541b88c7074a33a017a3622118a57cdc74fb212f095de45daa765cbfb13001fd

Analysis

max time kernel
89s
max time network
1811s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
01-08-2024 21:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

necta-launcher-1-6-1.apk
Size

7.4MB
MD5

10bf3dcfba1ce34e08712b32ca33ba23
SHA1

fbae25a113711734de3db7436d5bd4a7ac45d12c
SHA256

541b88c7074a33a017a3622118a57cdc74fb212f095de45daa765cbfb13001fd
SHA512

678e3dcd0a4c9d6bc0c7ba991c374e12d2768d799ed8cf5c355a7b65a0746383952c6a7dcdc1c3fc9878bbe0a6bb12fcd8a283806b03365536441dfc36c0c2d3
SSDEEP

196608:KLjq/SJqOaTJi1fA7w2ZZ6pTFDYFsLO6VhZBsxQpOvC:wjWataTJOY7w2z6DYFsLOQZBsxQpOvC

Score

7^/10

collection discovery evasion impact

Malware Config

Signatures

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.necta.launcher

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/contacts	com.necta.launcher

Reads the content of the call log. 1 TTPs 1 IoCs

collection

Call Log

T1636.002

description	ioc	Process
URI accessed for read	content://call_log/calls	com.necta.launcher

Requests cell location 2 TTPs 2 IoCs

Uses Android APIs to to get current cell location.

collection discovery evasion

Location Tracking

T1430

Geofencing

T1627.001

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.necta.launcher
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.necta.launcher

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.necta.launcher

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.necta.launcher

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.necta.launcher

com.necta.launcher
1⤵
- Queries information about the current nearby Wi-Fi networks
- Reads the contacts stored on the device.
- Reads the content of the call log.
- Requests cell location
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Uses Crypto APIs (Might try to encrypt user data)
PID:4513

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Credential Access

Discovery

Location Tracking

T1430

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Protected User Data

T1636

Call Log

T1636.002

Contact List

T1636.003

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.necta.launcher/databases/hmdb

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/user/0/com.necta.launcher/databases/hmdb-journal

Filesize
512B

MD5
cd21602b9f0a02e12348a04340ae6a8e

SHA1
0b36b3d79a635984851e6ccb6c59991079d5bd76

SHA256
61d30bda2f2be785bd8d4a3bc8390f4df844d797fc7573eff3835fdde3d015ae

SHA512
9139030cdafedfbd976ee7017a6298c6bb1e1f264241d65d5a367e3444f1e4d8e2e8a6d307285c718042dae36cba82574c1c7e0c3cbd767a1dc144db5b786673

Download Submit
/data/user/0/com.necta.launcher/databases/hmdb-journal

Filesize
8KB

MD5
df3c05aca6c4da2cd1fd727fce40f148

SHA1
259f08ae3150c3100e7d79c946e339ee1ebec711

SHA256
57968fe2e45759866487a2a9b19064a4fa2b7c455c055705d8da10f7a2ef55ae

SHA512
4e56665b95b778a0bd5cb9bd2445145943b92f0fde5371ccd49b22bdd01da4295fabcaa4c5f9e98d2d4f7957445a3bb3ea18ea907f6c522e648758de261b3b2b

Download Submit
/data/user/0/com.necta.launcher/databases/launcher2-db

Filesize
24KB

MD5
02aa82dd6943fcc1ef81851af9503c5b

SHA1
07b5a7359503a94d22dc5a6c57f7fa41b32c4c34

SHA256
689e8e4ea488172921a3963ffe66fb63b5f56d3498b58ef2c260260f5a321471

SHA512
16fdc1464a2f5e95169e825fa754b40c9f75f9c7fc7d72cfee81ccae1411aa07e8a95f0481a6f5c7bb69e615a6f98dce2883a43e856afe675333d10b773fb0e9

