Analysis

  • max time kernel
    19s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    07-07-2024 23:52

General

  • Target

    base.apk

  • Size

    2.8MB

  • MD5

    6bac095ca7c3546e1764695f9c09474f

  • SHA1

    5d729d4f4fcbc98681ba7b1478ca89b1131a0d8b

  • SHA256

    42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6

  • SHA512

    0bade827030293dea806ef2a5dbd31e37969759898d6541c82116281f7b8f81f92155618df1fc4743885359b487937381f225274cee60c7ba6e8cca5f2aa2ed6

  • SSDEEP

    49152:Eiu3F1J72GkfbDVJZYhXnT9/gHKPE7Zi/cNzgLNNGjCYrHPgDf79:XYFvaGszZYhCX7McBITk9I39

Malware Config

Signatures

Processes

  • X.God.X
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:5065

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/X.God.X/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    e1782e3e58e25fe02c171b23dcce586c

    SHA1

    b986c7db89112af55aa4fa5a294983b1d679cffb

    SHA256

    53751904341bb902badc82a1a1eed442355862a74556b291f6b4ce23ba02de27

    SHA512

    67a47d5a754c65cfcc439b60d310a5239c3bd4e0b2bafb7abb27c7e4dccec904dcaf5033b6d86474aa75110025a37d6d952e0eba52d1fe87c77dca3cb0736e1b

  • /data/data/X.God.X/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    9bc2e6d728afeac8181ea7cffb175549

    SHA1

    bfb1238233065adccff24c08ff2d0ef9813d074d

    SHA256

    175754d18bd780b8fc0a21fee94037b9fd67821f9c1a65139b3ca5bbdd5f89a1

    SHA512

    cd9eba953fe39ded5f82c81fdb34b7381bcd37f49ce7a26c54b03889b7a5f63e0caf5a7392c37b4defd39f7c1162ad7e82a4d0a85066afb2988a50e0b1f3dd0c

  • /data/data/X.God.X/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    a63aa03d4575fd0b417800c4487133e9

    SHA1

    56f92903ef22e3ee8073eb777c342aab3b83e829

    SHA256

    24c42246e29f8294d82fe66bf717bb8cb000c9b313d839ddb5034221f8bd527f

    SHA512

    de1b4094b55f050cdcda1c12a22b30a0f2bcfe2ba180da0ca7fb180fee4d6370ce87d50128cff56c7f3a7649550488ea3c92dd3a8a9d63cce862b8712c3e067b

  • /data/data/X.God.X/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    60104554f9cf4d31aa421765a6f820dc

    SHA1

    f4cccbd0e36694161e0c6facaf847ff298b366f4

    SHA256

    6e2e98cd9d5a1fff5eba5fb7d5962cb5ccda011446f18dc4e2694826628bfb0d

    SHA512

    061f47ccdc77c18129a28d142ea571462704cb2280410c5cfe31a767d02f05e28f45040e798ce98236d6a2622d92ca9a2b37ea1dd2c3282de5df56c160aab424

  • /data/data/X.God.X/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    adf6082723784327d7d1b34adf974e7d

    SHA1

    b1502f70eb881a1dfe41139cb719fefb877ee37c

    SHA256

    252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

    SHA512

    762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

  • /data/data/X.God.X/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    eb52a90bb70b76e946b62f50b6f7fb85

    SHA1

    42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

    SHA256

    48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

    SHA512

    b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

  • /data/data/X.God.X/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    0c9bda56df18e78dd4f895be7c538499

    SHA1

    83cfa737d8d100668d09b279701c76d8af1d1c79

    SHA256

    a93b926ead624aff0a18cf0eec290bfdd2d6937786987a9a770c21bd24189fd6

    SHA512

    038a619a6a4da0cc94e328aa598054e09fb170fed02d2a3f97e042ff9ba51c34098009a40e4e37547abdf11ac4a93fef5888fb7062b54b1bb93054e4f54009d7

