b89ecafde09182f1b0eaef752d5a146c465e49d51840a9b571a63d359fd5efdd

Analysis

max time kernel
19s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
08-07-2024 00:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.8MB
MD5

ff04ad3b47d9b71753545bc02dc8c33e
SHA1

184b7979dc29ce42fcbbb033671fb928e695331d
SHA256

b89ecafde09182f1b0eaef752d5a146c465e49d51840a9b571a63d359fd5efdd
SHA512

6937975030162551b38e8d91a35b175009be470d66eb30992a460c3c9275f16e8d58295a7a20cc5e544cfb3455ea247d3c22dc6212d791de06c4ea6758dd9d6f
SSDEEP

49152:mPSe9096pV6rX+Q1VpBaHoIkoo59X9SABZ+nm98mFBXAwtWk0ESkbUxpP:mqe9b2rX+QFMIIkh9tSABAngW6qP

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4250

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5a5c2eb676a2ca174db4fb3028285b71

SHA1
3f5e3886f3bc4a1cbaf1dbf62bcf2ac421a4a357

SHA256
f9a4de4ca0fafe1243abea3e7c3031a26c52f0c05797103e44cdb94e46521684

SHA512
01c8e97e5339f8dd8d6b9fe8c9698a48ac974e148bdac64da2c2e5485abf921630a5f5138fb67d02bf0dc94d978f4eb3a79d526a28913ecbac512bcedbc715c8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
db15998ac9023754dc447951b791f1c0

SHA1
dd768d724f92677712d3969a416c25aeb60bd256

SHA256
846f7c179baea839aa31257e212b5a2c5a5dec0582aa2a22ce732df18f9b2114

SHA512
9d6c23537d99a97ea9149d2ee52498dc090d25a13ca574d9f8adf126bd64fceda83c0d21e6f4c967ef793b7d3b4f08bd480f792a176f3af548676b8ac9f6c41d

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
058ee7571a0a0bc900230aa502676e82

SHA1
12eb5914493bfdaf143c2c8375c92ebfcbceafc0

SHA256
f450b4b12b95e7d288dce19585ed75cce4d74056f6bc1528d2c5015c2bf196cd

SHA512
0119fcdd5de602270a65edc890b56512e9c82d7a794ca9d280d042ae94f7fa908d9f4cd075cb84e4aa93f70507c70ca989979953bef84dec800bc2bce1f2475f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4577411ec133f75f91f33af6ca368f9b

SHA1
2edc56c8d1d44d8da526a93691fce1db978d0efc

SHA256
45567c1df776cddf7dc6dc51cc20ae22aa0891d6b41a2ce1198c507fe64a4567

SHA512
10248ef93ab03f3ea5f4ce67bc71d3a8ccffc8d4c89af907f2f57231436cb98d74f6f8bd290dd40374c8f225dee269dd3637b2e9e3b1b8a167a59a5b40ca130a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
c38a16118ace7476a4c389b66e248d3a

SHA1
9866be04231c2ef433c7efbdc501840e9067250d

SHA256
79fbc12c4e565d430ad6fce2c1235ee6f44d7e0e4374b012cb14959373a2024e

SHA512
0fdca415de97a981aec6a1e3535659c9864a911229ad4828ad5f142459b13bbb998d3d57d5e22b9a481ac95be88d70083418081cced5f15f21d26b6de214ecf5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f4db96d2992fcae1a006faed63287c87

SHA1
10519521dad99d6da5c9773c7835a94405b6db66

SHA256
b4a9aee72741aaeb87c4346b65fa416e75d1bf8cd93885fe2913c21e3a284c7a

SHA512
02ad876e4d954229ac27296ea4f7da61fe4f0ddec788a0b344b22c419a7fe609bcef670097511cb40b0597b192ff09a3c2e06b259af1c79002ff38298c2c8768

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ef416ed47822f70287d3f8bc2c00198d

SHA1
b3213bc1a0a47ff0f9fa305e5e8546fc501779af

SHA256
ba430f8453db385f3a99c7cd3bfc020006d22e819e04bfbfe744fb20b74a6919

SHA512
bcceacee35934e259640b054878800ba419589502f82e6396d65e26668c9075c318ce1964fbf088854b4d49e3723e86873a3a4b259a7d6e2d4c0ab51be0deb78

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e1274b9de1ef2a16f5d5a1c69ad9ef52

SHA1
ee5d745f1cd91ef9d5cea9cd89b10ec06ea4ab43

SHA256
86e9b98c02ddfebd3420b6ab49233ee6375441e721d40f554124e6b8014b636f

SHA512
34b35326815704bbbb04706a45cda11f7cd976a90af3187e61a6eec6e5e17a133c7ffff61f5ea08bc9f20bcf9e85051e70688260f9fd329b528f7f5595899550

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1dd3de56131ed1808c2045c261d35601

SHA1
184af79e3cb8bc22f7d1744469eb31b45cefc6a2

SHA256
7cd59a9055a009ba1e96aefcf8036a83f5e3ed58c2a6158880de831ed7a46467

SHA512
4c389199439c3227869d68ed0f2dce05ecc5810c77670321c896595898628154bb4fb39aed3c356d87aa6b6a843a1fa86d066ffe813d3c2b29181f3e2ae02908

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e43f942439b4845a990c1d756ea42c16

SHA1
b5dd73b5594e1792a20ce6e5cbafa6494bde2a9a

SHA256
fe1bd205f3091870c4817ef34c9392e561aecec6fba319f9e13528153005150d

SHA512
0649efb787b09b0cb1f0fd290107dfd8ee8a74e642cad66246ca915acc0b2420e5b0bc29fc6d91d8a6f1a3153bd2284455a963158b4ff324b8a6732e50e911c1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
4c98fe474306f5af88c13aa591d64f05

SHA1
83ca8323735a2604ff724c4eca106e31f742e00a

SHA256
90dfa34e528e2fc95f26252fe6afc44927378b55d4d41243e3e9f80d04129043

SHA512
3fd381342457fab0fbfdf8a1c7dc9333a8962985ed59934aa98ee519e1141f9a7f22cdbafc820a814fdda131e8603bb57083da3f43ad3f6034f977a2201adcb3

Download Submit
/data/data/X.God.X/files/PersistedInstallation2414160169941785562tmp

Filesize
90B

MD5
581ea04a3a05d6fa35b6c06f15e87583

SHA1
fe0b5639b668adba60e0bcd075ac02d58d5f9410

SHA256
e30b849e077b4b9ee1d9f5379d562b0eae8f56fdf7c478a52e8e0ca41b176ae3

SHA512
b5abc543938a9c2ff56f1bbce088df1038d94e38da53fc430aebaa94ab49fe4773a7c0064d5f509229627ba25bf877179965d99952f6777f2acbfac43ebc836e

Download Submit
/data/data/X.God.X/files/PersistedInstallation4019345683410782546tmp

Filesize
567B

MD5
e22e825311648a5b096fd2e94e6dea6b

SHA1
328e06749c0c8a50c1b306b6d1710b773688ac41

SHA256
14124d70655f7fbbd582253805376c375f4780d05dc1445cfd3cd8d6757cc7e3

SHA512
d37d34e54e98f54f40c70671474a9f2920460d4bb282b8f8fa3df48eb8b7cd8078c2d5a57c7662b33ab1116fc7a8ed170a8457a0183b2b79bdf42b1348ea9a96

Download Submit