Download Submit
/data/user/0/com.necta.launcher/databases/launcher2-db-journal

Filesize
8KB

MD5
05cff60c4bb471faea0c69f29fdbfa3c

SHA1
d455a5620227a1db93b5be5a182e67fa92726ead

SHA256
43fa622896f1eea5f032575481a027e25fd0ac7c248d8de41cb85cb4e14605c2

SHA512
020608ebc295b1421578882ef1c0f3199c23ba941577a09fac3d2e4a26723a26f2919a492f02e0aa09e78c879b71db7de93bca7c21afb6767e6d8649c27e2114

Download Submit
/data/user/0/com.necta.launcher/databases/launcher2-db-journal

Filesize
12KB

MD5
eb8937a103e8c336a79aea9c905bb86d

SHA1
1f0d67b846da7e6e544bd6bd8c8e0476c005c531

SHA256
d6901699226d9483087dfc10dd31a4668c6377cbe6728b6a1a69c5366057ff75

SHA512
5b1f511195e29c5f6e1f11d51fc8ee24cdc76bd2db9dc35f67bde34caf74842448cc659ff66cc0b45301366ed69fd10e882afa06ebf6f8bed11f164ab6b9987c

Download Submit
/data/user/0/com.necta.launcher/databases/launcher2-db-journal

Filesize
12KB

MD5
23eab9da0563912ecb7e025f8a684d8e

SHA1
e72adaa1153d16f1e88b693795c9a3023a7051d0

SHA256
2f90ede0fb995d1ddfeedaaf23ff432a0d6df9b58b1c49307b6db947d5fd1415

SHA512
34f7bc44eea71f46f821bcfbbe56b20c90786cf3373cad05d67a08d5bc796308aaed7c814e85d87daf82d587f57af28642b02b7b06008a2864cc2f1d3e8ead51

Download Submit
/data/user/0/com.necta.launcher/databases/launcher2-db-journal

Filesize
512B

MD5
8fb842ec905fa5aa03f7c6180c33b7cd

SHA1
4b45f094ec8e76a0569e89e73fbe8d34266a4a6a

SHA256
e2cc106aba6eb435690c80d773123cee478a02b48a6f68f199ac7f3f10951134

SHA512
7d40d073eb7d176b1371d8391d9c76af5aa9075ccde3632a5c54053cb04132e1eb910b734bbfdb3bbd949ad3b0e2e736a9388ecd702e0ec7244b6747ba7115cf

Download Submit
/data/user/0/com.necta.launcher/databases/launcher2-db-journal

Filesize
8KB

MD5
56db98fef950973415586d966c85e195

SHA1
50c48740dfc5138422a53d37bd724f6eec4c7f1b

SHA256
e4a8e8433e408dd79d45872ea634fc56325546bbf67e69c2e4a2f45e7ef165c6

SHA512
8622bc9ac1a2935d28186280220742bd8d20d4420488ba80c0cc5d5f9e32fade3ef9a1c0f8afc85f4effaa4a0763b4d08110a6c08c8e364906571f664531e638

Download Submit
/data/user/0/com.necta.launcher/databases/launcher2-db-journal

Filesize
8KB

MD5
ba27d868becd6874aaa67d6867acf0b0

SHA1
664b297770201453bfad998f48e6038a06dbe262

SHA256
2ae638578f8e04b394ec4714026be6d72af59e1f1944d5915fd1f53aba664327

SHA512
0276544f3ab7305989df1bc8d65be7e1b7efa347c6442f372479a29954eefcd511ffbdfbcd1043c22dc446388d2c03cf762e8083b82898326af2e2c684e7dec2

Download Submit
/data/user/0/com.necta.launcher/databases/logdb.db

Filesize
20KB

MD5
c4e6e91f8424781973d49bef19329834

SHA1
b507196b46c6af679c004f9a5bb2dc1b319b10e4

SHA256
701ef9f1e84ce4dfb09181ce60c351bad0623bdf8f425aad4377cf1bdc70fc56

SHA512
85e9fd3489fcd273ef273125362b7d15cc50441108de48cb883085e143aea0f22a665b8effcc93fddb081b1953531652cc39877b1e7b1a3e73acb152b9a8ae1a

Download Submit
/data/user/0/com.necta.launcher/databases/logdb.db

Filesize
36KB

MD5
3565a47c51d36161e23e969e572aaab0

SHA1
623cf5ba89b15c26c5e8430aae05164a4f1153d6

SHA256
9289b32ad16aad8e7e8a255cd4033ea6d0e64c09ef8c0a808038ba7b1f51c0e8

SHA512
e13e2a6a91aca8edeeda5bc319ee210c44f0c74277894b54c0627b19284fc37b6299817d2ff126cd1443b5bf6c300773adcc659b7943b14461b9ec3de93a0447

Download Submit
/data/user/0/com.necta.launcher/databases/logdb.db

Filesize
28KB

MD5
127f5a3da024274882ddff52e90b83e2

SHA1
4619105f701d889e8dae52ace722c0dfc9ca61b9

SHA256
50148b17a21278f9f8a9d151b4d882a16a3dad07188edf2ae2491f74938e11e4

SHA512
4f27bda26400fe2817b5905e428574cabda98df31c851e3288fcae866b1ad7f8982dea020314dd04be00794da9c06c6e0c9c942c60eb42812b7a24aa679ed1bf

Download Submit
/data/user/0/com.necta.launcher/databases/logdb.db

Filesize
28KB

MD5
29a08f44b9e05033fd47c097949c2537

SHA1
339218d5a6d036e744517a2502c692fa728f28f7

SHA256
449f634a4851fc8b8be1fe25ec520673a1f62091b85b62f2456800b8fca6d9d4

SHA512
0d1aa0200309fb7cfc7e88a6688eea5008e11c99c92f89c4169d5c8408a3f4f9abc7623e569a1faa0666ba43a6786788955e052bb5dad30f9d975ac1927d2d7c

Download Submit
/data/user/0/com.necta.launcher/databases/logdb.db

Filesize
36KB

MD5
a925951bbef27a9ea507f847a6ceaad7

SHA1
34b73ba1b11a2423198826f820fe87a1b8cc13b6

SHA256
1dd2d23b7c64bde28175205a16f99abac0aa5938d31812c095234defbd1f917b

SHA512
4ce18802068f8549fae1d3c594423476753deb776c57acf8ddbacb47360db50c922452db037b3c2d852f28147781c6532a141e9cfae51772b96958825e7ce5cf

Download Submit
/data/user/0/com.necta.launcher/databases/logdb.db-journal

Filesize
12KB

MD5
ac468c57f3d8d209644b60431e32d56f

SHA1
3e1fcc5249416a981c80197e9362de72b90cc54f

SHA256
c7f75901e11012c5e069b20915d5f345ae045cda65e33d8dac495f18188bbb8b

SHA512
190dc377040ac508f63f6cfd6adb1fdfc70cb7e89d7cd97231f7ce705d340458c10dc90a0e7cf0c8df21b9e4ac2125855cb78bcdd89503fad8bb1835edc1777d

Download Submit
/data/user/0/com.necta.launcher/databases/logdb.db-journal

Filesize
12KB

MD5
9bfbe17a95c5dd5ff58cc2bb15ef13eb

SHA1
6b53b31786b15ebfb9ff76606ec6adda14c001ab

SHA256
6ad566fececc6931bfa5510a6ca8d9bea47569611e66d0931e4efd5917c2444e

SHA512
84ee8c2b09a3a78a793865cfd3024b95762f1621ea27510d956d36c41c86d16e3e633a3fe9882b876e334f18d98d857962ea8933e255cf16e4c7b589b4064629

