Analysis

  • max time kernel
    42s
  • max time network
    171s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240603-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240603-enlocale:en-usos:android-13-x64system
  • submitted
    04-06-2024 01:05

General

  • Target

    Projectivy Launcher_4.24_Apkpure.apk

  • Size

    7.4MB

  • MD5

    d1059c732fa38ef45654c31d9cb55bc1

  • SHA1

    7ffd616f00aa96e1285f2c9de5f4bcb75e9ceff0

  • SHA256

    3b5f88556f295dd725d74a9e322e31545436cb5ba6d39c2e75d289462c63d125

  • SHA512

    f583351458f7688f71a73144c05c383db03bb324c77df3b742df5461ee4974b4f1a6869569897c50eadc2227288b513dd931f301f36fd3ace1c3bf5bf2357842

  • SSDEEP

    98304:JPfTtT9UH/U1oHN562aoGMpOOCxpPc/ZDc7shvbSA+ORKSTCdi0rmm8x+Pv:lTx9UH/WeXaeCxpPcDw8+ORKsW8x+X

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

  • Loads dropped Dex/Jar 1 TTPs 4 IoCs

    Runs executable file dropped to the device during analysis.

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Checks if the internet connection is available 1 TTPs 1 IoCs
  • Reads information about phone network operator. 1 TTPs
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

Processes

  • com.spocky.projengmenu
    1⤵
    • Checks if the Android device is rooted.
    • Checks memory information
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Checks if the internet connection is available
    • Schedules tasks to execute at a specified time
    PID:4201

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.spocky.projengmenu/databases/com.google.android.datatransport.events

    Filesize

    56KB

    MD5

    25a76461e49cfa2d484ce85ffd0c5065

    SHA1

    6637254d3b788459e49fa1ee511ed2ee4dcf12f5

    SHA256

    4838c217c3b38de6b1d300dd4aae897a6a92389e2dc1594c4b4092dccfdf802e

    SHA512

    19b8455c5c2a1e5f215eab4b8caf7da95f68b0c1a615c970ba64006d7124bebfebe0917a0887d1341d373a0db89f134e5f61aea113d05e5c9b8a1d9c2e6ca5b8

  • /data/data/com.spocky.projengmenu/databases/com.google.android.datatransport.events-journal

    Filesize

    24KB

    MD5

    d6995bd170dfc49f5c5b7afc007f5a9f

    SHA1

    df4aa5cf8130421458a341e9da9a291182850f55

    SHA256

    105ae94c7c5516a1c0c9d27d72ed83f55625af4faef3022cc8731fdfa7f27c5e

    SHA512

    3028ffeb409ccf51ee70a648e6592fb882da2a646f93dd5314b79d83b839e71087c63ea839947b0a34decfabb9e0050b7036e8a5a804545f139c8f5b16d230e6

  • /data/data/com.spocky.projengmenu/databases/com.google.android.datatransport.events-journal

    Filesize

    16KB

    MD5

    aa44894bfc25b556a256d9d5d3026d5a

    SHA1

    f6dd48b38dfae4925b7d3aa1443b823ce3ec93b4

    SHA256

    28ec65764218fed3393f2cc5e9293a58f338625d12a3d8363d69f533b940429c

    SHA512

    2b383896a9f4b41ac3f7d8c7a6fb63bd52cc2edaf0e9c3083145141b489b409b89482fc9732a451270a8b2bce9846b21ab081e8c374882d0258b9923b8ce87f0

  • /data/data/com.spocky.projengmenu/databases/com.google.android.datatransport.events-journal

    Filesize

    20KB

    MD5

    e7cd5ea9a0fb5c29c0bfe22bd5c4758c

    SHA1

    1f6bc66d1448ceeef990d5986eabf33d38cafb63

    SHA256

    d75c80a9ea0b6e880ffd18da4ff18ea6014c257712de09278b0e72d2abb7d9cd

    SHA512

    4b7e7fe7a877f7e38e2a17ab760df2b5eda65ca9ece76b11e1a9f8a15ff8473d9a6f664d1048f05b5cec571348eb08919aabd2500c9d3bbc340d5a9c7e06653b

  • /data/data/com.spocky.projengmenu/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    5390d2f2a3272ebe5f70606e4b7342b8

    SHA1

    22ccfc963375ba8d8fe1ee6c451b0474f4764157

    SHA256

    94a18260fb10ff9896af7b89b8317f64f3a3a9119fae24e829d4b0f38457969b

    SHA512

    fc7ef8b9383c50902f89e75e3846f51d45035600389c8d43bb3a008f6fd3de42281aca276f44a9772af153cf6dbc556928056e96493838254189ccdef14e13dd

