b89ecafde09182f1b0eaef752d5a146c465e49d51840a9b571a63d359fd5efdd

Analysis

max time kernel
19s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
09-07-2024 02:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b89ecafde09182f1b0eaef752d5a146c465e49d51840a9b571a63d359fd5efdd.apk
Size

2.8MB
MD5

ff04ad3b47d9b71753545bc02dc8c33e
SHA1

184b7979dc29ce42fcbbb033671fb928e695331d
SHA256

b89ecafde09182f1b0eaef752d5a146c465e49d51840a9b571a63d359fd5efdd
SHA512

6937975030162551b38e8d91a35b175009be470d66eb30992a460c3c9275f16e8d58295a7a20cc5e544cfb3455ea247d3c22dc6212d791de06c4ea6758dd9d6f
SSDEEP

49152:mPSe9096pV6rX+Q1VpBaHoIkoo59X9SABZ+nm98mFBXAwtWk0ESkbUxpP:mqe9b2rX+QFMIIkh9tSABAngW6qP

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4252

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9b819ce9d3c5153f2e961edd0a656615

SHA1
7f25a5f6037c8dc7a04600e559c976ba31289662

SHA256
5429578a9d1d8e12ea8f6d2dd510104eadbc1a4ef034f9b299d02e75da1ce796

SHA512
01dd9f5d3e471cc3ad24dc4cb33ffe5fdd364bf5b43c86906071005bafc0ed7058008da58c1d7b75145fbc95b9916cfa18ed50c1c5d18aa8a6b199f54beddab9

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
92dc0dc1c59ad0b0addb11783a001727

SHA1
0e65499ea9b45110b254b0cb29e5ec8d6a32f29b

SHA256
84facc37740358da8eeaeb2db5ac356dd361cd1ed754023b19cbbc6f6b582458

SHA512
63c12b1091484ba541b7c03c84063bc4b6b99b6a4cdb36d3dd478263e12b31a9e0cb4155830a5926bd5f1fff5a82aea7f2430577de8dd3df2c6c732754484984

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
97d0e802bd3e7d8965e9a7743599766b

SHA1
69c54a55f3dbfe7ecd513b4302b0b60d20774a73

SHA256
bcb7b7d1b15a2763b9d380241ec14997c4d0f182da9788e9b402dfff91f7570d

SHA512
46bdd4cc4cfe8b5b480b0a78b34a06e80981bf81c56ddf6d077803e27c057ab6d283d8b3713963275115bb40d220f2d2725d80262612b88b4d82a834104f25f7

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e5a7c73124f8ae1f8e8fc0a81154752c

SHA1
ba9b6541af512591562c33914236a49fde2618da

SHA256
92af9241fa6db5f077e1b393571b6b8c34277389d5d7aadbd5ae6bd8e588495a

SHA512
bb9429aaee25705e6360582534e869172b92c2c8f64419051ea5de1b1042cfac4bd11fe1e313592457038fe7ad9bfa8c37c2135abbc9803ab876a5b5e34c67a6

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
45b2813c0d699ad23f812e320195cf49

SHA1
4ee18d909029cc8a5d0a9c11960cd93b95be2e1f

SHA256
7b24abce7d82bef7a8f51a09f4f428d5ccfd9bd2c3a421f8fe50f76079e63036

SHA512
b66d839f2d146df74cc6fc616b59302631a4c108d4682c6676423da555f708371e7dcbc2df8af9a6248c2baa957f0acd60380b8a35dda4a918470ce7ba191dd4

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
13f6eba75025ed3ca4e1ceedffb4cdd6

SHA1
f91f7fc2bd283a09ed7362a266398894c4854ef6

SHA256
2d462109c644ebe18f0b354291dee5d2e184d21b42816952d29db4de5b84d8e4

SHA512
4bc5423972093f774f92a49b103b63480a56c2ce119b739f7cfcec931f151e56f632b8963180e86cc22dbdad8b1693cbbafe5146914c1784a029f371b311c25d

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a5871e77f9092b86edf848626621097d

SHA1
e215cfa6a46c67bf4f9d89698295268ec5ab7494

SHA256
5acecacb8da679d3e741508a6a81d9f3ba16c52051bb69071ddb230fbffa0637

SHA512
4bcbb7d947bfe22987cc5b25b60dcc5138d817a0439125e65cb9fa631a9e830acc9c51883eddc8b6a818f9bf2536721119eff1e2c36a2812ba6db242604bf14d

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
8d3e64dff954d5ed542434ffce1b4c79

SHA1
d2fcdb50dd5d688ada174a54429bdf8cc2d5ec71

SHA256
76f3b95c5c75c831790a486841bcf2a567c7b0dada1b056badd6b552f364a8bf

SHA512
7acd370ffec6a2e17ecc3dfe87d48b30359002c49911f110b1834a45933704b1a2ebd26817cd27c9a5f3d4e5c919781e53ed38909e86b95a11ed9fb0c91417eb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
34b701b767cf7548b485eb05eff5b7cb

SHA1
6f7344103db5a45b6c22823a94f4307313839115

SHA256
cf1c0fcc82c94692cd8c10ba07a7d89c9ca13a5e83875fc7288fc1874e92e01f

SHA512
f626b66d8e3611973a6ad9dfdfc5a7bb97ffa7fa42699be9bc0d3bef7d74d0ffaa7b24cfffb28513937186757320e538094eaba0c4b614e42a4d56b4441f8478

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
21192f9d929f36ff6355a0e06953203c

SHA1
84bdab5b105c03d01d4d7da44e6babe6209d3b72

SHA256
31fdf2c8119af247573798a0373b52226cd6d96b5b510548cdab5f817ea35ad8

SHA512
844656d01bc6003fda03038c6d081a8fd7a84b5c0e8773fa03acb758eb76f4bf24bded29d7f8aac8f111c58b42d15065c988702127bfdc37a74643f1acf16f9f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
cd546f5cc97f2587dd417705f04bb9c4

SHA1
47539674f717d62d572ae8f9d5e64dd4041b6c30

SHA256
c3146c6c1d002ee959c6c2e902448cc9e63681e01200c13a367a0414ae80f7f9

SHA512
173cf5252dbf2957bb3a269b1938927009fa53caceeeaedbed5bdf6f32d4d5707ab5546fc9b41e3f45f4705c91f6bcaa451a598317aa1371f6a59d95cf140612

Download Submit
/data/data/X.God.X/files/PersistedInstallation4163878625845804404tmp

Filesize
90B

MD5
54dfec657633ad448e4adea400ee3d87

SHA1
9c452e1277f8af8a3bf514ea8cc3c6c7f0d1bd13

SHA256
d1be8ee27f4f8571d6b5e129a334181aa3fbbb8b5711c310120dd7ad3f805438

SHA512
93bd16d5a6d2c55587394e98ac7c56938a52f1cec0e9fd19f5c373369dfa117ef70c7cd08ba7315e805c1b4e8874a636ecad1d5ee80727e1aceeeaa927ebe888

Download Submit
/data/data/X.God.X/files/PersistedInstallation4633442263907295026tmp

Filesize
570B

MD5
42dc330fc606efb37eee6b58ccaa50ac

SHA1
170ea91807452374fad53f4c2e7253675f94801b

SHA256
9e41829d3bd8fa599c9c18f48ded5f05bab30f9a5ca556666bc9d4b690cbe48d

SHA512
fae54cf8c061034cd074ef818683a6bb8b44c29670a08a6663ca338f5390a1ad9b9dbcd4ada7b9565b27c69a72ce7ed82f55204c4f1c92cccf0bebbc3e311490

Download Submit