Analysis
-
max time kernel
47s -
max time network
156s -
platform
android_x86 -
resource
android-x86-arm-20240603-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system -
submitted
04-06-2024 01:05
Static task
static1
Behavioral task
behavioral1
Sample
Projectivy Launcher_4.24_Apkpure.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
Projectivy Launcher_4.24_Apkpure.apk
Resource
android-33-x64-arm64-20240603-en
General
-
Target
Projectivy Launcher_4.24_Apkpure.apk
-
Size
7.4MB
-
MD5
d1059c732fa38ef45654c31d9cb55bc1
-
SHA1
7ffd616f00aa96e1285f2c9de5f4bcb75e9ceff0
-
SHA256
3b5f88556f295dd725d74a9e322e31545436cb5ba6d39c2e75d289462c63d125
-
SHA512
f583351458f7688f71a73144c05c383db03bb324c77df3b742df5461ee4974b4f1a6869569897c50eadc2227288b513dd931f301f36fd3ace1c3bf5bf2357842
-
SSDEEP
98304:JPfTtT9UH/U1oHN562aoGMpOOCxpPc/ZDc7shvbSA+ORKSTCdi0rmm8x+Pv:lTx9UH/WeXaeCxpPcDw8+ORKsW8x+X
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
Processes:
com.spocky.projengmenuioc process /system/app/Superuser.apk com.spocky.projengmenu /system/xbin/su com.spocky.projengmenu -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
com.spocky.projengmenudescription ioc process File opened for read /proc/meminfo com.spocky.projengmenu -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.spocky.projengmenudescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.spocky.projengmenu -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.spocky.projengmenudescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.spocky.projengmenu -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.spocky.projengmenudescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.spocky.projengmenu -
Reads information about phone network operator. 1 TTPs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes:
com.spocky.projengmenudescription ioc process Framework service call android.app.job.IJobScheduler.schedule com.spocky.projengmenu
Processes
-
com.spocky.projengmenu1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
PID:4276
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD50e7f116d921aefdf1b010145b8d8b9c5
SHA12cf72ee63ecbcb7c8fa7043d0a3e5f4a03536ed9
SHA25635ab4d761bc0a974ae664610c9f953d1d406bc8a37296bb4132fdec47acfb09b
SHA512c2582a88392fcdadd6616abae369136d820673ff72770cef76286eab83d1a0febe7d4fdb54a5dd8c2f5eaa1ee54f3a5a25fbe27e234692d3bc38c4450d07ed11
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
120KB
MD5bc43afffa17f1c9ce3fd9d2d62fd6d5e
SHA13c620ff9e00a46a26eaf7468269ed1fbee6daecf
SHA256180ec4cc2fb94fc5638b58fd830e3686e185b86398cdb68954c6d4c780f9c3a2
SHA51217ab91b04af2bb89d273095b0c8ccb0c498de34c6dccf5be80d6caf9cdb7fc1c916c025f6e27d8d86b8ca1f649c4e9ef27be3ee4271912c619f5b5e37ac8152a
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
16KB
MD5a5db0c0a068e3cc35c5664470a4dd37c
SHA154ac18f932c93e7315c428fd55f27fe7dcf298b4
SHA25638bebb478179cd1c103195afd9b39b95248af48a14034f183befcc8763d0ca90
SHA512d0a639b2f2a060f948e443c65f21148aea441a7e97aa41be89ff5c7c1da15f0252d567a68eb77ce2ab731a8b03834c4f09e11c07f97439d9c5cedc7fe254484a
-
Filesize
16KB
MD5f7e7747b8c14caef771ba620dd925b7c
SHA1e9773a7454de898aab08794ca30c6b3b1acfb319
SHA25645dba095eeb2315a94e48af50a072c8bc4791af9c1196a4ffafc075ee84a1dce