  • /data/data/com.spocky.projengmenu/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    d26cdee2ee7947e8eb508ae9ac69f7d8

    SHA1

    df3fe4903f0288bc504cfeb2084487353dfea982

    SHA256

    236bbcde664d3f61289da666767fd7a9b91ce9202f817c90f5cdcd824c8a6f13

    SHA512

    6785beab10f350824f9436906d5585e5ee45a2287c0a5f1c6c15bfe903e5520d9cf8cf82f519d979c7d1a1797b28eac095b71f606763207c4331509f6bc9f759

  • /data/data/com.spocky.projengmenu/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    62900422672e3f5ddb6118471cb3dcf2

    SHA1

    9783d560f224b82c6fcf315fa026cf3790d038ad

    SHA256

    6f42026b48fb30eecc36afc40f924c9c8ada9064fcf545d2d33f9a21f24074f0

    SHA512

    6b4b8a337f07bc7e00ba0e7e9498dd7f4bbc0066ea64d4d4e13f66d23c1d423219bcffda75e4ac36087caa9c08a60bc3999ebf8d8c08c865df6642604844b75d

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    62ad4a05cbdca7f47b3206b7dbda487f

    SHA1

    4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

    SHA256

    18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

    SHA512

    0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    0a4551b99041a7dc1482d5361adfc84d

    SHA1

    5aa4b7027e4b5c98192ae301af697beef9ba37c5

    SHA256

    4dfe209e46518e9dd3ae6fe714e26633bfe163beddccc78ded5af9b1b97ffb6b

    SHA512

    4147bf730aebd967ac1a7570b5127c5239b8c1c7130f08a9b721b3a7011066ffeae38a5e88cc752b7d99946da64f2474b38ec482a3495c6d6bf67325d114dff2

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    0a3e41892c589d97aeec8a1d46053496

    SHA1

    b1a277cb3426bd503d064a8d854903fa1313e75f

    SHA256

    a74840377f5a413b952ea25f25a3fe1846f10e8333509568920852194eaa9233

    SHA512

    460c40a69efa9622382d901810eaec1518af05ff2c902b7f64043625ea076c245cd8362e0b05c1e43f52fb558e6e7fc45c6115aeabae8254232494e8947580d8

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    7fa4991c22d700e043937bb8b12d7826

    SHA1

    4d33dfc295fab5315891a2bc34801f52fe6442b0

    SHA256

    dc41a0090c0a44aafb63681fc164dc17afd4768012accb4d0284c884bafe1996

    SHA512

    e23a164946f02ec83e7caf5472573c3603fa2ba0dfe64b47435d4652d7ee7c736aeb4bba5ce53974f29514dd14923532893220bcb5ac8080d746403670ca04d6

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    a2cc20878c4d2964ddb380352b684618

    SHA1

    01614fab2b3a0caf28480f3a84ba1b4b314f1dd6

    SHA256

    0a69463f778028f1d7b96a29e60312ace8b7fb4194337715073b0989f4c4f4a2

    SHA512

    f92ab4d2710e04f3189b8ba775c9c3f6304b7e6492854319f782bfff5f05ef46be5c511c7eec655c0cef8f1182cceed2c1be982aab93f35f9bb9cbed910b2b0e

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    9c0dcbe59591ac788ef15d0a6c45311a

    SHA1

    b7338538f96f07ccb28fa80607e04bde8b9aee1f

    SHA256

    857f0fdca906ea71dfadecaae50a15bd84a22e19d65ae661a6937179c395fad7

    SHA512

    a25571204ec1a129ad4fd3c839af3b99d972e9252ef7d80c8e6b9572c050168dccd797e888cb8ce5b10585a78e85dabb3d60f217e5ccbd36094403b8e9b6a217

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    3ddf6254193fe2eab662f465dffe476f

    SHA1

    483b81a4f69205274ccfd8966fce03246980f8b1

    SHA256

    e80336caadcc61ebbcb730b3e139ebd2470f7629bf93f2e2b6ad3750614eb571

    SHA512

    b5728f81a7fa1f73c5e23f8e9e04eec3224bfc3517639316effa73f25788cabe048ad9a94d5042bf3dddbea507be724f6a5b8c54a0bdb422d27e349d521c4eac

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    c5d28ec8e513d5b90dde571fb0845e00

