b0b006464c4eb6ecc09ebbcea91f56822f97bab9d8e4341d362ed94257c76aa2

Analysis

max time kernel
30s
max time network
130s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
08-07-2024 00:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Edalathamrah.apk
Size

3.6MB
MD5

137051f21856123cb25530994883e1cc
SHA1

024bdee3a7bec368a8a460ac09e07e361776451a
SHA256

b0b006464c4eb6ecc09ebbcea91f56822f97bab9d8e4341d362ed94257c76aa2
SHA512

4579cbe55dad6ad44a14b166124fd047aca37aed136258dfe5d976a27e955239568c3091f502fa4d7b11b3136a99e453b99508385812c373f6a74cdc6e2b8c0b
SSDEEP

98304:OAyaNOBvwbNZapFvjvyjJUy1lDB3uQ5ZWqyOSvNb:8aNOFwbupFbvyjJlfeQHWqy3b

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:4515

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f5101f42b688f0c0df46e8fb84da437d

SHA1
5d69e34a06495ddf01fb6adb0a6d12cba568c62d

SHA256
c3f77e63d49ffd76b4eefd74786edd7f5a61226f5ebfcd6a8b5e9acfe9fbcc4d

SHA512
723655bc6bbb0fbf8d5a6dafb3cd74816ebc4b0be47b92c93fc12c5569b12859734a37566a2f63307ca4f98d10f87039fd82f40f62e72473731b1a6e1739204f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a259c8009b6ff81334e94a14ccaa867d

SHA1
de3a4f49c7709d98c973fa4b2a580067be56b020

SHA256
c203cd809161fbc2b4465a992930854e482c1bc55ad83361ed3fea3d1efd5d28

SHA512
1c0d7b8c7e5c76cedd0a45999b57253d948e22bf51df91c8d6015b14c9f158f4d85cb9285145c9eddfbb4610cde9f05d5ea5a479fe317fc3eb526eb645ec3a08

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8214ae215c4cd5b433b741552ab85e62

SHA1
438fd3e7e9651d46c5760a324f439e0c896bb3fc

SHA256
49d93ef3f5eb9ea5017431a85304d9bb19d26cbe1d721ca1cf3a63e96aa74def

SHA512
accbd84f6f24671e620dafb8faca42dea119b47c19246febf5bbff9c7dc202ec34f4563a9fc703c1ff3187b8f40f624b786bfcd94b4aab4d0b9cba53264440a5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f76eb886cc0d90affe907692b921e178

SHA1
25bc673a53ae5a0f58e4575084f036b7cd3d87ea

SHA256
cc08651fc2698acf4d90f0104a51274754f0b5bfccf627164266a8aeef66ccce

SHA512
4ac588fa18ba2be1544013fd05c3a76ae8dbb8ac09f5cf280f1a07962e03a586c12913d75b4b64f3b6bcbba0a327be129434f3a8359a1bf5804b0f14187f1ce9

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
53aadaea753d27329c1cc0a4053fd56a

SHA1
4635dc8aed77227c7f6b4bfd73ad7fd241bd4c4a

SHA256
c42ab50595a71e0babe96f2ad16663d42c580c4ed42cd9c5868734c31393fd96

SHA512
6a672652014bd7d7ba0dcb4226e9b0a786e2671bbc805c8185b472a44845c93a69428ea2e21ba08afc25eaf93ba5144ee4572c20b50117d56fbeab4fad48a2f5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
7d459f011cfff0f598a3dc7d86d09ab3

SHA1
275e4d66c552e3a116ec1395814d98553c5ddb0d

SHA256
e10002a1774b390f7476920f813f1d1ba8c08f1ce4b789fd09c1b215cb3a3cc3

SHA512
0c8f8908c36572c2e5c9238fae8a0368ecd9e8f8c4ceee1b006206e14182a7373ec41271826b62a51d674a5f0c7f6cb13b88f777501ef87e6b2e1e1186d96f8b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
2b8faa85da50aec429ed1ef1d72d93fa

SHA1
64c048776c1df078cd162a528da910689575ed70

SHA256
9683fd538f5f216dace0e91e8a3010b49f9f14d7ed4200fff5408b0fa091b823

SHA512
851ad77fbdb5599f4149c41089e210fa8f42d9ffdd98d25e05959b908642dc6e2ddd9d59d4c2e922ac16b69b42a7e3d65d38bf0772f181b25890f0f4890499e3

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ef8d39916bb31780a4dee0855d0cbc26

SHA1
e998fb0d2ca0c745087230db8ab212cbae1d23f8

SHA256
b887e69a2a8a155e2db05ffdfae3c93b163a6bb5681112b43473da11aa3c135c

SHA512
1536c9c7239940b3339cc5460f5f305ab73bf43ed128c79c397c543e737de2daef5932a8f4a7597fad2841eaf4395ff41eda0713369ab3da9009bf30020afb90

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
5ef39c964b0645d6709f32163f8cfa37

SHA1
e713d4495817a786010abbef32ad03619884ef1c

SHA256
ced64aa85edf2d151222f366bb20201b071554f9e779a9142c187c58b6d791c6

SHA512
b604ca51da2562d6f7bd5abd6af30c680bb6ca628b0461715e92cacbec8fae4d5e99664dbc27e4b2f35b9e4162a9a9ce61bf1628f36fe88036de6a7c02952cbc

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6b56263dd0e252bdbbf5025ad99ce72e

SHA1
7b2937a9a3192517b19ee6843bfb89c235a662c1

SHA256
5e5ac69e4d99225a03686ed569e403ca74512f75b77968bd23cfec5d174ab22a

SHA512
69a2ecc510f8a3cf3c493b4049bc582ae222b25a125152a55dac62210df2b60c072482fe99e22f464c6cf8884a1edba01009c2ffa5c98f9ee823982a6acc9185

Download Submit
/data/data/X.God.X/files/PersistedInstallation225743314769887378tmp

Filesize
569B

MD5
d646f5462b4e834783f89d9d35d94f10

SHA1
b9dc329c60bde60ba455449a3fd941bbfa3dc363

SHA256
9d5c82a64a3fe30f5d6b58ea9fefea17cb7cc138681efc90a0eb95992c08cd40

SHA512
dde877f15c28cdeb6e5ce05275f1516980fd6e006997746bfadc3d0e1344e186381de7d13be1f629e728ac861f4740bc6eae49fb93838237ece27b44cf5fe55f

Download Submit
/data/data/X.God.X/files/PersistedInstallation6792748833865075658tmp

Filesize
90B

MD5
efdcd82108fe510f8405b8ba9c587428

SHA1
523ca561ec26ad43ff1303a24722088afc937d0d

SHA256
c3f9ecac9fe2f2e392e85c235afe0da854b9ef712b2a853c63fc53f528950aeb

SHA512
7d3d24cb9bd5163d21632e68ae1a79469bad20155d772866c4c677844c325ad6ff30300beb6d5a2fbf1642b0d7018716eacd7fca7ffb770d8e5f0b1b46d5ee0e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads