26c66da28ce0ed61a696886af8fcf510a0cf40d14287716467610e21c3645e1e

Analysis

max time kernel
19s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
27-06-2024 00:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.8MB
MD5

f808f8871b6360e6a1a28e641adbbc27
SHA1

f8ac7955bfdf8f3303cea5a46fdcb359e7a36047
SHA256

26c66da28ce0ed61a696886af8fcf510a0cf40d14287716467610e21c3645e1e
SHA512

07f99ca702e7c8e4db6aeac14dd440bfa30d32a62a8665a527a8feee71bd3ea4868997e875a13b626985f9e84962898d7f0ada412470df8a13050542604acef7
SSDEEP

49152:sfngviGN7xmC8LQqVDVmRErDKv+NH/W1xvidHS+xLMwOMqFO3ue1B0BQHff5JxvA:sfng6C0C8LQq/rDKvgHMOHZxLC/83TA/

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4250

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
00e0191fc23b806a2fdc55c48b09cb00

SHA1
1d87d9ef699ff6195781cd82a822cf83b2548313

SHA256
254b62b8998880da3aaeda3b7f7648631a68880184c2bc32cacb90726d1c67ad

SHA512
f287d4e8f4753cd41c90c8726df00f14f3efa89fcb91ad0c5dcd540b6956e2a7eeee8028b04fa19637a00a4d004ac055acb646108d1a55ffcdb01367755090ca

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
70411bf29f754abdfcdf971a1506965e

SHA1
07d39684f45ba15f5df901b7e2ab804f5c41b6c6

SHA256
5d0fb97e1ebe830d03b47dbd4605abf217dc545f5203592e8b187901bca50090

SHA512
07042ab34ac771faf0471e281da660606461905beb99d4bc3fb9011a41ccc13837634406c0cff3ccac22199491d55bc9d5fffe59aaccbfce75b256b04641d3b1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
61171f43c358c009d7ad41ec83a3bde0

SHA1
12e8b67c003abc20bbfcdeb243cd0c8bfc0af114

SHA256
67de4040ab4c8f4898616705bb0782a6b6e443ded5c621a88467fd208465c843

SHA512
7dd5836567dec234a22db885e861e203a2f949479374f9bc30f32292883bd52ec13378396b84952f016257e4159b8a374844a1760c99723b8f41a6b6386cd091

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2fa94528fc0fe726b016f007a3e01be3

SHA1
61de1902ba634eeb33912a96389ef96ef7b1e20c

SHA256
2d2574596766d936594f43712cf09f94e9e1bf359ed204b83007796c2e1a2f62

SHA512
d652615c0bf35c01cf240cf7348db5d89e845af3f58ad328b30a0f8ae36049ae3709b0f8c12b5cea6ad3d9aed291e6b5b912403b6048eedf21969e44744b0fda

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
eaf93a5db4a5d04adb82a290fbe511df

SHA1
4a66ea6e7b8f032f4822e33f04ceda4a09371ad8

SHA256
b9f3313749c3850d9676c89734d288ad7f0b853be8296b5a38a21841551aba9c

SHA512
45749dac4a8ce65617bdf5e4ff984ef68f391ec2c8eb51ab09e11dbc4b56f1aab693601911c1d79c2147d23dd1cae4fc3e09814e06dc35bfb26ebd810d3806d5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a488a09582a679af620f31ac9c330f03

SHA1
aab38d33adc0dbec7ddb1acb4968f78848bd6a13

SHA256
0958f1ce583a720656957f32a5676f6fa7f4c0035c7204d4f4695e9b3ab3cc7c

SHA512
a93e7889635c9ea71e4135e61b3374afa02c1857c2f29fe1e7ad2943a82741dae7a675009fdb111032ca910d4e7b571d6aa9f8da06c0d9d4bdeb457f64166b9a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a68ee60b1ef1790b2ead8430d2bf937d

SHA1
aebbf82b7fd5bffcc4fd4a3a9b7eecb37fb9bac4

SHA256
aecf90d8eafa3372574001f332401dd4b83889cc5a93ed7e3a4320c3d57f7235

SHA512
6e91b972cd9dced359f1bb2718fd3ac9595338debe230bb96eb61bf9a403f91feb5ab25dc72529455b154bfa5c162f8fc81a4aae755c2ea3b265b9eeb335dc69

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
14845988ead9a25143431486c1affcc2

SHA1
325541110e476704ce98e43072c664ae889191cb

SHA256
ca7d1028132c4ccbc92e42062feff11fcd2dbba4ca5e7bdddc70694d2da7d1a5

SHA512
ac79b87dc93c0ca0a3aa87d12aecd642e07971fa4f11e9d1e2dc05b0a17c3a84d50a3e45b7db8ba2fa68fe6cb18621aa2d726a03e21930d4eff48437a5182d94

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
3fc3c583ad3bf9057daed0ebdd882b8a

SHA1
ec5988ec4a0b813f3efd185c322d76676750f2d3

SHA256
bb61fbf8c32e327aaea19830792b7e17627d8411fd49925275597e32cc93223a

SHA512
f94588426afdffaf88dcf1a546e0e0a198725a4c8ffeb588d2a87062a5a75ddcacabf29564c23da2f67c95a204b0f72dce5109beb15f2a8ebe64dfd73f92c3a9

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
7aabf3fc4595c904410f03d2d4058f95

SHA1
58dab5325334ccd697c90a321d2a70d2772295e5

SHA256
4f8bae958c4ccb2f61d6c98ca3e884e4a00ad239c90a67884c15e9962d7dfabc

SHA512
9a22cb4bb7a88c7355a21ca40b251f994fd320b2c8aa756bc71be197693257254eaa016ac8efdd38cf8d7295f33554378f194d54686618b0368273f668856f66

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
c60ddeb477e5d51f395636ec09ed84aa

SHA1
61a85284e98a60518d5e86c2ffcc0b3e17c7f63c

SHA256
f2940659d7cfab698c3b3afdb95f5ded9c0365c97669044f887bd54b425664a5

SHA512
7e6833ff99ac46bf23c2b6641ed0f43ea6347d75640ad812049e8b7fd396de6bb695ff36c3772eae098cdee072511b62315a8faadf02c43913aa5dc6da9e9cf1

Download Submit
/data/data/X.God.X/files/PersistedInstallation5104778914073922701tmp

Filesize
90B

MD5
4c5f408eca8f11cdd19eda24510b078e

SHA1
e16c2e949523dc805f7e3aceb74a6b17af17fa45

SHA256
9b1a1ed70f6d809efd264483a3ee29c222e6a2f23cbfb81dd4f6a8109b5719a3

SHA512
77a3ca02bc90372a956c74c6a166f8ad8c035019c54940f507887599aa5154d898c0c72c621166b1ff1c36bc83fae8d10670506adae36db626408294bf324381

Download Submit
/data/data/X.God.X/files/PersistedInstallation5833740804130810680tmp

Filesize
566B

MD5
53f453cd53737d445b5d1efaea08726b

SHA1
b8306bfcd43eda9438c29b04762bc97faa2c6e4b

SHA256
4caa0508129c652e3c7f393834b882ffce2be13dca143ea161463856b2307e67

SHA512
11e0571937ac56f77e03ff02fcc8e152e534ab61bde0b0e5a0e26be80c891dd03500e7bef34b17f1224242a06fae496c8973e98af3ae58e30df49968ec798c8e

Download Submit