    SHA1

    5210cbe0db264d48bb98e09f094b3361c4f7b1ec

    SHA256

    0f526147403b6a5dacdf1dab58a2390f1871dcecf12d82028f2071b75d928bef

    SHA512

    f22bcf413898df0ab362c4043d2c80f12c23a8243407cf5cb4faf3a69201b72a9b185dffd32beebfc4a853f9955f497ea958fb57c0b525d29e12f83a180819cf

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db-journal

    Filesize

    4KB

    MD5

    6a44e4200e3000c273a24ffd6b0444c1

    SHA1

    50820d3a6121bed9b8b807f178dbfdc9f582b8c5

    SHA256

    e6e5153ee913dbf05d0d385ec58aef29365f658c77d5aba395e07690cb378161

    SHA512

    2ae13e62ac4e7947bc0403cbcbc5b478591810a498259f90a5024d81f77e77b92f482586915bc0d4a966c417c1b92571852f152682a5a5cd1564db7d624d5aae

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    b2fc60cce59bba0ca7377aa194017e58

    SHA1

    1cdd66fa4f0df5ff4f1cc8d90dc33693afcba270

    SHA256

    32ba488c525df3faac0317d18e412b875c330bd80b691586ff6f3171190283f3

    SHA512

    f850bb65cee7276b1e1127607256128ed14ea0b6543d6fb370f9bb3ca70b4c9c3c74b2d2dab5c79d246f20f01cd349d17ba39cb437bf1925a99cb6502f519e24

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    382a4742a6e5e06d921cb501640a8341

    SHA1

    ecd62a4a7bcf7a62cb9d63ba3556e8bf9916510a

    SHA256

    6f7fc95698d33720e72f63d524fd8d588127b2ddd6d377391bf5c81f35c2a577

    SHA512

    a3c25e4105ac5e7fd6734e59a05cc6cd2491ecb7d6541c9ad1b99a65cdc288bfbfa780517a0b47039efddc0db47fc313458a1140a9f31bf52e30dc62d01c5a1d

  • /data/data/com.spocky.projengmenu/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    05876ee2046b21c6263cd24b1dcad7c8

    SHA1

    0f183a19a32d3470eb2a043bd20b426566c5e6f9

    SHA256

    ac82e0f5b3743bd25c69e2a9eddfd0c5e8e3592192156d9598bd6c0264ca17ab

    SHA512

    e58efa38d75cfc7f28a2e4d7001543d6ef362032e94316b43c78afd431f2676f5205b573877022f1b944b48f420d43e8152a90bce98807c44e6f8899e9896b51

  • /data/data/com.spocky.projengmenu/files/.com.google.firebase.crashlytics.files.v2:com.spocky.projengmenu/com.crashlytics.settings.json

    Filesize

    718B

    MD5

    5b333ba4a50a438418a43b74da116bcd

    SHA1

    c43c0a358b1a4a04458eea49f174221312630130

    SHA256

    47a96bcfaca205efcb3bdf67b30dea21359a1ee0d7a0042415784166f39a9c30

    SHA512

    09157545df4a7eb6927de0ce18d1433c06f8e090ed982e0e0d98acd4f23c9c2a6e32069c1957c13515af035a7e5b85e112651ab6b5382ddb215c7af1b8b767f9

  • /data/data/com.spocky.projengmenu/files/.com.google.firebase.crashlytics.files.v2:com.spocky.projengmenu/open-sessions/665E688901CD0001106972CB2A0968A2/report

    Filesize

    739B

    MD5

    97cb49d3a225cf079700a558442113b3

    SHA1

    e0f0acb2e4292a8dac5ed0ec79f23da8504071e8

    SHA256

    6c604abd814961af5835593777f0a1adb32e861c0bb627fd6c1e35e66af58aba

    SHA512

    3fbe213de7cd87c7111157f42166ec773cfd35e26e54117576ed96a234737d7968e6e5db4e4c4bfa4c0255b6fb0ce89bd4542779f7564bd4832f078b3e622837

  • /data/data/com.spocky.projengmenu/files/.com.google.firebase.crashlytics.files.v2:com.spocky.projengmenu/open-sessions/665E688901CD0001106972CB2A0968A2/userlog

    Filesize

    253B

    MD5

    7862688a006fd6aa863ba307d6f8e0e7

    SHA1

    80780ee9fa5b891bdd1bcd2b24c16f9508db799b

    SHA256

    9ac304dbe5fc50b0b8a73ad3a54745d7dc255ea59e169ffecc95c738f5c2d5f9

    SHA512

    bddd127eabe89f0f8eb44a85306278175be54d9d957edec8ccf5339ff92d71ecdf601328c26def8a768df739c82cd8cf415b57e423d09363b7cc4d1088e94f8f

