26c66da28ce0ed61a696886af8fcf510a0cf40d14287716467610e21c3645e1e

Analysis

max time kernel
20s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
27/06/2024, 00:42

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.8MB
MD5

f808f8871b6360e6a1a28e641adbbc27
SHA1

f8ac7955bfdf8f3303cea5a46fdcb359e7a36047
SHA256

26c66da28ce0ed61a696886af8fcf510a0cf40d14287716467610e21c3645e1e
SHA512

07f99ca702e7c8e4db6aeac14dd440bfa30d32a62a8665a527a8feee71bd3ea4868997e875a13b626985f9e84962898d7f0ada412470df8a13050542604acef7
SSDEEP

49152:sfngviGN7xmC8LQqVDVmRErDKv+NH/W1xvidHS+xLMwOMqFO3ue1B0BQHff5JxvA:sfng6C0C8LQq/rDKvgHMOHZxLC/83TA/

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4245

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6323af5e50ac99d994549334320a67af

SHA1
12c531a3445ffa78bc2c9eccddf3a150acbcd694

SHA256
ab4cdbceb6d0eea9dbd3a3b2e2a5d75ddcdd0259eb64224542b3a46be61eba5a

SHA512
f05c8a5b81522810bf0ebfbcebcbf87e4fe1ef8fac766e4b3ba29eeaac115a8af8d0af03960b8e0f51c1ad0a34ce8a8b53f11c159f9e0fbaa4d06f47b3aba758

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1a41dd57ebb15c0b436ec612e56f76a0

SHA1
389919f7fc68b59ecc58081a70a87d34cd4764b7

SHA256
a9ec7d1b3fca9e080eae54d50c945ab9f96e30691d94c998eab1b2c4a5d6ee1e

SHA512
9525fc8133490122824db1c1920bf4ba14244cc0bbe20d963c574fbb3796171d729dfc05a8c57808f26c8877962518d0ddd1ce9ad538363973e6cac741289bf4

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
dd035cc72455ed032612a00011d59c97

SHA1
bcc6c79313444bf6b4554d2b22871559371698b6

SHA256
10bffeb0020a001f8550efbac5e3db439031ea66afce774efbc3b158855bfea2

SHA512
7dba0df50d421556a6cdc1f780242fe4e8f1388cbb8bc00316ffb145d5f65b190c1c1b7238839d700e69dca472715238913ad31128eb083a68e2f0d868bb44e9

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
429480608b601bb2ffd2e8516811ceb2

SHA1
a1f734707d7848d29b5637c6af1d9ed4e860f720

SHA256
475d19ed4ad19048bc1616dac729e968b08bbadabf295d40443b0d9713beb4e5

SHA512
3be10a29a0660d2378bc793b43e32d58a147d586a336e6a3a25d480f772b4af19a0bc83639e79c725132539fe858e512a3b25975999d23d16c9fb3490334c548

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
4820cdb91f75b587c36debecf7fe8553

SHA1
4901546a357379c31b3a2e149905f3fa881e9fcf

SHA256
814ffbd43dfc1734ea8380958cfb0665f01a04bb42a0c0df32cbfa2095758a28

SHA512
9667e8271f3f992bb56de7a43b3f9e81f628d20c45e012ae010497a62080a75873e45a28f64919c32c2fd1fc215333f850ed33c2cb785302cb0e90fbd4a2da73

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
7c1f6bb0e744b68ca7321dbca5faad58

SHA1
30e05e1d7a04733c08d901abda4765a053838fdf

SHA256
843124fbdac98db309d7d8a52beb153fe6c615a032bd888f55fcc959d91f4fc6

SHA512
8a898165b26b1ab28d4377db7c21b7f388351892fd702c046f21635f9581bbd966ed7f9bb244f82f32ca3da3587393a8a6e3f9231cce077733bf3d107c1d768a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
64305892c7184c4a6e6e7add2736c082

SHA1
2b476ea10dc1a671e6046ef6f6582a872ac12424

SHA256
dedcf6d136c0f38c131f50c06428c1626cc4205236bceb1b06bec7c3376df63c

SHA512
1dbf72422ed851e1789b6fe62a0a409d60e7a0fbd61880c37a3880a436865e2b509f6a03d632c3bf6fc08f09d48048a6c3eb7a3c8366b9b2a115b79e31e0c8df

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
bbe12fa19a8e334073e91cd4a9ab4b2d

SHA1
960db4c45cf0c338da9d9a6d7d6e596e5a2581f8

SHA256
dbf02005e1217bb3ea805c30e66cf19e0e8126a465277204086bec2ae134f56b

SHA512
5dca84b653244ae15fda47b5be2756716f58d431e8199b82e1f9eac3da4b24e22e72acb8e4327b4620b21b1ddc474ec75fc79678cb1fc34b0679dcef3fbd78fb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
92fda58884877ba1a266313d2f208fbb

SHA1
67324a794ecccef2ef86b8f4d704e21bc65c7bda

SHA256
f294238f983434a8bcb77bbbfaadc88885860d0fab48589dddeeb9cd70678a50

SHA512
5ac8d0e0b92c8b0e04488fbd42b888cdfaaf05c54f3e6f7ccce311933d04bb257c83dfaff88f8454c4419139e7af210e0e9390ef17d0cdcd62407ab21ff9696f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f277472498d481aba9d0d7de1ff8ab5e

SHA1
a522f9fa63125d40de9e5eeb3f281b71770cd23b

SHA256
b881dabbb01811543f01fae472f5d87ea78a6604ab290f7e791671d7119e73cc

SHA512
5365b72c2daaf3e5e1171b295f3b347386854a04dd3f4eb4fcb2afb6ae79c18d29452277f72a0dddbac6229b1e3ca9ce00b21597a41439f357295414593da71b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
13cea9cd6d5bc4740d64c51b94399e83

SHA1
86d3ec95b7b2c12c6b9f050ac42366e766faa3e1

SHA256
b9f8ee502d7b7adc598f3d3ce5d05179dea09ce75f33e8f3cf81138ff03578c3

SHA512
5e4a4258a792c9d77a59cd044957632b0bf12c206964333fae9450792d96b389d544276261d7967d3b9bd7317f422daeab8c3133d531287286ef6d016c34aa69

Download Submit
/data/data/X.God.X/files/PersistedInstallation6307073641794790013tmp

Filesize
569B

MD5
5d2a662e1ccc063e30404ff7eb6d28b5

SHA1
3c5e1eeaa09eee1a18d16ae5a4e58f8174ef262b

SHA256
9d922852ca32d16ac301619598bbb0196158d47e8ca098bdb34c9789cc5f8c0f

SHA512
8812001edf610b267aaa75b7d24160b859fe267157170b845937d950403a06155467f3b6e60c0114532cf2e4475d6822ce4720eb9e8f9504fd7eee161fe89ca8

Download Submit
/data/data/X.God.X/files/PersistedInstallation7305809828189905953tmp

Filesize
90B

MD5
71d2c85626406d348d1bc8f5c6cf4644

SHA1
cddcc94eecd9acd1000186745d4112e3e7b6a4e6

SHA256
da520657d5ef127cd07f36a506ce6345dcfb827f9455f60c19fa418eab6e1c5a

SHA512
af52fe90283f7e5136e3a17c90420f991da25328aa88af3ea8477e73f971901f8f346023eca43fa63602eb928ce46d9cc8f8ff911d30cd8fbd9513ca12335d1b

Download Submit