42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6

Analysis

max time kernel
20s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
08/07/2024, 00:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.8MB
MD5

6bac095ca7c3546e1764695f9c09474f
SHA1

5d729d4f4fcbc98681ba7b1478ca89b1131a0d8b
SHA256

42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6
SHA512

0bade827030293dea806ef2a5dbd31e37969759898d6541c82116281f7b8f81f92155618df1fc4743885359b487937381f225274cee60c7ba6e8cca5f2aa2ed6
SSDEEP

49152:Eiu3F1J72GkfbDVJZYhXnT9/gHKPE7Zi/cNzgLNNGjCYrHPgDf79:XYFvaGszZYhCX7McBITk9I39

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4623

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6d68b465e2b30eddabd96850c06cb99e

SHA1
042b49a250599bcb7a748a2332cebd4099cd5f96

SHA256
61a2ba4d15f30355ed1d9531a772ae2b8f1042a52e1ef6d3f117061fcb96157b

SHA512
e4f7f144cf2f7f4e31dd07eaf242954654b01d0c4b59fcf0801017c7664349c46939fddd77923662673ed6e66af25316343bc0fcdf2503af63557ca7cd46adbb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1f32ec80d65a6d6fefa3e6c8800540ba

SHA1
b89017bd62c1afadfc2283f54931697266b68f01

SHA256
88f4130915f3a1c871a5464e508941d85b9a639d4cd811277738acee5c7d6b9a

SHA512
2a29a5f4efd8aab0fb5da128ba6a03ee174f1b51984089d6c9c94491300936df19b18b325bdd0bf2f38eb889848b87ab3fadb64e1afe7df3e52e9790f5cff710

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
825537eb90d8cfad9d248c689f729d3d

SHA1
63404b516d251e38082b1057dcfafd122ed04830

SHA256
346a74a9aadddc72ed48b76ff8f8c0dee35934c0ac2f610ca5d9c69db13f643c

SHA512
6aa96b3adb63dd8de73cf5c55f639f687fe6e8fa5770a6cc5a4c2907b38d4a1a60ad3f0a4617066c1b6df0eeb1d7b7103f969aa3ca0baf370f7f9907b0fac3f8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b8ac3db287f0c770566ce507dea82c63

SHA1
043a541efea7aa34fcf27fcf04e1e055c918f90f

SHA256
aa6810ca2254483a54750014a907fe62ee5864ff143bd550233f368f5fd0bc30

SHA512
53fcc4b31b7626becb3162f745dcf4308770c260dde898b3d1cb41592549cbaabb094d422074ee75990447ab47dc65a24852772f97ce9162ba639c838d38f1bd

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
eb256e14c2b6500eb1235cec9fdbe7bb

SHA1
a14e3f1d8c210850e7ad4b387c63cb18cc0cf586

SHA256
b379eb4e314e4e157d9584d8854b9e4ed8a831e2b0ab001c79b9b4020cf2c936

SHA512
8e7bd76d0c63b9fb016d7f5d8ee1734002b06bfe3f6bf5a2b116a5ae1a030e8996e913fe50d0612c20b26b55933d883009e1dcb033e1d753db1626aa84932087

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
a458a960a6ab14f15bef18b819f4fc89

SHA1
c3cc7942ad7c36822623c6cd9c97205996506f9d

SHA256
558c0e4efef41588f2a1aa30154da92ab943648289716de25de5bcaf3597a049

SHA512
f45a660a2c7cb228681ebeb5260dd85675184d02919a78c5fa0e9f0a78089fcaffe9f95bf32aa39df3f454d883145f79fece0af633ebbca4c4c53049844cc2dc

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
4d46f3d379e56500759755bd7aaf70a5

SHA1
fa6dfc795f2513b84cd36645bd2f2665577dda10

SHA256
f52aa16309ca69c002eebc86c6713f873ae64599ace2a033e5b1da287f1d91e4

SHA512
eecfc79ded6700f742d4b4de032764ca74bec9d042b6d596ed147dd434f1833a6d19cda87076bb863c60325a05d1d72d3ce6bb2fc37515957b29d1a3d283fdc0

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
72a4c9c68eed91d75daea68058ef0a11

SHA1
b91e7d4a94fc4ecc1838e328c91b5e82352139a0

SHA256
51489c6bb690ed349db647534755680b2ed20d5e3d7f0fdbc42b16e96c9d9295

SHA512
1a3802f3629ac2abe1db76f0e06225de13bcaa84fed140ea2c04274f1638f1b999c9df56de113c340eb4da6b56d326c7686742b22fd594465c92645360ca4e47

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
81b0a7a18386a1d3023fab4390686456

SHA1
84aa0e98c179a0599bf1f5883094189f4db7e5a6

SHA256
f92132ad932f26ca7b2a4a5569aa985bc640d9c84ab7213c4c4af1ec9610a026

SHA512
c75b2746da0b29ccac6b66706411e30b4c9e034ba8a30ea4449964dbcad4ccb3ae312846f7d344d6a786a08123bf3f2151bf777578f26da33cc0f114ce41a037

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
00e604e58f1e2a39f487dc3cfccb5508

SHA1
60017356841992fa298196e3f3d6ec271e9fa21b

SHA256
9fe2664fd8bf6c2751d564e7e11aeb4686a04c5ba22af8f2977ce5b971be43a0

SHA512
0994542fcf50c59e933a9900a261949db5616876f74c74cdd751a520f0561fda333c37a05d1f03cb3a00ba01eece0e576cae62cf0810c2e1a550ec100c012f84

Download Submit
/data/data/X.God.X/files/PersistedInstallation3092712713336222063tmp

Filesize
90B

MD5
50ec48a1bfa6cbcc425d6f8ae3a129dc

SHA1
fcb76b084ac1dbad66de18b51e417802797c0000

SHA256
73580eef62928c39e63107328b65b316d5c553ca5a0623d00eb4aa6a8eb51287

SHA512
407108c08e73559aada313d3cb64240ea4c0c8174f75bdcc31ef5a0223f74f73357b18362b186eb4fb2c5f35492142a5e72ad2e805cb647db05b190b0b60e599

Download Submit
/data/data/X.God.X/files/PersistedInstallation7793032041066112759tmp

Filesize
566B

MD5
04ac296c19c1a635e34c7adf7e99fff3

SHA1
d94754a037c82a625217e0ebc972ca62960404e8

SHA256
f35eb0e421241b7196aa1f817573133e99e2e77a0de197b91df52c98d03b94e7

SHA512
f3973ed9b2ca121c5ea36c9a9986571eda7a85b9fa8e0994b1c41dad8a0265dbc4a74fd548cc0e5ff2812f140a74c09232214b512eb39f8e9e410baccb8e1b7d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads