Analysis

  • max time kernel
    47s
  • max time network
    156s
  • platform
    android_x86
  • resource
    android-x86-arm-20240603-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system
  • submitted
    04-06-2024 01:05

General

  • Target

    Projectivy Launcher_4.24_Apkpure.apk

  • Size

    7.4MB

  • MD5

    d1059c732fa38ef45654c31d9cb55bc1

  • SHA1

    7ffd616f00aa96e1285f2c9de5f4bcb75e9ceff0

  • SHA256

    3b5f88556f295dd725d74a9e322e31545436cb5ba6d39c2e75d289462c63d125

  • SHA512

    f583351458f7688f71a73144c05c383db03bb324c77df3b742df5461ee4974b4f1a6869569897c50eadc2227288b513dd931f301f36fd3ace1c3bf5bf2357842

  • SSDEEP

    98304:JPfTtT9UH/U1oHN562aoGMpOOCxpPc/ZDc7shvbSA+ORKSTCdi0rmm8x+Pv:lTx9UH/WeXaeCxpPcDw8+ORKsW8x+X

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
  • Reads information about phone network operator. 1 TTPs
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

Processes

  • com.spocky.projengmenu
    1⤵
    • Checks if the Android device is rooted.
    • Checks memory information
    • Queries information about running processes on the device
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Schedules tasks to execute at a specified time
    PID:4276

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.spocky.projengmenu/databases/com.google.android.datatransport.events

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.spocky.projengmenu/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    0e7f116d921aefdf1b010145b8d8b9c5

    SHA1

    2cf72ee63ecbcb7c8fa7043d0a3e5f4a03536ed9

    SHA256

    35ab4d761bc0a974ae664610c9f953d1d406bc8a37296bb4132fdec47acfb09b

    SHA512

    c2582a88392fcdadd6616abae369136d820673ff72770cef76286eab83d1a0febe7d4fdb54a5dd8c2f5eaa1ee54f3a5a25fbe27e234692d3bc38c4450d07ed11

  • /data/data/com.spocky.projengmenu/databases/com.google.android.datatransport.events-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.spocky.projengmenu/databases/com.google.android.datatransport.events-wal

    Filesize

    120KB

    MD5

    bc43afffa17f1c9ce3fd9d2d62fd6d5e

    SHA1

    3c620ff9e00a46a26eaf7468269ed1fbee6daecf

    SHA256

    180ec4cc2fb94fc5638b58fd830e3686e185b86398cdb68954c6d4c780f9c3a2

    SHA512

    17ab91b04af2bb89d273095b0c8ccb0c498de34c6dccf5be80d6caf9cdb7fc1c916c025f6e27d8d86b8ca1f649c4e9ef27be3ee4271912c619f5b5e37ac8152a

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    7237409e0640cfab7bdbd429bf821a3b

    SHA1

    4c3da934842f8d4835dfe2a9c275a300e5123309

    SHA256

    5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

    SHA512

    c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    a5db0c0a068e3cc35c5664470a4dd37c

    SHA1

    54ac18f932c93e7315c428fd55f27fe7dcf298b4

    SHA256

    38bebb478179cd1c103195afd9b39b95248af48a14034f183befcc8763d0ca90

    SHA512

    d0a639b2f2a060f948e443c65f21148aea441a7e97aa41be89ff5c7c1da15f0252d567a68eb77ce2ab731a8b03834c4f09e11c07f97439d9c5cedc7fe254484a

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    f7e7747b8c14caef771ba620dd925b7c

    SHA1

    e9773a7454de898aab08794ca30c6b3b1acfb319

    SHA256

    45dba095eeb2315a94e48af50a072c8bc4791af9c1196a4ffafc075ee84a1dce

    SHA512

    a8c190b0eaecfb889a612ba19860878128600597df8c7871f5d8613b5d696022a0d387231dbd3632256c449d0a051a57ce7c7b91679b2c1851f3a53cb8cc954b

