Analysis
-
max time kernel
19s -
max time network
156s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
07-07-2024 23:52
Behavioral task
behavioral1
Sample
base.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
base.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
base.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
base.apk
-
Size
2.8MB
-
MD5
6bac095ca7c3546e1764695f9c09474f
-
SHA1
5d729d4f4fcbc98681ba7b1478ca89b1131a0d8b
-
SHA256
42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6
-
SHA512
0bade827030293dea806ef2a5dbd31e37969759898d6541c82116281f7b8f81f92155618df1fc4743885359b487937381f225274cee60c7ba6e8cca5f2aa2ed6
-
SSDEEP
49152:Eiu3F1J72GkfbDVJZYhXnT9/gHKPE7Zi/cNzgLNNGjCYrHPgDf79:XYFvaGszZYhCX7McBITk9I39
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
X.God.Xdescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener X.God.X -
Acquires the wake lock 1 IoCs
Processes:
X.God.Xdescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock X.God.X -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
X.God.Xdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
X.God.Xdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone X.God.X -
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
X.God.Xdescription ioc process Framework service call android.app.IActivityManager.registerReceiver X.God.X -
Checks memory information 2 TTPs 1 IoCs
Processes:
X.God.Xdescription ioc process File opened for read /proc/meminfo X.God.X
Processes
-
X.God.X1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:5065
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
16KB
MD5e1782e3e58e25fe02c171b23dcce586c
SHA1b986c7db89112af55aa4fa5a294983b1d679cffb
SHA25653751904341bb902badc82a1a1eed442355862a74556b291f6b4ce23ba02de27
SHA51267a47d5a754c65cfcc439b60d310a5239c3bd4e0b2bafb7abb27c7e4dccec904dcaf5033b6d86474aa75110025a37d6d952e0eba52d1fe87c77dca3cb0736e1b
-
Filesize
16KB
MD59bc2e6d728afeac8181ea7cffb175549
SHA1bfb1238233065adccff24c08ff2d0ef9813d074d
SHA256175754d18bd780b8fc0a21fee94037b9fd67821f9c1a65139b3ca5bbdd5f89a1
SHA512cd9eba953fe39ded5f82c81fdb34b7381bcd37f49ce7a26c54b03889b7a5f63e0caf5a7392c37b4defd39f7c1162ad7e82a4d0a85066afb2988a50e0b1f3dd0c
-
Filesize
16KB
MD5a63aa03d4575fd0b417800c4487133e9
SHA156f92903ef22e3ee8073eb777c342aab3b83e829
SHA25624c42246e29f8294d82fe66bf717bb8cb000c9b313d839ddb5034221f8bd527f
SHA512de1b4094b55f050cdcda1c12a22b30a0f2bcfe2ba180da0ca7fb180fee4d6370ce87d50128cff56c7f3a7649550488ea3c92dd3a8a9d63cce862b8712c3e067b
-
Filesize
16KB
MD560104554f9cf4d31aa421765a6f820dc
SHA1f4cccbd0e36694161e0c6facaf847ff298b366f4
SHA2566e2e98cd9d5a1fff5eba5fb7d5962cb5ccda011446f18dc4e2694826628bfb0d
SHA512061f47ccdc77c18129a28d142ea571462704cb2280410c5cfe31a767d02f05e28f45040e798ce98236d6a2622d92ca9a2b37ea1dd2c3282de5df56c160aab424
-
Filesize
16KB
MD5adf6082723784327d7d1b34adf974e7d
SHA1b1502f70eb881a1dfe41139cb719fefb877ee37c
SHA256252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9
SHA512762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b
-
Filesize
16KB
MD5eb52a90bb70b76e946b62f50b6f7fb85
SHA142d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA25648472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c
-
Filesize
8KB
MD50c9bda56df18e78dd4f895be7c538499
SHA183cfa737d8d100668d09b279701c76d8af1d1c79
SHA256a93b926ead624aff0a18cf0eec290bfdd2d6937786987a9a770c21bd24189fd6
SHA512038a619a6a4da0cc94e328aa598054e09fb170fed02d2a3f97e042ff9ba51c34098009a40e4e37547abdf11ac4a93fef5888fb7062b54b1bb93054e4f54009d7
-
Filesize
8KB
MD545673d9966db136693441c3c6725e519
SHA1740742f618203be036cb3e89bd62958ea2f0ba53
SHA25685b5b803bdce71d61b5c1521240a5a1475837b741f9d3de4404d8322b2cb6c0b
SHA51263d102976f6481b641575060c9ef7a52b4e66c3b9ef4be876170dbd2cbe1f1f4005b35f908d7d99b9f589906b778b7151824794e91706cd33f754cbb53374ba5
-
Filesize
512B
MD50c90062e1abf39f732ed2287095cb046
SHA1997a155164300cefe459d59bf20754e7c5e788f9
SHA2560b5974f9d16f8a97b3aabb1d7f376a37d3d81cdb427d07932a6750d0d1f9a8c2
SHA5123d32a06e5e8674970fd4a3bc4d49427c74c65ba474d115398a835549320ec03052e51abf1b0ffa8a4c97a18e0fd35e0af814f38e4520db4ce2d68945e2f4e7ac
-
Filesize
8KB
MD575ce3de679afd0c7dec0cf4fa5855ec6
SHA128f790eb346555f65154af473c6e8836847373f2
SHA2569973f545f1a81c8e6830fd4903acf6dc163cd5a48384932386e08a2dc2f09820
SHA5120f1c62f481517410fbf17a5dc115bf8162c7595a1c66a7c1ff225f9586d9f5a1dd65c49beb1fa5d4a98aa541c26342f353e5eb1b3e2fca0cdbba458d0d951520
-
Filesize
4KB
MD54afe86f152f93e045030d9cd7822db50
SHA17acdfc5a31717140539664118f44ed51fee73f6c
SHA2565b0efc437af207c4a4ead35d7747867792019c2afc126a24ed4c4547b475e6ef
SHA5121725908353c389ea0c16699c90e0229d5d8c46bce570d4ffcb7ecd17eafd3aa39c4b0804983981ce46aee2f9c06c88879d18bc0a9715063fab86fcbea55a9a33
-
Filesize
8KB
MD5734346ad877eb75bdf80819c594d4863
SHA1b892ef7b0ee7d6d5d20deeaec2236b8331b4a95c
SHA256a9475ba9d0f8ec062d7ed07fd31f176e6e49a4f21159a21500ab339766b8021a
SHA5120764d164980d3f2b8760671cca97409949e35f6423ce6d7239ad4a5d9fb4847adc8cb2303a3b9b6497340d0d56b77a3448e4a03095663b762fd864b2f5fa89e6
-
Filesize
90B
MD5485ac0dbb64e9eb2f7c25697f2df04c1
SHA1490bbad1d0722ab2ed1982f0939c46b92c342551
SHA256be66f6e9ca7ce257763e6e6e1af9a24ab356664e4d180ace0db5c2b451c35179
SHA5124ed3d931ce045ffd5199c0b7108f5de2e676ebbbc331dcf7a02e9736373324e06a5e4c1a23280928a7f6937d64e86a5e438b839237ef0d9c652dfa6a888d364d
-
Filesize
569B
MD5d9fd179f2057ac305296a99a22090eb7
SHA1a10df26fa0dd30fe6051460539e4fc6e97712739
SHA256122ef1bde087ef7df66d6b586c68ba176629dd9ef32973e251673c7c1a8e19f1
SHA512c094a4aed5be26905ce0a3f5abf35aec6e0cab9782666ad59edff2968fd2b8886183364b2084f6fbe7f03c68fac048d7449fc8de5749119bf38504a5c1348c24