3

    SHA1

    a477091a29bb69b2e22f02ba42604f1b50db8999

    SHA256

    d03925cf7cef14d41c29d07fda88c1c983f1faa12ff852c5dfd036ad6a93130c

    SHA512

    9c24a3b754d2808e5be89c0ed6bdf06f8271d5840baf99901f60048036e4aa807d3adcf21f7fc14b27c1c2eefad2ae0f325610abd8ad526789124155bc87fded

  • /data/data/com.lx.launcher/databases/google_analytics_v4.db-journal

    Filesize

    12KB

    MD5

    03c783fae46e46e96de890935b49d844

    SHA1

    5ba77ceb63a0c375df38782ff56407cb741030b9

    SHA256

    c1ef94528a50edb93da5867b0dee1361c928b73f7bc29f8cca7d20231e4e2a89

    SHA512

    59a8b93a17ba176b341eeb6d860ca0ce0ea8c3c10ab63b1360bc6fcec7b149b1cb84e3c2fc785060d81c72e272e40cd646af3d6b2e8dd0c3663896e41d72a0dd

  • /data/data/com.lx.launcher/files/.imprint

    Filesize

    981B

    MD5

    36935e088ba23db063b2c847957e2797

    SHA1

    dea980ca1db4c91e66d6d00c99cb560ab851e0e6

    SHA256

    6d33ac4c84bf292bdfa606d480349105e1db746fa6bd3e62fbb89daca316bfbd

    SHA512

    72b8e9770c668369ca6b586d3c554b5793e31302c3a618e5420bcde578cee69b621e26f46281602e5a3487434ffc672714f77778ae4c73c40fb1f4f4e2470f86

  • /data/data/com.lx.launcher/files/.umeng/exchangeIdentity.json

    Filesize

    162B

    MD5

    283805e9b29702ee04958ac8d7ce7567

    SHA1

    19f3e9af44b4658795d9464f6b53ee1eb5171752

    SHA256

    b94ed822af57bf4d23d97a2136a76fee877c436b58d8bb2785f16824a4425dd2

    SHA512

    b882d9a55a19e0513013082406a3dab452100b9555d9d505a84b0151ab3110ba6ff3bcfaaaa28b3f651019d20f6a05c386f495a2ec16732a8251753fc98fea05

  • /data/data/com.lx.launcher/files/gaClientId

    Filesize

    36B

    MD5

    7ca749e971d85a5c69e475c9b7f8ffdd

    SHA1

    eeb7e27e4f70f265f30bea634e887be3a65c6db7

    SHA256

    d15e9fd46ab2d3703a8dc930b4de18ae96c3dccc0c6841a84f3d591549d885fa

    SHA512

    0de84d91832c137d5a862e7ee0baeee935682c4c3b3d6e4c6c5f0f98702c40620536582aefb6e6714150b401a3badcfc075e310d3285cdb2bb4c8cc0c775ddfa

  • /data/data/com.lx.launcher/files/gaClientIdData

    Filesize

    32B

    MD5

    f00c8b899a5d730ce979cbd564aa4bf1

    SHA1

    43f4b34f8a60a06ab28d71f380e8a7d3a42d08f0

    SHA256

    4b5f73e206acf87b0ef70b8cbe20f10bfef2e45126312de3d70f07a6f527b61a

    SHA512

    21c4cae00a2da266e5b4da782d3d0e39559d9caacf285e3110e65baa95fc5f8644cc27ab8c1d2c8c9702d4087ade771be7b2638372ad0753426002dd9d025ec9

  • /data/data/com.lx.launcher/files/umeng_it.cache

    Filesize

    433B

    MD5

    66ba5cbbecd7259356caf2814d741db1

    SHA1

    e1489ecd81f600c7f447df3d463e853c07c7d2c6

    SHA256

    3325e7506479aed323847044510b4c995b174f783d10040f249627557ab510ea

    SHA512

    ae6e7e94680f2b19a5d3fd0b8a868271d1368f7ca7c75788f9827df7fa38ecb12d980f330a86d1d176274d6564f9e2e25351e958f65a75c181764146bcee289c

  • /data/data/com.lx.launcher/files/umeng_it.cache

    Filesize

    220B

    MD5

    3e92976797d5eae740fe3446e04a4fbc

    SHA1

    b5ded9803d14a82dac82b3f5050b8602d42d79bf

    SHA256

    5b57253a3d26a975fef5971108d99d94a4d9226326c27fd778680148e02711e8

    SHA512

    0632d51adb65af3c77a078ecbf997c71007355da6c4be142c6c97dffdf2d0304fb4baace22592e05cdede2092938b5d5ea22be36726704281917ebc02e0f3408

  • /storage/emulated/0/.DataStorage/ContextData.xml

    Filesize

    111B

    MD5

    9bbd650b32aa7bf6c3d4e420bfd946e7

    SHA1

    5a0d1ce616e986137bb64f398efa6cc00156c974

    SHA256

    54c26fcc386a0591621837a92f8d7098908aad151906e05a27a80be3fa2547fc

    SHA512

    5ecb71dd2c8bb904ebe1432b066bd7ea2a9b9acc47c5e4b9756aca148d910bfbe6c9c0a519a4bd8cee2962623cbbfb3eaa7bef8cd6c8b71f7813d13e632fdea5

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    111B

    MD5

    99cc5c57768a53b15851541de631bff3

    SHA1

    0a09390ac5add1c3647d1fbfbd680fa8c389e57c

    SHA256

    afad49304f7388498ae418684c6ae8fa2ed7e3af3f65430975cf49dd88298dfa

    SHA512

    9351b787a36024e62f8488f8035cb8f921a98c428a845eb16eb1f09bbe504cd4bae677bcb921159ac0555e6707d1ae872239dcfed00999723a7afe42be852176

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    408B

    MD5

    eb05265bc02b51f61e5879d72154f862

    SHA1

    d1ea2815f09ded34c70edcac0cd5d8e132391f04

    SHA256

    7313b395e63f3b382825cd21afdb3aa53b1106d68f3719865c9d0292e88a2f98

    SHA512

    336fd51292f62d219dcc96e3934d1a356256e15dd3964668d6f7ee6c828cf60f5e818e9112173438e9f08ce29e025c61ed8ec156bac6cec284bb438f7b20dadf