  • /data/data/com.spocky.projengmenu/files/.com.google.firebase.crashlytics.files.v2:com.spocky.projengmenu/open-sessions/665E688901CD0001106972CB2A0968A2/userlog.tmp

    Filesize

    16B

    MD5

    c33583fae4e0b61cde1c5b9227963237

    SHA1

    fe2ebe4d27469af1460f7e852031a04208ef629b

    SHA256

    35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

    SHA512

    fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

  • /data/data/com.spocky.projengmenu/files/PersistedInstallation1721926400920885471tmp

    Filesize

    90B

    MD5

    f18f6a2155ec36ba3ce0dfc06f7f16c5

    SHA1

    167726e1279e537ac47f9d24a11378539051649f

    SHA256

    a80ce39b27bbe65a542b5694a124666b369972d66ff5d455199eaacddc55b489

    SHA512

    24bb07c3415935919ed36ba48415ba70794ca3866a6823c17a366af9aad30dba5368b97451aaa07022269ff1106303022fa09c67b9752a091028b7bc26a4a935

  • /data/data/com.spocky.projengmenu/files/PersistedInstallation3330492359180071911tmp

    Filesize

    561B

    MD5

    4dbf3a94144a0d24c768229208591d7e

    SHA1

    4ac7bec1f148312c9496ce448fdcb0b3fe3a14d4

    SHA256

    b57f232207a5b11565d71c0f449f3f9e49cb977c426a64a27570f2426e996664

    SHA512

    b00ef3bfda6c4c638809521c849bd54114d551d618b033d7072beb276c586b1df7f929e06fa4ce1389e10650df805fbeb85f6f48a1d95b8eda7a4b3207c0bf08

  • /data/data/com.spocky.projengmenu/files/profileInstalled

    Filesize

    24B

    MD5

    7557707dc2c2c6130cafdc23fee4ccba

    SHA1

    7074f8c7321b37e6ae080e419f61d17807d77e04

    SHA256

    4a28289cca0642af0ef0219dc8f833c810d2f278f5bc28a5766dcca4a50fb283

    SHA512

    767a656058008b0aec8912de44d8ef09035e8cebcb88b01a6dbc39160a8afe7331fef0c3366e6be89d7171a6b3d28f3d240ab1fceea856a665a0a4373744d415

  • /data/data/com.spocky.projengmenu/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    53b5ef76bb9ec77d02cde756c5199efb

    SHA1

    f38e95c3591491cc3af763613c4147907b67549a

    SHA256

    cd6b60217438707d829dccd51b158c118d519be35a8648c18afb2a019a349312

    SHA512

    1b5332f7c62a2e054d9abd04f26a3117633b3403deaafe973d6af236b54f4f762ab3b8f7264007534ee4266714a7f33a069e1a8504cd8dca5f6950b042978acc

  • /data/misc/profiles/cur/0/com.spocky.projengmenu/primary.prof

    Filesize

    8KB

    MD5

    8452f04c34f9d7d7678a8fb17a3a864b

    SHA1

    b17d6c205d496f8f6b0558ba9136ccce1f51fcd4

    SHA256

    cb2db9d88ee84ea4372f366474b6dc461a788d63ac8d9c9dba1ceae82c6ef1c9

    SHA512

    5c0a7af1db451cdd7f99a7aa7834dcb9d58cad2272c547011a46dc889b72b6fa8d0cb24d0819fdd1699c18a6d2e1b7c25349e3a13c47f92dff22c941184526ab

  • /system_ext/framework/androidx.window.extensions.jar

    Filesize

    123KB

    MD5

    3056e1bdb7d4e19789d0319eff484bd0

    SHA1

    6791ae47aa9466fe0bca27ad6643f846853bbee4

    SHA256

    8e6331a07c9f2ac139214c527dcaff2c82d126bbe7bd3420cdc36d6a8c9204b0

    SHA512

    c790980fd68d9f89e32743bc28846807d5e5947c555f494de47714dec5cbd0c08d81c3260fa463759d1b17a953af3c44ec30b14fb08bf6b29db3837346c9f658

  • /system_ext/framework/androidx.window.sidecar.jar

    Filesize

    25KB

    MD5

    29469324e59dfcc052f24b5af4e7b2c4

    SHA1

    10c1e17ac6f598037bb51baa07945663645de4eb

    SHA256

    9195dc6a1c75a841384050240dfc972e48178964993fba6619788625f4b40d1a

    SHA512

    5e27c2b1431369a248298f2f749136a575005584f9999f2a4c204a0c47adce2e33c8df9f058bdafa1bde1c99e46d175560cedfcddcd8581718ed1d9973c37cc2