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    33558acb5b1d0c5a71043fdd8556c1a0

    SHA1

    838b00f5424dfac306d05d9ca1d2de5c77ee3b09

    SHA256

    00164691167979c18b6dbb6cd6b69e795b242fe4e7fabe535d506badd0ff878d

    SHA512

    33edad782348861926a829535e6d192e39844747b6265a9c83cbd1a17f83d59a7c5e0cea33c9e591e2930bb45dcfa55a2011485d0bd9eb2a39eee43fc5ccacd4

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    2ad33bddf45b177943dcc49c23ac4fc6

    SHA1

    1eb4ce4b9676db43784a11181315956a31af0f9b

    SHA256

    5ac392a4cc18d8953bf492d7e63cabb15809fb861a935817d17f538dd2f7813b

    SHA512

    cd17372e79f7a8dc8e552ce15e2a38828ccaee375c1b11270941b7ef8e2b584673150a315d0f75d7485347786e43541cb982d647f2daa2ab20ddf3d7bcfa0f05

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    7f294a6b8299e4c8ef257c83ae1bd328

    SHA1

    5d43369d3e62325cccb4d850863bf4249da78879

    SHA256

    9935f517ee67dbc3bfdba0e26992be6cdc2510987f1b3afdd73ac50126bc0282

    SHA512

    1e6e8a06f04f1025a57c11728e2c4ec520b90b7e60d423b10b03c1593105fcf15d4e21b0c567c41f2c568e81df97c24c9346a58fa72f69ba87e55d3e1f7a70bd

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    4283f4572bdb3a615e082fd623e5206d

    SHA1

    0dcbcff05fe46b29c9e3528cceb6c9211208e317

    SHA256

    de94a470ceccd984c15de54f75eb1f6e549f3880b94429bcf42bdb2465d53e60

    SHA512

    945d9a58ea4395c66faa6b6561a3c12ee3c521b442d035d21713c7cc533ec28b1c7c5ee058aa32cd1a64df8e44bbae2085de8c6bf386908e8d975e95a26cfc6b

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db-wal

    Filesize

    36KB

    MD5

    cbc30d01642379af9f713f1ab5e66294

    SHA1

    adf14e5104eed4003ff15361aa5b47d0f6ec6b3f

    SHA256

    d2413c8a99d1a2879b6feb14ba13e305ce3723f47af5b1a27d8e646ccd2b8aa3

    SHA512

    cadeb4d792c8cba8f5152d1784a7eb7d952b63080fd3689a7dd89138cbe66f3d8e64bffca37b52f36a370da2471eb04465a6c9ccb24ab3f29efabd8b3a497ba2

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    e59f819231475929415dbe09d5ab41a1

    SHA1

    0ca95182a628b7abc2a3b8599ba5c89e8c8c1687

    SHA256

    fd8ebca0e1c6f1e6d4fabbaaa6efe5e8d6c031d6b8e5d5e20fb4d813ae2140f1

    SHA512

    9aae24aae5a9dc725fd87d5c617311c951dda648c09d136aa4fab79ff9ae8b0c0ecebf63ab25157445a14f5981039fd22eb0b3d76e9909698377a693c636cb70

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    9010ff7c7d8922c9bb1dcf6f252090b0

    SHA1

    a696e3aa037235bf4355876c31fd30b94072da6f

    SHA256

    53d1ff8e507d367cb805c6bde5e2795a0d902562d4a819a293212d64447274de

    SHA512

    ced6f3fc595d2c74e9dc580be3583dff643115496c9b05d3ee65069d75bdaccdeb26bce6c32cb9b0250ed08e1bbfac546ee456ccdf05e4da5e17b3e28f797595

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    6b40f5fe78ff26d71cef84239bcd92f2

    SHA1

    633057fcecb2f39d22d3d50a9932534525d48d58

    SHA256

    3856c2785bb081905bbc229b7862f293af35869ac893cb73b72bbd8a85fa4c64

    SHA512

    5483505df30e157a03361319b1d4ede173df5f5e953150a8d2826becb449ffaaffc223b787f0be5ed82aebf2bce2943f90e20f7e7a52b152fe8ea1302a2699b2

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    7ee872999571e0a0f232d5dc246919de

    SHA1

    f04e4fe3fbbce36349609ff8872bc36d22fe0934

    SHA256

    98275ca21bb4eca11daffcad7661f404c8b954e187276cf8a9048099da66bd17

    SHA512

    ba4ad33b0cac1aafd39a9b6c39afb341f81120a3cb855bd0f49cbc3c3b5a48ce7f7d973d75cbc48681b3d539407a34119af37c62fa89ec2e950f90848c89623a

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    ace8d6351f6a5ca4882b682833be3329

    SHA1

    42b9c0f3325bd8cb45e86bdfbad2c68d26b26fba

    SHA256

    578a9b8437a41b59d9e57199cfdda7a0a418b49b4f71b13dcce5d809b82396ae

    SHA512

    a1f182f88ff03edb45dcb1d3adf0143b89894de323d668a27e96aa75d18a210c10e8bea5da5e52d7a43951cc02bc48d8107eade224fbe19e1adaf981b3e3ebbf

  • /data/data/com.spocky.projengmenu/files/.com.google.firebase.crashlytics.files.v2:com.spocky.projengmenu/com.crashlytics.settings.json

    Filesize

    718B

    MD5

    15a7d17fc7e17487fa36adca48a40ced

    SHA1

    637d9d966235cd8c6760360b2f57557489caa283

    SHA256

    ca73dba3c7548aa36d4516c03ce71f749cb14261b1f1e24fac95a3cc775512b5

    SHA512

    142701e4a34adc5268812e0c55fc06ebbb60fc86affe9b7da790ef33ee39284e8da4f976fdfe6e36be99212fba6b659da3b89ea8ca2dea043ce7fde93379a7c1

  • /data/data/com.spocky.projengmenu/files/.com.google.firebase.crashlytics.files.v2:com.spocky.projengmenu/open-sessions/665E688602D3000110B41B972808A581/report

    Filesize

    737B

    MD5

    8bf2b4c4e06a55b5dfd9bcdd4e9bb954

    SHA1

    32bc193c6e49bd9855f71af5366021ff32d85036

    SHA256

    dcfe0cd1db5f0f2456a57ce382ada788eeabd58ee57da44706f4678090301588

    SHA512

    5c8c051bac5553453fbac44b7ff23b7c2b022f0def3cfe02ee31921bfd90a6d768334e9e41ddbbb48a22250927a9627ca30a2534fa271cfe9dafc9b4a56dab26

  • /data/data/com.spocky.projengmenu/files/.com.google.firebase.crashlytics.files.v2:com.spocky.projengmenu/open-sessions/665E688602D3000110B41B972808A581/userlog

    Filesize

    252B

    MD5

    1888c4c954349e5b51a46eae6999fac5

    SHA1

    7c7340383e7dacf9c8c1b701ab9f16e0489ee5a9

    SHA256

    3ebf9f39dbc218c99aba68b5e630a82c3f21cebef87be8aa6750fc1ecc206410

    SHA512

    c8500c887ca1e044952ea3a2c84482e4b65089013d4b56da92e6e79e0e660a256001d9a98d82e0c63c05b6a391834bbb76b0c1151b7bf083b862d9fdd9b12ac4

  • /data/data/com.spocky.projengmenu/files/.com.google.firebase.crashlytics.files.v2:com.spocky.projengmenu/open-sessions/665E688602D3000110B41B972808A581/userlog.tmp

