b89ecafde09182f1b0eaef752d5a146c465e49d51840a9b571a63d359fd5efdd

Analysis

max time kernel
134s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
08-07-2024 00:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.8MB
MD5

ff04ad3b47d9b71753545bc02dc8c33e
SHA1

184b7979dc29ce42fcbbb033671fb928e695331d
SHA256

b89ecafde09182f1b0eaef752d5a146c465e49d51840a9b571a63d359fd5efdd
SHA512

6937975030162551b38e8d91a35b175009be470d66eb30992a460c3c9275f16e8d58295a7a20cc5e544cfb3455ea247d3c22dc6212d791de06c4ea6758dd9d6f
SSDEEP

49152:mPSe9096pV6rX+Q1VpBaHoIkoo59X9SABZ+nm98mFBXAwtWk0ESkbUxpP:mqe9b2rX+QFMIIkh9tSABAngW6qP

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4506

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ac13b943e00f07fd0344446f889eae65

SHA1
ab8917b073036c73736e4b755d1be4d0dc4fc964

SHA256
59f5e887d2dd513214ba68ae89ebb5f538d40fd16ba9ac26fcc53a3afb5e1686

SHA512
fe868fcb80a18ded461fcf5977dd40f05e8565f0aeab302bd7379b4c71dbb0a84600e3fa40d5fea2951acae68956f8ec4e68f49ce59901cf3550cbc8d65cd2f5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a72cd1a1ffba708d652969da44518e8e

SHA1
5443cfdca9d2ff5004e795369f4a22a0175f599d

SHA256
c7831eb16f9e920432d1cabab04e34ab3f4a74be0bda2cbd51a1f55307161438

SHA512
07d3e05024c220e7354d0b5b678e71066f0916eecc11a5f3361af5eea165d07ef48cb01ec4435e7798d4e0e4b23fe49ed9a64a9deaf50149c51ed57bcff084ce

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
406d7cd80cbf19bb491a5de84cb02ac6

SHA1
8bf6f08cc591bd85d38f91ad7df1dde765ba38bc

SHA256
4a1099cb7228e20465bf7d9cf6e1bf51ff6c27204b443844e916a5036c0ddab7

SHA512
0f519193cd577ce7e664a985c817e6dcf04d9fc01075f71670890bbd20a72b16ef9d50ae06d0c43e99506b23f325c00152e0f8c3293c5546ce520ee031835e77

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3b0fe11fd70608ac8e1dc09ec60bb246

SHA1
c09931adf5183af144ebd7b031a620cf2c66dfd9

SHA256
1b834813c5bbdf9a955df521b5609a93158227fdb14f0f6e95d3964af2ebffb5

SHA512
6a5f1ef493a3f7a49a24083b7147b95850d85dca4c8ad88187a2732d17cb3315963b73ffb2a46a1238b829f747cda22e3773e030f04130ff56d2787bf6368ecf

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6dd983d99b9ca629ed2994ce5c103c7a

SHA1
dc70ae8ca78f8ec701d82640cf60e07fa6cfef33

SHA256
d0da5ffdc45f140b394411fc61a0afe386d71b61e0dcc84a5b014dadfefab8b6

SHA512
e618c2cf343b0497249859e1acf8b1f138dd5b449ca7da0a13ac9fedb8b06e8f75da36981a28f9d8ddf09507645dc6339de143900406f9bd117c6d2178478940

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9de79b84c66d104d4933f32b6ffb98ed

SHA1
0c5c53c3fb3aba021f71a24905bed29b8e09fdfe

SHA256
ca2b8a2c26d8d6b73ece8505fbafdc927942f608c2cf9b0f26602f45243dfbff

SHA512
14fd2d95aec4614f0feb2755229c80203d8abe1593ea59cdde8adf826632e8d39da9800f89fdde37873a0ceb1f4a065ba897fc71630cc27822e577bdef2af764

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
e49d644c530a1079e4933e61496b0c99

SHA1
1433b8dbcb91540ea3daef2fd341cc1937673654

SHA256
98068c0d8cc7f54dfc0107d0d635ac69edfb950e6a9b53447c889c135c9d0a86

SHA512
5d9ddf42aac99f4ce34e94ceabc758cd79553c62b17b6e785a501953f5b678e0297b8b076eff03493563e35377eaf8ed687de334fa3f9ec80d516b5d43ea9dc1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
94021849d16bf9214d4d706aa6a47419

SHA1
d4c538123a963ebe7fbd42ffd270a3e8417671ca

SHA256
25d0a151a514c71b3e69b629224e35cf4f0998ad1677aae722ed08b58827f027

SHA512
795c3d36dbe5bb85f507590ec7d1d68e4f41be9754739f16bb33b8a2ce412743b33a2f0355526e4ea4a050fab20d076bd47a4d51bf755f9656fe6557b933be8b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
255ddc9405e802552f48924de9857519

SHA1
b7ccbf83868dae14183e9fd58a7d943b3ddf480e

SHA256
fd5b7e906a86fe88276f368483fe90e74f5523fa93081249580551a17fc0cf4c

SHA512
0dc7ee1033a222d468031bf8b25fc744f305b09743f16ccaea9a9648bc4303208fad0c4abf224549384ddebb79b2d5ce08d2e1e9fdf31ed5cf16d32dd2c2f6ad

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b80f3d885b9f74b190671660022195f8

SHA1
79ade8a41c836bcd2ed6caef6600c7fff7e4912a

SHA256
005dc988384a088ef29cbcb5c6547cb820d2684f04a867b6cb30ec8b533c76e2

SHA512
21e70d7056daa8739dfede2d242115113383e7d11d42235c6ebaf464cafb69cdf33a8481c7d0439a15adb93325d7def825933b5e82b0bbfde5b1ea7e7ca39f8a

Download Submit
/data/data/X.God.X/files/PersistedInstallation6178452778439230044tmp

Filesize
90B

MD5
b835fc2a4ae513e2fdf7811171a356ab

SHA1
a87ae77d4c9dea869699d533b8bd8fd2608f5884

SHA256
dd14b5378b2099c37a63b09bc1ec4d915c287b8f23eb0b6d29c9a85fe314b036

SHA512
26ae5162969aaba5efe913d1664d21b8af463e1e2086c7b5bd7efa7c4ac270524af02c7f5befa74a48c9a78b5e60c13fb7ee4065dbedab707e990cab4c1b4f6b

Download Submit
/data/data/X.God.X/files/PersistedInstallation6855894786756254205tmp

Filesize
569B

MD5
2098d791280fe9377889fddc6b9e73ce

SHA1
b06ac4f33907de3745385e213dec963bbe5612ca

SHA256
6e545dcb913ee619337d457d6adb1bed77e92792ee8a3c9cd7d6b3b37cd7b3f1

SHA512
1b6518da69762a124560f57e02736481033adcb52835afa6c0ed3d1fe296799466be2fd10fbc3a5ed36470c2477f2c4071f56225358c987af033dee427c519a5

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads