42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6

Analysis

max time kernel
20s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
09/07/2024, 01:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6.apk
Size

2.8MB
MD5

6bac095ca7c3546e1764695f9c09474f
SHA1

5d729d4f4fcbc98681ba7b1478ca89b1131a0d8b
SHA256

42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6
SHA512

0bade827030293dea806ef2a5dbd31e37969759898d6541c82116281f7b8f81f92155618df1fc4743885359b487937381f225274cee60c7ba6e8cca5f2aa2ed6
SSDEEP

49152:Eiu3F1J72GkfbDVJZYhXnT9/gHKPE7Zi/cNzgLNNGjCYrHPgDf79:XYFvaGszZYhCX7McBITk9I39

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4256

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a96051df0ea47db8da2258765a78d0fc

SHA1
4acc93ffdf58a16994eb1036428a186d6269eb9e

SHA256
17d2edc01a2343d7f302221281dd244af09b3ff5d28a681dde1126bba3dcbfbf

SHA512
e80d592fab3a265c46820d732a3022b7dcb0f0add6ed299091d58be289997bb8bb8ef186571432397dcc2789820282963ac44b20627cb11cfbb81457f6ed6d75

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f307b1a2ec6d25d352a8d8767ee01b44

SHA1
19d64fa0767f2c6c3a25f01fd27f632fbd4370cd

SHA256
28bd70d2e2a164aeee8c723d0d5a21e66a67cbe35de5892782aa1aa20a41b4e6

SHA512
88bce8728fa34c2c73ca14b34a3e282127eff586842f0b4a5d588d6c81ec2a787e2db86ece3aa5dc8076625ff8cd37182ff2ce20449ddff75bd96e4cd7dab76c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3a2223cb7933fd9deea92378b27bd437

SHA1
ec909ecf2391333b439a21f184bdfff60a534e8d

SHA256
966d91739945e3a3991b640eebb5564968a3a24fd5ee9612c5b2efde50fb1fba

SHA512
37a68d3a00396541a1b220e198c1073c992724e7fda1940aa57969dfd69b61b762d611bcbcbdc15b2dc130176fd375113f993a2265dd24c7669c824ae2fd2659

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0598bbc87442454707daa5120ff7e82b

SHA1
0301bf0810c2c28f412e866b31501e151167037e

SHA256
e16153d290e5806bbf8d42d377a81cbd8636ebf63e0e3d4057f26a4d361ff2b5

SHA512
b9a9574821757636642fc219dbaf160455d00c4c599b2478912336fb38beda1459537b9c1de92e374e9b94a535fd25c5d60deb2905f97b7e4a53c3e9c877c6f8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
a5e9bc8f5f10ec7e9685efad22e0bc33

SHA1
cf0fe22a93bdd0ddfe638c3e45fbc121decd1c4b

SHA256
0d99defd3ab5464dd05c5ae0d494a7c1583c91474b8d4ddc5e8649e0dbd960a3

SHA512
b84eedd15b49ef0978b85f06e4810c887c56b6f7b1d6fe63e28883bd36bc511864978407be6a1bf99cec178eb5243072c5fa3d212407e1e0deecf9d1b52ff810

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ada20fa8e55e0eba267985cd5bd5f443

SHA1
6a97e1aac17f2588a9cd037c2f8dc80297cb73de

SHA256
d2049e82a9d4f5c765eb73db0c6a5fdc1452f5a14e521599a472ddba54f178c1

SHA512
71afd9d85a4e5b2cfe22c79e3dcaa3d9bb6b481023b46bab71e981a00653f11f249e365186367ec685fb1c148067effcab43f866293c1e03aab9b747a74401a4

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c2b218b2eb4b75dbc416e05b7b7b7b1d

SHA1
af7200faecc902c6464d05019127db24c0d92b66

SHA256
44d5b848471e7c870e155545e033ec8c6d0bdf309b1a30b0935b32f83a68b0d8

SHA512
db2a45bff5f1ef95636faf60f2fa24559b0d094969d391e0ec7d22b0aaa705cdcc1ffd266852dffc7f0cdf83ea2c8bf0f36994639fa87331245cf2a234fc22fd

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
20baafc4d8bd444c930729a71bf217fb

SHA1
643f4978f7e5d117c2bc2ffd7ab31aa9720e5343

SHA256
0143dc32481fa23827426e22d9e9410f52023016c550aaaddd7d6a946cab8ef5

SHA512
8f6d727be25ac143e422262b1ce8b706db7dfcf3ec7f9169f28c8763af156271f347c3e873e7febb536b7a5de725291e39fabf11380e190e4ce50ffbb8284f44

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
378859d4be19c28210376b02b67ff58f

SHA1
9fca673783dec511a677748ea86c6578dd0f7a63

SHA256
276557647b3a0158a54e63bb6c5b6b355eeb39a363bd0929ad9afc5abce4cc6d

SHA512
89554131ca948986a2acd14c2363f47395b35b26a80f0a92fd03afbedb0764ab2b6dad023815a695aab6db802e88fb81704681e6c0036be54d0b38d8d6fd79d9

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c04edca32466ddc0c477b55dbd1856a9

SHA1
8757c7add144f8a6beccaebf932483b2637249ed

SHA256
d3179a1f6b435020f10596fc36e6351fb3f8601ff1274a2699576157ab40b0eb

SHA512
04ba31a75760c8e1c64dce7ac2409e39228f4ea9ee5612391482be825d14335d6936beb80b7b4bf11c2f9ea2e9c464ebce817f9680ead86cd468fb49abcec61b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
26412f1a9e5ff4827895f8d3f3dfbb90

SHA1
a0321d5a63e08bc7baaf5c735b37bd86e45b6eda

SHA256
6cd46b657867ba7d7ad18eb06b2ab7392536a5ff76e19f71e222d89089f48273

SHA512
a92d77cdbf4edb71080f5b36ce641770295c3a950ed78015d93eff71102d9b8d75f84bc9ae61d16c5f3596e48ad70a5611f6f43256f31072589b7e0dd026f58a

Download Submit
/data/data/X.God.X/files/PersistedInstallation5895141404225536036tmp

Filesize
90B

MD5
c457c0921103bd3fa3257b345e51e124

SHA1
53cff0b9371b3a44929c96c881d7c3e629f33c9f

SHA256
202133f752d46cfefd8010102c8746d28f43104b0c4d427981f6473493df7436

SHA512
cac5bf1d6733cd00d1ec9c95e7aaf6591eb09e978adf2c5bb54d62c46e221db7c19fe22aedab6aa09c9fbda7f79653708f8c5d1e8806ed9e5920a96a69271331

Download Submit
/data/data/X.God.X/files/PersistedInstallation8545415124046855498tmp

Filesize
569B

MD5
c54a1b4dad4d8fe780d0081c3de5ad9d

SHA1
831bf1473f366721ec98db1b35b9583ea57440a5

SHA256
0559a69b5ec9b368ff810f5bc27653a606547ab85b6e74420a7725aa4682dc8e

SHA512
112ec72acd5cb901e9e66298537d350ab628704d7c3231be6c71beb80d6388f88cafa46aede45363f67132effea36a46b97c5d962e84b1f3f440e42f0f881ca2

Download Submit