26c66da28ce0ed61a696886af8fcf510a0cf40d14287716467610e21c3645e1e

Analysis

max time kernel
20s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
27/06/2024, 00:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.8MB
MD5

f808f8871b6360e6a1a28e641adbbc27
SHA1

f8ac7955bfdf8f3303cea5a46fdcb359e7a36047
SHA256

26c66da28ce0ed61a696886af8fcf510a0cf40d14287716467610e21c3645e1e
SHA512

07f99ca702e7c8e4db6aeac14dd440bfa30d32a62a8665a527a8feee71bd3ea4868997e875a13b626985f9e84962898d7f0ada412470df8a13050542604acef7
SSDEEP

49152:sfngviGN7xmC8LQqVDVmRErDKv+NH/W1xvidHS+xLMwOMqFO3ue1B0BQHff5JxvA:sfng6C0C8LQq/rDKvgHMOHZxLC/83TA/

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4476

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
118848c0c96fc7b2b846aed55d469ee8

SHA1
fb03ee018536b071754b7b4c59fd14e55ead4e0d

SHA256
c945d96341ad7883c9897950bbcc80380d00c5f3af92ac2fbfadd7badf294a8c

SHA512
947f8ce831bbd008144f166f5e0fbac6ead76f728c162f14af5dc55c7bbd7fecd56ffbe1ba33504d105027729aeb5b69bbc8d0069aa2a63a2a7022922b0a6aed

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
469fc5b02380e8fef4889f8ed3b8d6b3

SHA1
4f8395f6a83a5ee0647af8120ca788315b3c67a1

SHA256
7b5a1f81a8ac816469ef7943d9c1c690fb6465d22c44ecb5545c8fa60668bd22

SHA512
a9e5de08e9e04adcdfb645779ad55d2cea0b5d0415f3a3c4f817baf906c18a964df541f821ea496d691434a3db849e7b79c30ad4a1827c14119449cfea00bc09

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
26f97c3e96d14016d4389e2956c55576

SHA1
28660eda00704333da695405c527aa3fb6063b84

SHA256
24de7ebbfbdd00352460ce2354ecc514f0b95891eab6043dfae0abf4160563f7

SHA512
5155ac4a80cba79f0f8c61cfa3048170c0a2c42f0ffb91e1e9ad73de2c8ca73e33ff4a2b8891880fa24c625bf5d6a0df8d556c0a0412edb03e110b5bed56372e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f494629fb9d8e70b9a49804d36b672d8

SHA1
75fe83d69fef6e806da9da4508064007aa1591fd

SHA256
9c86e4d894cfe3ca96a1fd8f9a7a8f9faa2dbf7a4df4ccb733a9575a6d695ee6

SHA512
4af65fb58bedf244452b4f2146c2aa45c0d4f99fa03facb087520718b53a64b6aa429e88f989d70d4874d4e069fa92d7383ffd24fb64528d3996e5e23751fa9c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c44d3666b6680eddb630f20b9bb05fb4

SHA1
d4bff4dd4136d1595cbd5c727efa17117be80167

SHA256
246422e276a6c7d6961c6e0cec9ef01683e47294932e5d38ad2f9d3071a93497

SHA512
cd74b8b5a8becbf1149e2b1093d1bd564c91df41f7dc917524a671a1979710d4a05a088ac3c7e9438be0ee6f28a0b23fe0393055a9fc4d7303edd80160b445f7

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
10074e954bb16de256954f06cc9c8041

SHA1
c6465b47439e4b3a43251291fd0da061aad7e745

SHA256
706c81a1883492aeef18c27aa3c65ee4848c00dab93511b3e5cfda804e6dff96

SHA512
d832da97ecef58d52b289d57c4d7e626c033672acc53b30fb88716582b32b5f60a113afab9b65aa9f8181b91394ae2a2b0061226bc414eb71b02734dd2044833

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
046539da835a1871d969b2de186bb041

SHA1
12b94947ba92d5ddc522c8e92b9e7043b617b180

SHA256
7d82fa86ac86c671eefe3ecbb455ce02b6af43f76c82cda62633893b550289da

SHA512
7e451683579e1dac080a7094f78d5837276d29cfc00d5a0aff2cb61ed0b0903aa76881977ebe693ca09af3402d917294eb0bee8893de0b3f4e24a9c70e6d342a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d6c78b40362bf89a6cdee1f5f7f878c3

SHA1
b639783d2d7415ee7ce180079cf73c2211ceff8f

SHA256
41413a0912c5a3bf101b8f957cfca6c83ad344e7853b38ce8f772dc4acbd4805

SHA512
e0befc0209302399a3934b4317efde3596d3ad9a842314648378d046b43f152e62fca01db6da62903099d120646e4963a5acb90edacb7047c5eb8bff091eef9c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
ca8388ca92cd98c23cac3debc52ec04d

SHA1
f594e1b2b0a10cbaf52a8f68fc48ff760093aeaf

SHA256
1feda751b2425911959b1e687e07815110a69b6fd23fe87c441a81bb2f0f4d5b

SHA512
9acc73bfe49a9b521a93d3dffeb2820cced416e539df849c36526db47aa5813c9417cfa4b2377e3d447535f026873077e1e3474938999b81adae2c2524d2a2d9

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ce3aa1a558b986f90813352ccc4dc4a5

SHA1
49624cadee9dca9936db377bc93c2843ef2e66dc

SHA256
78989b2184a34fd64d915a913aca34d49bb57aff1726258b36e6dfdd4addf8f5

SHA512
85f7f0afc8d873cadbbf43d2531cfe44ce8071b07d36801f216e010f249ab35819be89ee655bde35ec90958143ca9ed1abcfc70d8b4e30f28e83142117448a09

Download Submit
/data/data/X.God.X/files/PersistedInstallation7697793605487737409tmp

Filesize
567B

MD5
c5acf0f8411080004cf72607117ff375

SHA1
b78378c3f970b498868679dd95fa7d56a0f46aaf

SHA256
57e8ae2271a548d01ac549fea17b7c117d975b7a64766d5fff9f698b3b72f277

SHA512
4a0d118a877bafd3e6be1ec34dafa01f0f591aaae2f34c52200a53951326ea181fe8de633b7bf014d9d5279c646bc007dbcc2fa30a3d330a14ed0299a7df315d

Download Submit
/data/data/X.God.X/files/PersistedInstallation8594378790748023198tmp

Filesize
90B

MD5
5dd00f57cd35ba0c51bd4ec091ad8972

SHA1
ba41f8f5e973b13a9e78a866ea1220042c01fd62

SHA256
059526eef150cd609a0d36da038129e48ea0fedb8d1063050fdbe4df632bf00f

SHA512
2f2382e280a2a0563f7f4b4d1ebba6c301c881cff7c48365d75c11a02244b5d51493242a60b5853a7508c38e324df492cb26ad194c01f8804b318c9ea3109309

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads