42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6

Analysis

max time kernel
20s
max time network
131s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
07-07-2024 23:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.8MB
MD5

6bac095ca7c3546e1764695f9c09474f
SHA1

5d729d4f4fcbc98681ba7b1478ca89b1131a0d8b
SHA256

42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6
SHA512

0bade827030293dea806ef2a5dbd31e37969759898d6541c82116281f7b8f81f92155618df1fc4743885359b487937381f225274cee60c7ba6e8cca5f2aa2ed6
SSDEEP

49152:Eiu3F1J72GkfbDVJZYhXnT9/gHKPE7Zi/cNzgLNNGjCYrHPgDf79:XYFvaGszZYhCX7McBITk9I39

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

Processes:

X.God.X

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

Processes:

X.God.X

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

X.God.X

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

X.God.X

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4642

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2a5f367cea9c1229a343215b2dbb715c

SHA1
e31331a32f83d39df4b801c2a921f01a825b56af

SHA256
c454efdcc14736ee93c61770faa7997ca4af70c1248068ba2e570795c1ebadaf

SHA512
56aa1ef1dd329d45ca7005e4573d0695dac09d8b9a369556dc8d1510dcee2535917fa5d8350f4728228ae49dddfd12dd905bd5f00dc523cd202da5177d44345c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0ca06084d17f40c9e286ee0c498f8725

SHA1
3bfe8bd07ac0d9b40ee0ffbcbdd2005b430c486a

SHA256
7de71aa261de9ca57f6ed984816ae41bf44f19fc0190e0416775a84d564a77ab

SHA512
e7982769475ee9a33816792302b0475cc0ccad5a16f179338a5526d0e094b4574ecedb123abe0a6d96525785affc970f2d8a42654d9d440ac97553e5538218db

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8d11af925f0e2acebce378daa87c149d

SHA1
7134020bac5763bb797f47924ad811a1da02b4a1

SHA256
88b9fc1756425bab41f631d77a205052d2b070e4a31bf0062f9c50e3fec57d4b

SHA512
d0924b4275656b9edc21a6e1c4c452654c5590aadf65183ffaf25ea06d96b975da84ef51c56f783067c1768e972acc4a88f1ed8c45d79dd762741bb7904718cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
39078c3fc694695ae250fa1773acd0b2

SHA1
c5f86df617c25c789d85b8d90e1389f58d12a1d0

SHA256
f20ad46115c1f33a7ad1b579143b55481e6c67548e443ae6a70b1d8d44ba7d7d

SHA512
2726c54e10f95924c9d1e50af77a4a4ac65206624c028e09a5f6e9cf71b4de541e8c7d877b87da035453f09d4ae602ef9ec4219f4ab0e0e9911e207f1da7f2d3

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
7f095401831f837755aa782b2a1a53b2

SHA1
216d1ae20f56230e94b350f3c27475cff0dd35dc

SHA256
466aba56a50fe1d65ae164121f5cc71d3704b1a60d41d552d7fa338b6eafd7b5

SHA512
43e171b077905801fcfd13bb2ae1c10cd456dd14c8904e147d531d5c14bdf8bd773636056c4f40ed718ff455aa71125bf2b2366e22d78ea234cf61b70eec960e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
2ffa8cc1c9654fb6f3343a1a2ac9749b

SHA1
3d28a9755e8920f6ad95f59090182549208d45a2

SHA256
d3bca568ed88863ee25330a54a35a0c69653fb1500a7447fbec03e3ba35234db

SHA512
a9bf1b8ac12757488b0219b6cbd4eb9ad4df31af4d75748205a1036fa63670bea6721403852db6da54185b67030ca15267773d57844e60e46c4eabcf71304159

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
607107a4b5c4c5e6089cf6225921cf1e

SHA1
1ba583f76f5b5f550ae10bcef72af700af6e6332

SHA256
03d090712a874889dd879e9c93dbc96d580702a7a7af920dd4399f2bbfc182d7

SHA512
7c25c4fbaea016b5a24754204bf2a840df1323ab56912b1db3236b15ca1add71a138b810cc5250a524064580b6012781189f183aa337c6c23b3277a1561c6c5e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8d6086dd885964266b2fbb3bfcdb045e

SHA1
4f8e63204eab6984888d5eb0b6246ca0b870c95c

SHA256
392924c47b6ee09aa022a5347d2ed83e4f193b5cca5569cdf254f4c50ee30c49

SHA512
ae10b16edf8e01b0f2e04985a3027f91f6a3d75cd05b6ab8da992ff43c463e858c40c2061e74eeea12399a5b7c969f9481911094dbecd4b4e1839de4c0a2f098

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
dd4b8a0d097f003b33aeb5c934df68e0

SHA1
4c84a037f89068f2c2bd7a5fb406db1547ecc1ef

SHA256
1fc1a04920a6db7e79dff6fb65c536c0a09ed80bfba25835caa16fbb2ba329db

SHA512
0dbeeb4ccb61f2cf919e4de9792b05c58d3a59c05a97e250db9dea16df163220f2a8e2329251ca2d58c51a01c70f5f3ba11794ed92604b543ef16a807c730b97

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
63dd22c25d66a1aa20d05504924217a7

SHA1
fcdc81d90dab8bdb1b0359191f870a890e3e3a69

SHA256
7ed78fd235b8bcf24b1dd56c571996c137ffac17d46412720398219efce06df9

SHA512
6a237ab44a29c82c25cd88cee6420c42b55d6671a78d3dc4f026ee6e00901b31bda9176b49d5603936e0b1cebd06b2b6cf03332d16754d1ceee2e52e17b0887d

Download Submit
/data/data/X.God.X/files/PersistedInstallation5262381754506598153tmp

Filesize
90B

MD5
d0fede358f2a6c13193a3ecbf0cdd45b

SHA1
5d35a4223ac6666b20edd2d1c83342ce3f3ee5d8

SHA256
66167872ef13a559cdfc1aebc5f477e2dcdda1e8c3f3bc55d4330fde66e8d454

SHA512
4204151ff2bf04e7186ea1fd3224543049132984d73217f857e01ffb025bcd2e50a85b872d5ec58f3ce5529d0e8ccfdad79d6f0843569f22ffdc3d2863f4b125

Download Submit
/data/data/X.God.X/files/PersistedInstallation7427402760250427002tmp

Filesize
569B

MD5
3d0125318efb79032a922f4fa377912f

SHA1
974349da3e35d499a6909af1f99ad260ba786816

SHA256
d80f323f53d4da8b6b5f6ecbae908b12085a85ed2849656ff9ebb0faf0ca93df

SHA512
6f5c926beaa0d8851df959013562712c444f8f81a7c25feb53aac3a0291fd6c9271abbab60c593bb16a51d6a4cee6898a93bc90c44bfc1904b039a65b3cc4104

Download Submit