SHA512a8c190b0eaecfb889a612ba19860878128600597df8c7871f5d8613b5d696022a0d387231dbd3632256c449d0a051a57ce7c7b91679b2c1851f3a53cb8cc954b
-
Filesize
16KB
MD533558acb5b1d0c5a71043fdd8556c1a0
SHA1838b00f5424dfac306d05d9ca1d2de5c77ee3b09
SHA25600164691167979c18b6dbb6cd6b69e795b242fe4e7fabe535d506badd0ff878d
SHA51233edad782348861926a829535e6d192e39844747b6265a9c83cbd1a17f83d59a7c5e0cea33c9e591e2930bb45dcfa55a2011485d0bd9eb2a39eee43fc5ccacd4
-
Filesize
16KB
MD52ad33bddf45b177943dcc49c23ac4fc6
SHA11eb4ce4b9676db43784a11181315956a31af0f9b
SHA2565ac392a4cc18d8953bf492d7e63cabb15809fb861a935817d17f538dd2f7813b
SHA512cd17372e79f7a8dc8e552ce15e2a38828ccaee375c1b11270941b7ef8e2b584673150a315d0f75d7485347786e43541cb982d647f2daa2ab20ddf3d7bcfa0f05
-
Filesize
16KB
MD57f294a6b8299e4c8ef257c83ae1bd328
SHA15d43369d3e62325cccb4d850863bf4249da78879
SHA2569935f517ee67dbc3bfdba0e26992be6cdc2510987f1b3afdd73ac50126bc0282
SHA5121e6e8a06f04f1025a57c11728e2c4ec520b90b7e60d423b10b03c1593105fcf15d4e21b0c567c41f2c568e81df97c24c9346a58fa72f69ba87e55d3e1f7a70bd
-
Filesize
512B
MD54283f4572bdb3a615e082fd623e5206d
SHA10dcbcff05fe46b29c9e3528cceb6c9211208e317
SHA256de94a470ceccd984c15de54f75eb1f6e549f3880b94429bcf42bdb2465d53e60
SHA512945d9a58ea4395c66faa6b6561a3c12ee3c521b442d035d21713c7cc533ec28b1c7c5ee058aa32cd1a64df8e44bbae2085de8c6bf386908e8d975e95a26cfc6b
-
Filesize
36KB
MD5cbc30d01642379af9f713f1ab5e66294
SHA1adf14e5104eed4003ff15361aa5b47d0f6ec6b3f
SHA256d2413c8a99d1a2879b6feb14ba13e305ce3723f47af5b1a27d8e646ccd2b8aa3
SHA512cadeb4d792c8cba8f5152d1784a7eb7d952b63080fd3689a7dd89138cbe66f3d8e64bffca37b52f36a370da2471eb04465a6c9ccb24ab3f29efabd8b3a497ba2
-
Filesize
4KB
MD5e59f819231475929415dbe09d5ab41a1
SHA10ca95182a628b7abc2a3b8599ba5c89e8c8c1687
SHA256fd8ebca0e1c6f1e6d4fabbaaa6efe5e8d6c031d6b8e5d5e20fb4d813ae2140f1
SHA5129aae24aae5a9dc725fd87d5c617311c951dda648c09d136aa4fab79ff9ae8b0c0ecebf63ab25157445a14f5981039fd22eb0b3d76e9909698377a693c636cb70
-
Filesize
4KB
MD59010ff7c7d8922c9bb1dcf6f252090b0
SHA1a696e3aa037235bf4355876c31fd30b94072da6f
SHA25653d1ff8e507d367cb805c6bde5e2795a0d902562d4a819a293212d64447274de
SHA512ced6f3fc595d2c74e9dc580be3583dff643115496c9b05d3ee65069d75bdaccdeb26bce6c32cb9b0250ed08e1bbfac546ee456ccdf05e4da5e17b3e28f797595
-
Filesize
4KB
MD56b40f5fe78ff26d71cef84239bcd92f2
SHA1633057fcecb2f39d22d3d50a9932534525d48d58
SHA2563856c2785bb081905bbc229b7862f293af35869ac893cb73b72bbd8a85fa4c64
SHA5125483505df30e157a03361319b1d4ede173df5f5e953150a8d2826becb449ffaaffc223b787f0be5ed82aebf2bce2943f90e20f7e7a52b152fe8ea1302a2699b2
-
Filesize
4KB
MD57ee872999571e0a0f232d5dc246919de
SHA1f04e4fe3fbbce36349609ff8872bc36d22fe0934
SHA25698275ca21bb4eca11daffcad7661f404c8b954e187276cf8a9048099da66bd17
SHA512ba4ad33b0cac1aafd39a9b6c39afb341f81120a3cb855bd0f49cbc3c3b5a48ce7f7d973d75cbc48681b3d539407a34119af37c62fa89ec2e950f90848c89623a
-
Filesize
4KB
MD5ace8d6351f6a5ca4882b682833be3329
SHA142b9c0f3325bd8cb45e86bdfbad2c68d26b26fba
SHA256578a9b8437a41b59d9e57199cfdda7a0a418b49b4f71b13dcce5d809b82396ae
SHA512a1f182f88ff03edb45dcb1d3adf0143b89894de323d668a27e96aa75d18a210c10e8bea5da5e52d7a43951cc02bc48d8107eade224fbe19e1adaf981b3e3ebbf
-
/data/data/com.spocky.projengmenu/files/.com.google.firebase.crashlytics.files.v2:com.spocky.projengmenu/com.crashlytics.settings.json