  • /data/data/X.God.X/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    45673d9966db136693441c3c6725e519

    SHA1

    740742f618203be036cb3e89bd62958ea2f0ba53

    SHA256

    85b5b803bdce71d61b5c1521240a5a1475837b741f9d3de4404d8322b2cb6c0b

    SHA512

    63d102976f6481b641575060c9ef7a52b4e66c3b9ef4be876170dbd2cbe1f1f4005b35f908d7d99b9f589906b778b7151824794e91706cd33f754cbb53374ba5

  • /data/data/X.God.X/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    0c90062e1abf39f732ed2287095cb046

    SHA1

    997a155164300cefe459d59bf20754e7c5e788f9

    SHA256

    0b5974f9d16f8a97b3aabb1d7f376a37d3d81cdb427d07932a6750d0d1f9a8c2

    SHA512

    3d32a06e5e8674970fd4a3bc4d49427c74c65ba474d115398a835549320ec03052e51abf1b0ffa8a4c97a18e0fd35e0af814f38e4520db4ce2d68945e2f4e7ac

  • /data/data/X.God.X/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    75ce3de679afd0c7dec0cf4fa5855ec6

    SHA1

    28f790eb346555f65154af473c6e8836847373f2

    SHA256

    9973f545f1a81c8e6830fd4903acf6dc163cd5a48384932386e08a2dc2f09820

    SHA512

    0f1c62f481517410fbf17a5dc115bf8162c7595a1c66a7c1ff225f9586d9f5a1dd65c49beb1fa5d4a98aa541c26342f353e5eb1b3e2fca0cdbba458d0d951520

  • /data/data/X.God.X/databases/google_app_measurement_local.db-journal

    Filesize

    4KB

    MD5

    4afe86f152f93e045030d9cd7822db50

    SHA1

    7acdfc5a31717140539664118f44ed51fee73f6c

    SHA256

    5b0efc437af207c4a4ead35d7747867792019c2afc126a24ed4c4547b475e6ef

    SHA512

    1725908353c389ea0c16699c90e0229d5d8c46bce570d4ffcb7ecd17eafd3aa39c4b0804983981ce46aee2f9c06c88879d18bc0a9715063fab86fcbea55a9a33

  • /data/data/X.God.X/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    734346ad877eb75bdf80819c594d4863

    SHA1

    b892ef7b0ee7d6d5d20deeaec2236b8331b4a95c

    SHA256

    a9475ba9d0f8ec062d7ed07fd31f176e6e49a4f21159a21500ab339766b8021a

    SHA512

    0764d164980d3f2b8760671cca97409949e35f6423ce6d7239ad4a5d9fb4847adc8cb2303a3b9b6497340d0d56b77a3448e4a03095663b762fd864b2f5fa89e6

  • /data/data/X.God.X/files/PersistedInstallation5629233191819231826tmp

    Filesize

    90B

    MD5

    485ac0dbb64e9eb2f7c25697f2df04c1

    SHA1

    490bbad1d0722ab2ed1982f0939c46b92c342551

    SHA256

    be66f6e9ca7ce257763e6e6e1af9a24ab356664e4d180ace0db5c2b451c35179

    SHA512

    4ed3d931ce045ffd5199c0b7108f5de2e676ebbbc331dcf7a02e9736373324e06a5e4c1a23280928a7f6937d64e86a5e438b839237ef0d9c652dfa6a888d364d

  • /data/data/X.God.X/files/PersistedInstallation765471328823815679tmp

    Filesize

    569B

    MD5

    d9fd179f2057ac305296a99a22090eb7

    SHA1

    a10df26fa0dd30fe6051460539e4fc6e97712739

    SHA256

    122ef1bde087ef7df66d6b586c68ba176629dd9ef32973e251673c7c1a8e19f1

    SHA512

    c094a4aed5be26905ce0a3f5abf35aec6e0cab9782666ad59edff2968fd2b8886183364b2084f6fbe7f03c68fac048d7449fc8de5749119bf38504a5c1348c24