26c66da28ce0ed61a696886af8fcf510a0cf40d14287716467610e21c3645e1e

Analysis

max time kernel
20s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
27-06-2024 00:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.8MB
MD5

f808f8871b6360e6a1a28e641adbbc27
SHA1

f8ac7955bfdf8f3303cea5a46fdcb359e7a36047
SHA256

26c66da28ce0ed61a696886af8fcf510a0cf40d14287716467610e21c3645e1e
SHA512

07f99ca702e7c8e4db6aeac14dd440bfa30d32a62a8665a527a8feee71bd3ea4868997e875a13b626985f9e84962898d7f0ada412470df8a13050542604acef7
SSDEEP

49152:sfngviGN7xmC8LQqVDVmRErDKv+NH/W1xvidHS+xLMwOMqFO3ue1B0BQHff5JxvA:sfng6C0C8LQq/rDKvgHMOHZxLC/83TA/

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4490

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f05fd5eab61ed302e1b4b4ebd095e871

SHA1
e13c0496418d24dccd7799c5dd1761ab779a2065

SHA256
b59ec90a68c06d0f8ae3eaa73675c41a60773850dd00423e028c8c257e8a0a01

SHA512
8e6ec14cf659dd5fbf9f0213d3089f4541eebeee4b5cc8ebee917ff2153c4b6345e0ee0d4e738445ba3b336b21f090881b0865ecc1aa99a8dfe1fcd45aeb1d22

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c06b79e743f2952337dca224b9e05853

SHA1
40e6a9f9d4466869b868db2148e32c3307ee8377

SHA256
a28dc74a723acb50a473dea24624e3ed718bd2c9958b8a905ac169f375d917f7

SHA512
581efb02e118a3424d8dd485546bb89cf3ee0b19327e526af90f56ab2d7800695775f3e9809dbe4ef0751b8b66d92ed6f32d9b44c1222e6a9cc2313eb2618057

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
07846999322310eb9d182a6afd869784

SHA1
8d6661658fbc554dd175ea2eb43c131ffb7f8925

SHA256
bad97c9574d24bfbe7561446c27da04c1dfcb34c80e674a98263ef69fec0d69d

SHA512
0a3fec324917273652737ab346109c04d8290f6ebc27bc3e692990ab1fbeb4908cb9012a6daf6c8b056aa5b414d18fd31aaab2723f88fb98e042ec54b5031ef3

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
24967dd0fc119b73a94b10e66fa01f3d

SHA1
ea8061d1e503497235ed388d897ac6defc383eb4

SHA256
5108caf9c42a8053874208f57f1c2f5e7ac0e1557aeedafe82497942ba1e925a

SHA512
94519f9ca8ed884563dd68aa9603004597c9216915aefa94b9dfb80d25ae7e1e0eb7cc772bb4eda97499e9727f400971bc2ad31e5f8eecf774314706e0c50022

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6d0398809bdf7f534e9c48aa5144f4c1

SHA1
55dc50207dfa744281a0ac9e622f89a5e5fed473

SHA256
d67e39ea9cf737df2399d10fc7b2cba8637afc2f2f82503cf639acde00bf1d70

SHA512
db61761abaa5654dbd57fda7ddf5b24d1458af7d39737b68a363b333da70d6decdda5648ce4a77dfda9db9800494423add25a3a12ab3ce0a9636cec929026bd2

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
45108b6d0a85d4c7f3e34a012e14cc19

SHA1
0f76d449c2234592973d8001fc9d358307daeae1

SHA256
40aab9fad6b7e70784a4eddd639306381afd0430e95400c1de7aac0aa511246e

SHA512
07bdcff709ee085b40c6b70de083ef98bc30c76fa9fff58884bc6cfe61961fd4fd061cc44bf3e4f393bbb1f7110410e612e57b80fb623892329c1e75fe40b3b6

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
138bb07f36c19ba99619bba9b6ba0138

SHA1
4d0c65d9dff9cc23753d4fe02b9deec731744bbb

SHA256
76bea9649792f128a955deb2da308cf1a1b13bd1dbef9cd3267b7763d072c243

SHA512
2e18223b2dc6a27e7ba9fb6a26fbfd21fa2f184599d388eb5fedbc1f0d5ba69e14803a5ab04c4d578c0058acecbd3d9fc538a2795e732381ff6b4459afd02659

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
baa201aa437bca526d6af44ef6109dfc

SHA1
98b504a54968c3b5e7f5c250ddceb9b30f4234a2

SHA256
5f6a1859cdf39e3f326b638593a5c1eb487424b2fe7317472f7e5953e3d5107b

SHA512
5ed75290fa082a0f334f84dcd54f126424904d87310328fc7f4a95181b798e4974695096267a4263b12b06c481505a0d81fcff4e9ec4c0e2e871f819d9608a35

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
ea6be0096e006583f75627ebf7eae79f

SHA1
9a7c6c4a2a3b3d0378e1cd2092e3e41a486051bf

SHA256
c50a893a9f746784203324f222985fc71189bc6185b35311847f881f642a9b59

SHA512
a37a21102284e3c5584562162e5b066d2ba2d5f391a85317105e91c17a6e6d9c8c0226d2d175463458bcc5de9b2148ad66fdba66119745a1b8fe0490e0a69f4e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ef1b8e06cfbb063e814de4741e16b70e

SHA1
9ab33987887c43276a062f0a568792b430f8500d

SHA256
6f46e178da2e8cd986faca9941683b71a818a20e31392e9b3c2a48f179ce73ac

SHA512
45775ab3a18d3d6cdbfe5eb87f7c05908ce260661a9d52c76b5b6269b237fe2eb2477314cbfc491455c839f087dffe19faacbf1defb449f602ba938d5a04bd16

Download Submit
/data/data/X.God.X/files/PersistedInstallation1256891102609708417tmp

Filesize
569B

MD5
a2b9422bbe02f5c9498dc775c57f57ef

SHA1
a2839b5cf438995599fb1b145ab38892206408a0

SHA256
b5e307b81b0a2255fd7bc295b431602687705f7e3152f90705ebe8e83a1cee60

SHA512
e42a88e34467759bf8c3e715a8fe004fb0d58a469bc9eaf6660696ff7afdb83e2f5f074609b01334e128fe6d18904f0dd8a37b04e2a661b8df19077c40caeb0d

Download Submit
/data/data/X.God.X/files/PersistedInstallation5818574280339161725tmp

Filesize
90B

MD5
78faf5ebfe890fff22f3d090f920e20d

SHA1
62f4803ff28d2e9d2da0d68dada8c78a310f8e14

SHA256
17c5c21fa16b35f8fa88de1b20c1261b58742caffa6d2a80cbeed54f7e0bc8e0

SHA512
91274fe831e3ae860ac08c589872361f387ee58ae2d95017d60f15a0a751ffa0d36d67f94c4061869c22550872aebc23ac1b9761d6f0f897b5729af92d370602

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads