26c66da28ce0ed61a696886af8fcf510a0cf40d14287716467610e21c3645e1e

Analysis

max time kernel
29s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
28-06-2024 01:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

26c66da28ce0ed61a696886af8fcf510a0cf40d14287716467610e21c3645e1e.apk
Size

2.8MB
MD5

f808f8871b6360e6a1a28e641adbbc27
SHA1

f8ac7955bfdf8f3303cea5a46fdcb359e7a36047
SHA256

26c66da28ce0ed61a696886af8fcf510a0cf40d14287716467610e21c3645e1e
SHA512

07f99ca702e7c8e4db6aeac14dd440bfa30d32a62a8665a527a8feee71bd3ea4868997e875a13b626985f9e84962898d7f0ada412470df8a13050542604acef7
SSDEEP

49152:sfngviGN7xmC8LQqVDVmRErDKv+NH/W1xvidHS+xLMwOMqFO3ue1B0BQHff5JxvA:sfng6C0C8LQq/rDKvgHMOHZxLC/83TA/

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4484

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
12306f3f50e1c0935b2e78534cac7abf

SHA1
e6660d413193768e757c8a395dd7463aa2bc17f6

SHA256
ca83d52bd1343e65ab6f7a106cfe61daf93b1d69daad210aa8eca8963fa07c7d

SHA512
2ec50341fc6c615a03879bf65278b523afb5a99d66747de76c6261bf933fd66f4c2d862e23d02f6bfd0a9b9777d309ffdaa1b8fdcc44c499384133eaea89392c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
202604a4e3598d48d8df7edcbdf03261

SHA1
05e26051f014834ecf1d34a30b4e701cb2088f64

SHA256
4ce9c80cd05972a9c70204056e63d62095d3d91324b7a87f62cf1f05631fabe4

SHA512
fb7042d9e9bf7024fce752c52167fea30125ff95db7da823109bd2a2ad4a4f703998810d3fc67287c7cf4f58729ac87a12f852d20aaa2974d3df8f60d9e95c90

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d3e7cb5dfce992d192ca40253ec4154a

SHA1
ab22865b0c03fd03d3f0220edadbf24c8ef118e9

SHA256
85d338e0c953e918b3a7144e3145d19cd25c3738e36c15a7abcd1160a1fb646c

SHA512
1743473467eeb853ba4b39ed56edd1a5d95088ca497c20005d6242a011003484a0341859627965be0b573d2561c2b4a0e98a0c2ee7876e64859f4e27b8242d80

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3cfe42f0c218c1fd0888bb8f30ce45d8

SHA1
15df64cee5ffbe1ed94233575609520fc5594e7a

SHA256
a9269f8da29221b60f9b8af5f98d8b3d0375a48dd7c0f0432f93bb9fbbaa0d6f

SHA512
588084c367b00048f17c5227c5bf417f34e25b5198e1a155dcdaa52e7d5639a7d29e4af1d344fbd3a84c539c3e761fc81f8c44ef9c96f0148dfb0ee9a803102b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0109e7a2f02208c17dff826c70151bfc

SHA1
e304a7ac4178f74d6a2110b2322aac399c9fca57

SHA256
a94fd1875cf996f70dc87657d14be2b65db422b8bf3e1e80686d87e53dfca056

SHA512
d9c9cbca270687dd1ef4a5c5dbe3fc99b6f1af29fd4da8f55f81013523b4a70b682f6bca185709d49fc401f72a1fa20711211a6fe1029de0efeb4bd5c1dbf271

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d9421798b7aae0c3b678eb8a44fbced0

SHA1
f55e4fd70736682a56ddb3b300e3fe429198857c

SHA256
29da12b9ee100b1570292f3d176d424987a32ad5704ae704d9a991f827fea3d0

SHA512
b8b86784604c6d3bdd80d30aeea440c541511969ca646e97bd8cfdd859be6286889120da66ff0ffed65c549c9ad8f2b99651f056677a72d471682e26d6c2cc9a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8d290663b341fd99956ecad77bf6b9b9

SHA1
101bbe385d2d008fed583dd8c6999d9b50967b58

SHA256
b6f9fdaa7501cbad4dd53695e2f7307425b50a7dd74e1041be79048d43fce1d8

SHA512
bf34a3aec8ba9fbdc52aa302dea05b9234e6fd1fc2a14c11fbb6f19a1e25d984c10251ce0c14ef2df5008e09eda8ed58ff2735c4e4ca36ed94ffa3dc9fa6056e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
6c6b004c39670885e5bc26118735562e

SHA1
7430fb32b502b8973a1a5bee426c9aac95f5bc61

SHA256
5d8ad6dfcd34e42b8462a4ea37ed882e688a86026f0031ad9e6ead4d5f76975a

SHA512
06db1a8f4b39d5883c8aa49b6b57bdb64e3bdaa0a1dda9421793c90ca0b7954a1383a77a3f19f708cd8cb75a7af20d673a7e5f667e6c184f945c45c7c549f2b8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
5d590efbcdae0cc8b80e98f22b1de733

SHA1
c6d678df9d9916bb1dac1a1dbf0be40784339052

SHA256
cc04de00b0a4a2f623d6223b78e062010f2b41989aa51e15620a21cdc16e263a

SHA512
d70461ca1a7fdf1885fa5475eae66e76a39ba6413370ae58b7f0848d1cdd00652747e81f8eb1b8e0881c0190a21a80b78bbf3a3704b5d92ae33d8014c226be34

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
63d987b347786276f0551c6b7d482eb2

SHA1
4f27d511c6c0463b1bb185405514e58ecc7e015e

SHA256
1b3c7fa677f7cd48a698757497fa86ecfd20ae24e99d70a1bf6f52c1cf40171f

SHA512
42a510baef4d11ee62463c18f73cf2676dfb427f830d7dab65658bb4cbf45582ab3e81ec8a32edc1ec61c96129fc24190c14780b99e00faf4d8b6c4b0b4a133f

Download Submit
/data/data/X.God.X/files/PersistedInstallation818638356325070832tmp

Filesize
569B

MD5
29b383e69f2b3b7f8bd31b15a29c593f

SHA1
d7d29fd2b78f8d0c0c0b48143e492a1ca6d38517

SHA256
7577664e2d69e4cc3cdc08d182665f8ce6d0e59d9ca84ef89c65d3eb5885cf2c

SHA512
70a9ea09b2f5f8e9dd0cd5f30c1ddc7e0b25d3e25177c5984e92f3d525436386303e6c29dedd0ab87cfbcfde7a3e7ad9d0cfd65eee3bdda9ec4fceb06f2235b4

Download Submit
/data/data/X.God.X/files/PersistedInstallation9129365494024161865tmp

Filesize
90B

MD5
f2c3d7f7eb3b47048db6dad8f066e662

SHA1
fc9ef8a229176da4bba0e7a363e275373dcfd31b

SHA256
acd957841f3d66a9db3ac3b85a7e80d8abab189f5e400fbdbb5266bbcd9ea183

SHA512
902a202301abdaf7a3f47bdc8ad8a41970fb28ba7e4d5d130d83e3e3c287e2829d68737086fafcbf774548cd6921bc89f93e26d9f698e7dff3f26eacd1cfa0da

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads