052f031ce3e09e967c021213aa028585c5157c3724bf1ed36eed488b435585da

Analysis

max time kernel
104s
max time network
130s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
08-07-2024 00:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.8MB
MD5

bc03807f90300ed384aa3fbe462b5819
SHA1

d7654d4cd34105c704288b378d3ad708f0a0872d
SHA256

052f031ce3e09e967c021213aa028585c5157c3724bf1ed36eed488b435585da
SHA512

6b7c5d1b3d6d134dd96bb59665abca96a65ad6a2edc0c301c574ec1cba1ebecf4602395a97c629655772f58ebe22bc7cf0266cf71738f6da6a4a8552097a4ad9
SSDEEP

49152:7PSe9096pV6rX+Q1VpBaHoIkoo59X9SABZ+nm98mFBXAwtWk0ESkbU25q:7qe9b2rX+QFMIIkh9tSABAngW6rq

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

Processes:

X.God.X

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

Processes:

X.God.X

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

X.God.X

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

X.God.X

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4475

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6bbcde013712f9382d242ddd30dc8b28

SHA1
f46428f42819a499ce877d649c7d1c8592e69e05

SHA256
5c0acc069d8fdba192eaa31016818c5dc3e07a157fd4d90b63aaca920811cd15

SHA512
8f3737f18e255689eb14a727ac445c3719b23414d9a9030b274641979a5f42e7a8dce965855d70d744278b0529d8743000b2452d9223ae7bf6c6961f6ebdea8e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7c8cc0697dd1856886be2dc31e932d07

SHA1
50432fc9f4ec0f87f63c2f38b9612f55fca8d111

SHA256
c3bcd61d422a5557bc87e0edd3963e1dc14b10050c38f8cced8adc6efa6b6d61

SHA512
c993c7a39208b38792ed03ca63b19493c33d3efd523cd6b4e44aedde222f72b8166d1a97965f2ab69767987ba6fd1b96393b761abeacc7150de70d2039c531c3

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
238f277e6550e8f4397a39f7fcec7dec

SHA1
1ef38630d0a57728ed160b3a9aa962da0030f8fb

SHA256
6ca3a6377aa1a12c247022aaf525edd7a24562eaf9ca7f01a854b87fea0f560c

SHA512
2a33363660da298034e169642e141ad0c265ebd5008facf833b72547e540f2e31e7afaad9667f26aab91579513ce971407c008e2b82398a35778e44b5cbac2ba

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0ff082d4203f49841a4a5edab100b92f

SHA1
732d3a429bdef1c213e9fda4c9830a4edf177037

SHA256
12e4a30d11bebe022caf7e49fc3a876a32c910bac8115b061e40f6bc25c5b0e7

SHA512
67b2402802150f2bdc07e0af1a5aecf8d15ca82f35c890384714636ea30ab3acedfa55d179ccb496cd982c366f928ecdf28782aed7cff9730dcf3722543ca7ce

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9684fba46945b287a1bc14f2272a3b51

SHA1
ae5d9632447cc0522f8051bea6362dc263b9e7d2

SHA256
10e4ac34e5744b36823b7a004977f65f14fdc7ebf1a24e2b5b4881b53813be5c

SHA512
161f787b73cb2183b2f742470f3c6fd543bb74406b71cfe327dd9ee0a1e994dcaba35226cbecb5fb84c0dcec9eb59d83430857e0b8bbe58c1542af7188543dc4

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b8460bcb5a6825d17bbdf985541fa09d

SHA1
a28e49a75813c96ea3cd972c5f4832ccdec5b1ec

SHA256
0f78bbf96f4127061c7668026c1271fe306dcacefc4e2e64a2f9edb676815aa6

SHA512
2c271d85e271adddd9244e9e531476695fdeeafccb35fbec2075e04c88d7da56e49b1b455bcaf1a7fec0de1e7e2714ff6b6affaa369550c792b9c1595f49ceb2

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
6daf3896a7eadc736957101850a6820d

SHA1
22115455524e64d2d107f884d78cfaa226a143a1

SHA256
84b6d7a650767ef3e69df2d8d4b54e3808829f7846d9dc68f1939bd2295e6e0e

SHA512
08394791f6aeb9703eac99b684ef40753b14e5b6440d15787806bc95801232518894d3f43f2e84adb26b3ffb8b912957b255cd21799ea48a9be016fda2c6ae45

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
42dcbaec6ed5c50ebf2e76f020c76dba

SHA1
86a088ac1ca4d9fd009fdee2c24a161ed6e3d732

SHA256
895506b44449aefea647b74624ec5458255a4ee38c8c65b8213cae37d1317650

SHA512
47fa30d3b51ebf36e9ab28496d95dfedb8375858b9ae49c56e92bce4bf696b2058c2094f390c73cde7336d59dbb40eb30361617e7f3953e549483e4cb4202b2d

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
081bab32312fd108ccc9308e37d86244

SHA1
4523d41480b67bf5ec6952528bd53cdb7e3f4ce0

SHA256
957b482adbee6746bcc6b1950fb1699d4c326920cc59787c2d1f3d2fecc89ffa

SHA512
267a2a508dd81be614336e2e177f9aa6bd281722d5f56159e0fc18241f70954b268b7810d80adc26b18b95cccf8cd94556f80dafa7bb4f72dfbe1f7b1fd99b6a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
4415991be7de830444e4bb7621df6992

SHA1
daa438271ca0ad31ea8a5cd5dc3e31b330e5a6eb

SHA256
d386b6c8621301b8f83dada6ebaccf6838c01aa965762f5654e0d7843264cf57

SHA512
8deb3e22b171415a1301fa291f2a5aa11f38dda8b1f3bc7b49caf15f9c7f98594a6202ca301cd1ca831ff8401a7d626ff5a3b45f9f6c8c844cc1024a8cff1590

Download Submit
/data/data/X.God.X/files/PersistedInstallation2599050710792779474tmp

Filesize
90B

MD5
bd7017cab63f0681a126bcec30f63642

SHA1
2b4a153e15275b06c0a8c31654315d893a6bfe83

SHA256
bd09d4bc0f2e75402d13aa62c94f3bbf2eb6c9b60c45b9856a14547aeabe81fd

SHA512
f9494c42faf62f75c285dc201f18a29ad2ab7025bc763dbbd7df517613f8521f1601af0793ea96ec49c7480c3cee166a94ed414d7e1ac4b3331e43881ffd0a55

Download Submit
/data/data/X.God.X/files/PersistedInstallation2878898819912501365tmp

Filesize
569B

MD5
789b7f4de0b91cf2ff843e83982adac3

SHA1
ae07fdbb867f4bccdb78fe38190ff1a16f8d5345

SHA256
7f1000f7e655ac78409e9ec4187a376ba0c31a52147ea0310029b7b24d92d61e

SHA512
c71df52cd1ea5a9bef5c0eeb4b34e1eb2aefe05a7706a00fdd9dc10814e232a479e63de6ac5f6bd037211302544b64685f50bb85cabbe7aadf7b6bae532a0101

Download Submit