Filesize718B
MD515a7d17fc7e17487fa36adca48a40ced
SHA1637d9d966235cd8c6760360b2f57557489caa283
SHA256ca73dba3c7548aa36d4516c03ce71f749cb14261b1f1e24fac95a3cc775512b5
SHA512142701e4a34adc5268812e0c55fc06ebbb60fc86affe9b7da790ef33ee39284e8da4f976fdfe6e36be99212fba6b659da3b89ea8ca2dea043ce7fde93379a7c1
-
/data/data/com.spocky.projengmenu/files/.com.google.firebase.crashlytics.files.v2:com.spocky.projengmenu/open-sessions/665E688602D3000110B41B972808A581/report
Filesize737B
MD58bf2b4c4e06a55b5dfd9bcdd4e9bb954
SHA132bc193c6e49bd9855f71af5366021ff32d85036
SHA256dcfe0cd1db5f0f2456a57ce382ada788eeabd58ee57da44706f4678090301588
SHA5125c8c051bac5553453fbac44b7ff23b7c2b022f0def3cfe02ee31921bfd90a6d768334e9e41ddbbb48a22250927a9627ca30a2534fa271cfe9dafc9b4a56dab26
-
/data/data/com.spocky.projengmenu/files/.com.google.firebase.crashlytics.files.v2:com.spocky.projengmenu/open-sessions/665E688602D3000110B41B972808A581/userlog
Filesize252B
MD51888c4c954349e5b51a46eae6999fac5
SHA17c7340383e7dacf9c8c1b701ab9f16e0489ee5a9
SHA2563ebf9f39dbc218c99aba68b5e630a82c3f21cebef87be8aa6750fc1ecc206410
SHA512c8500c887ca1e044952ea3a2c84482e4b65089013d4b56da92e6e79e0e660a256001d9a98d82e0c63c05b6a391834bbb76b0c1151b7bf083b862d9fdd9b12ac4
-
/data/data/com.spocky.projengmenu/files/.com.google.firebase.crashlytics.files.v2:com.spocky.projengmenu/open-sessions/665E688602D3000110B41B972808A581/userlog.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
Filesize
90B
MD501dbd2bc841a43b8ce8ea6655fc625bd
SHA18f73883423892df6b33df0367a53977f4dc0afb7
SHA256c8a19d188f589687fd4326f8caaaa801343d0c0d443c3bde2c9b6c9262664ca5
SHA51274dd633567fb0faf861b1a67e4ed3c42905e0480eaa820fc3fafde2e798ce8fdb4ac72ff0532a530b5e5a4ebf1236ae4e6f69f473d11b9604626403b0b24339e
-
Filesize
561B
MD50c62f735148cf722dbe3e52b1467401f
SHA164ed3978ab3e3ecd4cbce8980dd2dacddd0130bc
SHA256802702cdc4676f532b80ee6d3e74e0933134a70684dcc0a56c3f5461674573ea
SHA512f2fd8769a8b7af3b7733bfa743923a04fa2ccd6550f4db956bf3075afc31bb8875880c444ebde3cf0e9609d3679e4198449e29f85418ccf3a3c6d25c769200e5
-
Filesize
24B
MD5458367513727eb7085ae6bac486c52c8
SHA15149e2e342aca611916bb3731c1ded39a17b5420
SHA25671ae47ef5a07c244f75b92b1593acc7a427e2a51094e3f5a203c4207fa15e4f7
SHA512ad02660e7fb3150ba645a651d28d0e039b9a266327555006ba3b4efba28126b890a6199e40b0b7112a02e0908bb1574fee32f72f580b3aa8a6cca06a6958523e
-
Filesize
8B
MD559e29b5d0ac30d8ec67a0c67deb817f1
SHA172193ce883a530f23bc74b6fe7a3b92abb7c6fe9
SHA256b6ce0de33fe26057d8e576002a5e3ac858786fac9bd4f9d3285077a3a4ac5463
SHA512e271d252bbed70c2133a2fe8079bbf6abee52b1e6d3b104dc8556b120724a29d7bd271c9d4879c4c169e56e812c4e40a0ed5643a834d4415c27716e1d8ac792d
-
Filesize
8KB
MD560c98ba72a4e6cf18e8dfcb210b08330
SHA114dd92cf2b3dd293beb090472f26b512a85269fd
SHA256e10279a4a2b1045f105082d1f0d8b5a23494dcf4d822c8ea06cc5b9bf4a75ff0
SHA51200e0ddc10d435c1c30cc9e03cbc5bde3566c577cb423889906dce7bfecf9f9f8e8be885f25cb9179e9b73830714b6c806ab3fe9b0401e18c2ac005deda60ff2b
-
Filesize
13KB
MD5b5cfaf19b0330ab9b0f0e3d5e881f11c
SHA13644b00f10d94f87c32d5b10f9db86ab4477ea36
SHA25664672ed9b5ce529c2cc597be1a8320e040c9fa1c64e4daf3b0166c3b9c1df777
SHA512594dd3ce3b9b51193e813229ba5d3cfb379210535d60da9a5c9dbd765fa3ef78ca049b575aa0619d8989f9784613fc3499e63ded8df4ce89127d27c5b9e81a54