Download Submit
/data/user/0/com.necta.launcher/databases/logdb.db-journal

Filesize
512B

MD5
4fe927c4bffa74e7436c77246759f8c7

SHA1
290f89e3f6f5c54ef74d2dfc90b402bb053b4412

SHA256
4e9db64860e50e50bb0a172e5f955a9e0b2f426bb076e6d22dda2668ac514ef9

SHA512
713372f0ca9ee7d7e734b11764689ac9f789b13ce8f609a4a08432fa84272013c53564ac619d502727fda123fef3b6bdaaa1119642d6631a094259e9eb9a5e93

Download Submit
/data/user/0/com.necta.launcher/databases/logdb.db-journal

Filesize
8KB

MD5
f0ee6e64b90ecc9e5202219d802cffb6

SHA1
6fbe93a743230598274ed72d7a1940b69e1a9041

SHA256
486ef87158c253c1f830ee195d7a7641ab0f2948bca9fb6e6c16c807b9654f44

SHA512
546f8e00787213e7473157c7c95f3e945ca3b3dd794dddf7345572823d787e4b6261ba2b3b913cde75dc83ac90b684b20c4e54b8dd8c82d720f3a610c9afceff

Download Submit
/data/user/0/com.necta.launcher/databases/logdb.db-journal

Filesize
8KB

MD5
1dcc181e69b960d8b75e3f212c72a405

SHA1
a5c5a48960dde85fbb76fdb761219f40542fa74d

SHA256
28fb1b89caeee2baef372b7eab215135435815eb45a471bd6fc6b1390dadac5c

SHA512
7319c42494f1c2ac08b8dd4a0ae68df58b778f79c1808c8ab1fe94e3897bf4aaa7a8fd09b8a00367ec6718c8d3ac429fe913a53d1f635a90fdd8a613e146d5c9

Download Submit
/data/user/0/com.necta.launcher/databases/logdb.db-journal

Filesize
12KB

MD5
67bd88bd4998a6aef21dd78f96e5b2b2

SHA1
fc0eec169ee5d87852a13cd9dce1cfc7fe23a98d

SHA256
c21c1d3be6e7a5bd9d91029a40457cfe5bdb561737a6138a58f9a2bfce61c204

SHA512
e4874a2569da15a42d87056e142b785865fac47e6195ada1f6c9ad8ffad62137bb3246d703fb0048e2cf02fbd38d0c8b71ffcf37358fa1250d16a169ab69f377

Download Submit
/data/user/0/com.necta.launcher/files/a/b/3f0f4bc4fc86d370c24c8b7af27275b7.0.tmp

Filesize
1KB

MD5
1cfbf94a878c411543c95430d0333e6d

SHA1
377d2e61c56203c64ad306196f20c56dbc10ace7

SHA256
2cbf629f8f7f24935955052e902e415067419d6fa36be1d2b16044e6e947deae

SHA512
e842412e713b53c19d50af58a7051e0578e9acff7f40237f8a0427bfc32e44296810e01ab0e774aa7f30f89f845e5e5e3fe04b8e68d560beab5f4a61e98a5287

Download Submit
/data/user/0/com.necta.launcher/files/a/b/8df87154b22e0db6024452be1136d4cc.0.tmp

Filesize
1KB

MD5
ced446970d99f52f6e4e59c5e03f7755

SHA1
051241d949993bb398124bb5894ff678ecc55a70

SHA256
88920efd050548126200bbfa5d198897075b896cafd52101b4c43e6a1c32966f

SHA512
639ce82f6ca2b8d37254e895716751ef1691f61bbaa3ff14db5d1b0ffa8790f697000a791f0d6b038ba466cdfb0864f6479ba014164afb708e3c430118855b2b

Download Submit
/data/user/0/com.necta.launcher/files/a/b/journal

Filesize
114B

MD5
95808c62463f2bfb79450a3e3d85ea1e

SHA1
4bc69761642f1d3ad3cc186c3c4d7a8edd626aeb

SHA256
0e01cb302410a5879c0db2f9bf8e468c55a19c58a47cd6ed7825665e17aefaef

SHA512
ba1bb4540246c1090e5abac3a4ad74cacb95b9c97624645e9fcafd8c079530de29b0180eaf282befc81fe087a31d8e13a80deeff5bcf5300608985498f4d8055

Download Submit
/data/user/0/com.necta.launcher/files/a/b/journal

Filesize
197B

MD5
7d48b645275e4165c179f0318471fa66

SHA1
1c8687b4c1cc950d8a7859c3883e1d4278b0e66f

SHA256
de73e63678a2a1fbea72ebd0874d0de9da5f09a0fae6998f8baa9614577fb670

SHA512
94ab14e146115e747ba83b425add4b3b65e77cea537477f875aea70e01af412714ef5f3602c913cc8df0b458e3dee71c304ff9dc3c90ca30c5c4aa1da5c089c5

Download Submit
/data/user/0/com.necta.launcher/files/a/b/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn.db

Filesize
24KB

MD5
c5e8d4c85a21533273f93f25450d7a56

SHA1
805e4946014eb874ce3a9bced9424b3d93e39de9

SHA256
caafaf42118ca215221eefecfe1ab40bc4df4a9e0e64ac81d88d0754e3a33b2d

SHA512
a434367e61920c99a72deb820a3055b2336274232d81ebf0c29a74f30210dd0b87be21e0137ce11863eee4edb88d325220d9e4e8400f3c92435cce4b5dd668e1

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn.db

Filesize
24KB

MD5
ae5bf49d7615b7e6bf23c00b64f0379c

SHA1
61c2d8513473cb06cd973f2c2028d2e2d5433648

SHA256
d9099377c3c59d998f6a181700d99198ddb446e024a552375047bb675565bddc

SHA512
a2f9b85e2bb14df5df4c04c4489b42ed09eac7d77cc6d8eaac4af6d7e5ef4c0a575e3dba2edf8bd5e8619e14c243bb173047984a50ac693c2829da42bb130c8d

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn.db-journal

Filesize
512B

MD5
dc9ae22b82256780bbf0c6ab8d284cd7

SHA1
2d61deb13ba1e3b2be5ec61e84f405015ca1e788

SHA256
9092d8d79900a58f8fef8803540cdacb59b7d727425c88577d9e7b70c9723066

SHA512
c7060f827b19e5571806ad722545e4ab9078f37c46307bf2ace4dceb139786c99a0b3c691c4376a7cb1fdefbf98e44ad696f9322c09f39e2d526f4a63eaaddb4

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn.db-journal

Filesize
8KB

MD5
3ec39430f8d61331f474bbec45de491a

SHA1
0d50c4f68abf32deddb67aac2ffd43366790e9ab

SHA256
dc671863fa8eeb791fd0bf6f9639632a0a82b9b8a465040f8b538ce8f3760170

SHA512
274387c4704592a054b709cf5c77d6e233a3b3ee9242db22c4a25af5fce2f32070c4e33582e87c849622001ba5a78f2f446f9561aeb2e5c3c112b88bc44d1bee

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn.db-journal

Filesize
8KB

MD5
ec3e831958ed480c19ea956c968764e1

SHA1
b040d3d891500d699dfd6fa78d3ec26a0b60115d

SHA256
41a724b6a6a6f0cfadef7de621b6e3adf6e4db87af6ceb86b7b5cbf179f6a97d

SHA512
324ac570a58b3502c8e3344288ee215a05102a9a3dbde4be03303a7c6f124e88730b83865b1b41bee0f87de472b0a8b1fa5a0a5a81f8b74089690f9c0c584729

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn.db-journal

Filesize
12KB

MD5
3a4ca28a4d442e31f8f91f40113bd253

SHA1
13d331a1ce8c537ec55a18631dffcca5c85d95d1

SHA256
4ed25758328900eba4e6c7d5028fc23173e686d098cb71d58139235021c93a6f

SHA512
c76d88fc3861b42372667c6d13b276f5dda97a9f5e56980edb45f89108f579a17731b481b2755c7e42b82692dd0f130ce0e13e32b0cec59ec64a062f202b59d2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads