42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6

Analysis

max time kernel
19s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
07-07-2024 23:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.8MB
MD5

6bac095ca7c3546e1764695f9c09474f
SHA1

5d729d4f4fcbc98681ba7b1478ca89b1131a0d8b
SHA256

42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6
SHA512

0bade827030293dea806ef2a5dbd31e37969759898d6541c82116281f7b8f81f92155618df1fc4743885359b487937381f225274cee60c7ba6e8cca5f2aa2ed6
SSDEEP

49152:Eiu3F1J72GkfbDVJZYhXnT9/gHKPE7Zi/cNzgLNNGjCYrHPgDf79:XYFvaGszZYhCX7McBITk9I39

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

X.God.X

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone X.God.X
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

X.God.X

description ioc process

Framework service call android.app.IActivityManager.registerReceiver X.God.X
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4259

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c1b764b6bd850e7ef2788a6a89fd3dd8

SHA1
4530347c211ea52d4274da294722adb5d6c5b459

SHA256
36ae9278da75122b9e3477fffff10a8648865b539249208d82405632a891ef04

SHA512
0d51a32451bd326974cb6ba5bf821751fb812dd16eab2957acf1388bbe6d090a8c5992eb4cd98777216f7d295f7536dd569eb6931a39d831921eab063fea686a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0731be891269272074e2790e21a8aff1

SHA1
6c5d533e26ff1a3e2fa0078535e73fe982fea784

SHA256
6204b41ee8bfabfe06faec7fbe9e04384610c5ca1c74d24e197d9fe92276a789

SHA512
bada225b709a98cf33744201750b285938cce2552764dcbfcde1e7e7484fa225cbae48ea1af50c18bbd1de93e188bcd3b6372a0ec3f651086c31371c2aa4c6d4

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9cf37b7756fc230e69258ce3ec457e0f

SHA1
5d7479345148b9dab5928e472259e0223431f177

SHA256
1f46c966f28cc8d8d814c23d7997b689240d563fbe7036076126607da0cdb4af

SHA512
473f836ed3940d30eef98b3827c57554bbe52a2097937b1552708e5315a04999e5ed44a4342101921524a4f4c810192bba2f94449eff4a2d56907145f9ee559d

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
402e479d680d6ca8e5e6f60eda1b0a98

SHA1
97d13b9f62926c85e546216c86dde1bbc174f8d5

SHA256
c6c5606dc28830c57585b0ee1749293f905c4431557f1af28e3d673e1e39d4f5

SHA512
2c845f5db09c83401480b96ebaf8c40730ff01395fe71672242de8c6a5bee3a2cffa96cf2a9b4e411fd5271127732ed687f9b5308dd5ebf2d1b29c1af1ddacd3

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
29e56c7f28093ede3fe35373b5af801e

SHA1
ae8e98dd2ac8f416432701ef7f32b6c86a6c1382

SHA256
7792fb68ba5ad6d96d00d9b3879173be0b3542153a8033334608a5f30c317d34

SHA512
ad5e6584da402f5bb8b17b6b7b1c4b544b6b191189d5a0f2dc4bf0d8fab1e9a1f1a14e4ccb4003a2c7b7882cb23d0d24fda04994181186c388875aac59613baf

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f1b391275f5b14be2e59d8201de5e8b4

SHA1
0138e3ac9f524667c68cb8ff6682b9ffc33d4fbf

SHA256
3f429ba950650f633a542013fd63492480dfffc0b74854c38d4c1b5f8127c83c

SHA512
47a1bcc1d66849852c63b94e92136224b1c776dcf57dbd5a9150cce809d1e69818c51b893cd5a0821fef1947fdc3c1abdd149c9ffa815d65b10df62035ca24a1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4f124751580ac930c710467b44cd24b1

SHA1
0bb42886b35111aa54be02d1ad560c41b5e8e045

SHA256
1d5c99b3b522e164f3b46dccdb2bf2b40cc4376606ad02b11972e97e2304e32e

SHA512
939674f56dd102474b16c4cb6b884a95c9a9645025d9e4719d4422e4cdf7bd2d5f307f85906290a8ae06c33c1e37a7f30246ba065e08f08807d952977c84623f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
879d31eda422db5b95abe707b6ea2a40

SHA1
187bd35695213a216ae5264846a813cf6ee25c92

SHA256
be48d6240cd5b589bf62c16214c2b6e1ed07700694d6665c520b9b0b4cc74be7

SHA512
1c8bcde31261d6729eb8bb3b35486c9894ed6b387c27f2029114a3ff72ac8b96ef74c84f89092bb8307c10e6c2c61feb231fc20980095be004604bd7f400b48c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
33a10bf76eb0f566b569be31f280d836

SHA1
9dd1e7edd5488ff1cef089fe0cd225408d84335d

SHA256
26a5d573794e996ee83d17b7a8405eb513c3750d1d77ae12472b54174f8eb27c

SHA512
0e7dacac1cb87d6a649c6da2b72a05ec744c11c0aa6e00ceff4bcc70d6db7ad623da606e90e3533ab9860c7bc5ce2480b8afa2ca0da2d1d15215ad0efb26eef5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
3ccd61051d3974758a4c238b50ce8b93

SHA1
e0a73509736f9cc2ea51ed9d0ee1664fed6222c9

SHA256
17b65aceb0dd2c30486cf35ca4d863662fd127ccc5a7853c537dfba2c342b9f0

SHA512
9ab28b94afa96502ac5738de91bdebe4f38abee5e0782a17f415db570efe563e0ceabf908a2750418452239a9d79070c30c351dac1826a3e4b87b8e36bfb3059

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
2bafc59f18252f383f305dfb2863e142

SHA1
2477921deaebd1abc2485d4489e3da19073bd598

SHA256
0728d5f8985fc0fb53997a401585231790361efd787f03b82814921896dba0e7

SHA512
66dabd73c478e2b38092043e510c3004b490bdf5af9fd8e438b4c1b879bf2739d91515e83ad62fdb7d61a4afa10ead1deca88943c8ca20f5ed7d274d0ac5604c

Download Submit
/data/data/X.God.X/files/PersistedInstallation6587673878402821098tmp

Filesize
90B

MD5
8be1da5e78a53c2a688677c8f56fca99

SHA1
98f22355680bc316510d76148f6e13f8032a1bfc

SHA256
e0fca0e7a6a817a4a2bb671920f7befc83c197f52e8179f23c6f0412b0534980

SHA512
d15eae7ac1f987ab350d60493d885d17588517de264037191743cea7d4c3ba88b7cc6614d7e65394066fd992ccb3609cfa9a15a04d66dbf1c51f35b1e7b18229

Download Submit
/data/data/X.God.X/files/PersistedInstallation6958962718121405816tmp

Filesize
569B

MD5
9ee70977c4fbfc84803db8b68a61cf1e

SHA1
45f5d8a60d8354b84d4c0fb81a93786deb426820

SHA256
2b4aa8253afcb8f10da0a117cc0774fc4dca1e0c224c5ec40b4bf7f858a65951

SHA512
8bd7148f4a444d902c6c419e36b61e6712f71989dc6fc74886dbf175ed42344b54abd26389b6a1ba3caad230e9405c8bf8d3a4543cd902c3a6f9264c0955e3c6

Download Submit