    Filesize

    16B

    MD5

    c33583fae4e0b61cde1c5b9227963237

    SHA1

    fe2ebe4d27469af1460f7e852031a04208ef629b

    SHA256

    35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

    SHA512

    fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

  • /data/data/com.spocky.projengmenu/files/PersistedInstallation2661004220398098158tmp

    Filesize

    90B

    MD5

    01dbd2bc841a43b8ce8ea6655fc625bd

    SHA1

    8f73883423892df6b33df0367a53977f4dc0afb7

    SHA256

    c8a19d188f589687fd4326f8caaaa801343d0c0d443c3bde2c9b6c9262664ca5

    SHA512

    74dd633567fb0faf861b1a67e4ed3c42905e0480eaa820fc3fafde2e798ce8fdb4ac72ff0532a530b5e5a4ebf1236ae4e6f69f473d11b9604626403b0b24339e

  • /data/data/com.spocky.projengmenu/files/PersistedInstallation7665807353998514788tmp

    Filesize

    561B

    MD5

    0c62f735148cf722dbe3e52b1467401f

    SHA1

    64ed3978ab3e3ecd4cbce8980dd2dacddd0130bc

    SHA256

    802702cdc4676f532b80ee6d3e74e0933134a70684dcc0a56c3f5461674573ea

    SHA512

    f2fd8769a8b7af3b7733bfa743923a04fa2ccd6550f4db956bf3075afc31bb8875880c444ebde3cf0e9609d3679e4198449e29f85418ccf3a3c6d25c769200e5

  • /data/data/com.spocky.projengmenu/files/profileInstalled

    Filesize

    24B

    MD5

    458367513727eb7085ae6bac486c52c8

    SHA1

    5149e2e342aca611916bb3731c1ded39a17b5420

    SHA256

    71ae47ef5a07c244f75b92b1593acc7a427e2a51094e3f5a203c4207fa15e4f7

    SHA512

    ad02660e7fb3150ba645a651d28d0e039b9a266327555006ba3b4efba28126b890a6199e40b0b7112a02e0908bb1574fee32f72f580b3aa8a6cca06a6958523e

  • /data/data/com.spocky.projengmenu/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    59e29b5d0ac30d8ec67a0c67deb817f1

    SHA1

    72193ce883a530f23bc74b6fe7a3b92abb7c6fe9

    SHA256

    b6ce0de33fe26057d8e576002a5e3ac858786fac9bd4f9d3285077a3a4ac5463

    SHA512

    e271d252bbed70c2133a2fe8079bbf6abee52b1e6d3b104dc8556b120724a29d7bd271c9d4879c4c169e56e812c4e40a0ed5643a834d4415c27716e1d8ac792d

  • /data/misc/profiles/cur/0/com.spocky.projengmenu/primary.prof

    Filesize

    8KB

    MD5

    60c98ba72a4e6cf18e8dfcb210b08330

    SHA1

    14dd92cf2b3dd293beb090472f26b512a85269fd

    SHA256

    e10279a4a2b1045f105082d1f0d8b5a23494dcf4d822c8ea06cc5b9bf4a75ff0

    SHA512

    00e0ddc10d435c1c30cc9e03cbc5bde3566c577cb423889906dce7bfecf9f9f8e8be885f25cb9179e9b73830714b6c806ab3fe9b0401e18c2ac005deda60ff2b

  • /data/misc/profiles/cur/0/com.spocky.projengmenu/primary.prof

    Filesize

    13KB

    MD5

    b5cfaf19b0330ab9b0f0e3d5e881f11c

    SHA1

    3644b00f10d94f87c32d5b10f9db86ab4477ea36

    SHA256

    64672ed9b5ce529c2cc597be1a8320e040c9fa1c64e4daf3b0166c3b9c1df777

    SHA512

    594dd3ce3b9b51193e813229ba5d3cfb379210535d60da9a5c9dbd765fa3ef78ca049b575aa0619d8989f9784613fc3499e63ded8df4ce89127d27c5b9e81a54