b89ecafde09182f1b0eaef752d5a146c465e49d51840a9b571a63d359fd5efdd

Analysis

max time kernel
20s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
09/07/2024, 02:02

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b89ecafde09182f1b0eaef752d5a146c465e49d51840a9b571a63d359fd5efdd.apk
Size

2.8MB
MD5

ff04ad3b47d9b71753545bc02dc8c33e
SHA1

184b7979dc29ce42fcbbb033671fb928e695331d
SHA256

b89ecafde09182f1b0eaef752d5a146c465e49d51840a9b571a63d359fd5efdd
SHA512

6937975030162551b38e8d91a35b175009be470d66eb30992a460c3c9275f16e8d58295a7a20cc5e544cfb3455ea247d3c22dc6212d791de06c4ea6758dd9d6f
SSDEEP

49152:mPSe9096pV6rX+Q1VpBaHoIkoo59X9SABZ+nm98mFBXAwtWk0ESkbUxpP:mqe9b2rX+QFMIIkh9tSABAngW6qP

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4606

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e41223b96a2bab158196e57d108a1fe2

SHA1
2cbb7c46d4ec950ca1545466cc0e8ee38486ca3e

SHA256
9670ae1cf40fe224e111dc58b22e09011e6bbe45cafe5ab5b3874768178391bb

SHA512
c670db1e0cbd1eb4f25e574d2a473f76563283637ed6935eaae10a70be731f04ea1732c7035aed00dc1e6a857b1c74d9783ed77b5e5b5e797bda2d5090209713

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
57b9ae057c4401f808900b3d39a6a84f

SHA1
b111239eb3003b7ed0e0a6201d9a5c40ad9f0110

SHA256
cee11fdbf996007d65b6f70c4809ebc1fcb895ba0d63a8fd2761b13e48329085

SHA512
e31b2affd1cd00c3052260d311d517917f2bc360c3d177d4828c1d37570166e122d58295cd3a00991c2201bd10ce2e937f9561bdda75d940f6b5c3e1a30efabf

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
db47b28c06f731bd9099b632d0a269ac

SHA1
17294541c6f97e96b4a9365ec99c7ab79888f4cc

SHA256
5444259e6284cceab7474c1c8eef3e992248f4b88b2b062e40ab65ae889edede

SHA512
d5a655c0ea3ed12014d896d01347337f228493910599ea1455854b7d2246e82f97994f54732815476b75d63871b41a8b45419ddc30a5ae0f809c7f6c9c67845b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
72ee31a937ce8e57054d594cbb677466

SHA1
61ac62bc19a1c0593f67cedc04acadb31bb53261

SHA256
80caa9ff10621fda228aa98a2465920dd05115af4d839e83c61e7188ba93a353

SHA512
986da9f63ab781133215306c69fdfadfb230069b7fd1f62f1a7497b9bea6e4a9a9ee2aca6c5467effe1159c7bcb864bbfd7149c23ac0ffc450038aaa125999c8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
50a257a8327102defd98626cb53fc10a

SHA1
4c36bc5363ee91c87e6e6090e5ad758684014f3d

SHA256
bedab30abcaaf05c455bc2bd361c17cdcb8b712274ac4ecf925992732e8f6c65

SHA512
7957de104e70ae6f558c4c92dbe8b8126fa6d782c14da3705f80e24ee658927ebf0397936eecadae3057f519419a3b3f90300c461751271877be0e2c38fa650f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
2d30a5b5f27b76adb376970beb2deef6

SHA1
431382bfcb70e6f468d18f6ab3cd010c962b9c15

SHA256
4232254b3c460b1d38605352c4a9e77012944c9c7a9d1775ff44e56c3c064d8f

SHA512
b665aa805d143d651268142ac6733476e711b42d8931b20a8bf6c5a0ebcb8600cd33569f1f01c6bca8c410a0e94609e59a8156365800cafcab3d9aacaabafec4

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
e4989c3cbaa995f01fbc986b9c2a9639

SHA1
7ea30f6f5a792be844d7a4f8301cb82c263a2b77

SHA256
725a0dc1db8d5d2b94fc03b8dc9ff447dd2930f197ae91daa64b62af8cd5305c

SHA512
e7f8f8775b32a1cad003892cf7c7fa1090888c253077d969b38fedc9751bb66089de3adc35ce79449821d09fcf4c0f029e65eff856a6336ec340b5234d4c9b12

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
442e84319d9513874275dca9698c49bb

SHA1
b9a627aae6455c5d1831181b90f47519b8707ee6

SHA256
f56bbe5f6c39ef0a8e88e2db6def0f233759d0e5e3cca9f8b79f1760b7a68fa9

SHA512
aa8eb4b231d0db0543264b671a82c1f7cb15a48410f4ea3343c307307366d62a42cd2befc682df7df7ddc510ab765d0b79761b5550af98c921e306910b40419d

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
5989b7d5dfd06cb8a9c20ced940f1ebd

SHA1
541a7b87c479de64f596b674b3193ef807c610ec

SHA256
eb97df1fbd22952aa38f6d3686b943b3468fcb9f2970a12303937cb71fd7abef

SHA512
40f2284d7e762b60064cfe65f54fb5d602ea7a1782f87386db1ae3c2b42f310b1c66e27fc3a8385a0829ee3f285d3b48301caab3d53b9b8a6cddfd1b3b6e946c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
7c5a7a49696a6539e28122c20ab86da6

SHA1
2502749a2d9536d1a5469a1232d37857cd369c52

SHA256
d89dcf4e97f80be6a007fcb2e2eeea783e618f298c6363a5570ad62657feffb7

SHA512
db0a7c0d976aee5e6730236b5d5f9b8fc032fea9fc6864b0872052b2ecf10efe699f3ea1a5c56136147037e4241f53ca7a5431df6d82eb3d4625609823182324

Download Submit
/data/data/X.God.X/files/PersistedInstallation362274888926913052tmp

Filesize
90B

MD5
1f541afe1e9cf6d45203dcc21aca9f64

SHA1
8b764d3be5ada850ce3819d47c03d0a8d9421b8e

SHA256
1ae3e877bdaca0c7889fc2db84733da15f85dc02ebd9e183a83a018cbbfe3d2d

SHA512
8c10be1ef6b8cacdb3cee0ffff95892d018231c57af2675e524821d46066bd52f72493b309b08dc70e85a8f2650179ac7d0c94649ec85683a0f11bb0e4ecd911

Download Submit
/data/data/X.God.X/files/PersistedInstallation6764775003177234571tmp

Filesize
568B

MD5
2863d074a87226b8e6cd534a4b97a9f8

SHA1
b79b400afbbe427289bc15a858a43dc2104dc6f8

SHA256
8cf4d6cccf0e709ac56b344d86b69ecbc01720ff34b8fa823ed8a1657d8f08c5

SHA512
113fe925d3b4a74c41604f3bd125af490b175cb000e4a73128c5802ba463444c0f29539a11591468ea1e59ecec183c7a9259a6333ea575cbeb703f6330b336b9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads