8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a

Analysis

max time kernel
19s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
09-07-2024 09:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.8MB
MD5

4c307e6962c91e6ba9a7a85f662f5db5
SHA1

c76926b8d6af7f8718510c200f2083f842ba1ac7
SHA256

8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a
SHA512

17112c92ba8ad9a36ff8104b6102d33308effc4f520f3f430b2dc00ffd50b1efc4b9ed6b675597b57b9809e805ddaf99553069a7882e62f0c6191c85a4e52cc4
SSDEEP

49152:uPSe9096pV6rX+Q1VpBaHoIkoo59X9SABZ+nm98mFBXAwtWk0ESkbU6Yf:uqe9b2rX+QFMIIkh9tSABAngW6af

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4262

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5523a1f22ddbf3cc000c2074c6b1b466

SHA1
dbaccaf10195bd42209215b086a674525f776131

SHA256
6e99293757d07e76e038b9591eda0d4873bd6e79eebe41b05b2a081e9d16ddbe

SHA512
4bf866b87dce183d6bf643a5f234ecf89d6404837570ba00fa9e1a9e5f6c0b64b66b7f2830b7bb89dad972f63c205c753add56706c4625a751b207b1c3831e46

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
18377036003f95e39812796f64cc57ae

SHA1
12ab9eb06b01ddd66da55830ed2d1c91f2a0561b

SHA256
99658d19c1797672990ea63a3abe92c8ad2b672da2a7293c7a704a3b5046483d

SHA512
45040cc4274863810289d24e6c2fb0a925f7798dd219cc74aefca95181c80a2b0d6e4d714f4c37f26b7f36961a3cbb94da61b6ad6db3ef9cba251fbb1103fb11

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
300286f958aab6a2e3dcd94139c83f94

SHA1
5f2c20dcd0a4780799f2c96dfd80234baae75266

SHA256
fac9c16b8ce08e8a95138b9af131b26accb5b1e9bd14636c174d1bdf3f17c0a0

SHA512
2bb696c715c6de9de8d41bc91cadd3f805a308fd5f238badc14d9ff4661463a271a8e63733f0977ed2b453fef3f109d25295737d39bcedaf0e1645205c6dd881

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8387e18e811a168f5b418c40f1567a0e

SHA1
10098ecce1bb34663ac1e3c3b13c77ab62b1682b

SHA256
abb794630025281f7e943794e2479a8741db24b214e6e11959cf13340ea3c090

SHA512
39489c9c29abdbff8e7bf5dd52368888ea56eed7fa47870bc0124d5942cf97df7f8d3ce0684762547bb9f70e917df085d2014ed6e16b93f6040b2ea2ec62db18

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
7b2a28d5e46620bfe741509a089c091f

SHA1
2ab13ce934a215bca4d968d3b419f00536390a0c

SHA256
5412fa8264009649449042625c57544e1469cfae5c001fc739e12465c416b98f

SHA512
96f7a2449375366df7dde807f671b420040ed5464db489f6fb7784c176cac8794a53844ac3e3c4a1c96e483506961b518355779cca410d9c09e659fea472473e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
db70c280c6873dd0dbe57687a680bcef

SHA1
8a6e61e9373feb4a90842a6db07c7050eed405fe

SHA256
54032895eadd314e76ad5c5fe515b3e0fe40ef2c256d9bac3598093fb429fce5

SHA512
1a2d9f4f18b6b265a294461d56b1885027037b7a2729729ddaf6ea7ea6a2184252c58decff33f176ea783e99b13182225d3bd4179b8e4399219c6457095eed98

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
abadc0b18815d79975f7ceecbd929430

SHA1
29d597b44f13d4a5502cb5f61ebdac49d2e79e63

SHA256
54e5874a57779dbf7eecfa3ddcf4ccd9c4212914e543316e508c018f47d6e537

SHA512
ac247ca97d875095355178c57a07e84b48e6ea972207fe488705b4bd5dce59c859aa6794b8be5249e08ede4ca70abffce5a4199da955a93164f3587e4affd0e1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a542be9af97f6248f5438badb3e79cab

SHA1
d2d1c36bd1d5e46145e6a0f2e588ed44d2eae3f9

SHA256
50e0ae6269a83b3e6d29c73d9ed0dbcb8fb9096290fa450dad175d6091e4246b

SHA512
0f45fa57b9e59b9c446fe100ddddd2b21b3b305bad29412b4b0b5af28303392a62242bed00ec0a1bc1634c47d30fa58ad9baf3a5d9b9a9a0570f9652c2083c57

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
65ea4ca4a2ab75ec81c10ba9727a3f3f

SHA1
2010779a1a99a2880c3c912afebb968b18c62fe0

SHA256
bf11ad75f7419e0c93f4726df9e816bb345640eb119afee5acb94f67453dbf06

SHA512
fa89aef794d7acf5b987d1f149181f9a58f42d5cf8aa23b5c7e3f9da8746b4c76b90887c951c84df1b71c958dca8886d72f5fb0424d48207483c3e01ede86853

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a71802bf608cfff602af47ce53b9b64d

SHA1
0a97d03ea6bbb88d9508c8c76c84805c7f68ef4c

SHA256
b8b367e3f18a0b5e74e431fbbfc97827904ef83a30d0a59f4278dfbd062751f1

SHA512
b3c5ae0a55a5e69037b6ed8ae683e9f8ee93eaa4298301e42be54b34e7220900d2d4252981f172941f7081fe20c347f6a4a9753f7f34af2fbec5a4442a5c6ae3

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
2861bfd98811f9dbece758a787c53cce

SHA1
da8c78d936167bb55d942d987aa079f4a95d2930

SHA256
a1021452a76a001d2348a00eb028e4c3ab9baf70e5d8d661130e96b61dc4234a

SHA512
4b7eee4419c3d3f4ce2518171191ad5786d582ee3dc8e34ded9ab2db37f7c83c043333217062e7b249d43f7c0e5e900dc3e5ea5f94837679d47d380f094062ff

Download Submit
/data/data/X.God.X/files/PersistedInstallation7883394531005465287tmp

Filesize
569B

MD5
270dd2f59fdbb6ea3f849710218018ad

SHA1
b471547935d727dada3ee2b1107b683c66b4e4ec

SHA256
5f9940e70d929c8a8e7150d9f8e6d669baad3ce4f3d91ab2cd319fc01f52aafd

SHA512
20fbf1e8c6423df4b06c88387fe1d61ebb2f693d3244514c14050b6ed62c8381ae5e7374b1abd0188a35ea9fe5cbdcddab8bf4c3c97160733b173f25969de7ee

Download Submit
/data/data/X.God.X/files/PersistedInstallation8401115530298757137tmp

Filesize
90B

MD5
1222b546b8ede1d60d66b464e8518463

SHA1
b06517b708f447321904cfb537a02dd169b1421b

SHA256
1d3841ce5d982aca21e94b643eb01819153248feb30873a6a8acaa0da9f35d4d

SHA512
cbeca41d00102e04b6191fe4cd33d8f8ce334f6ad15015a32fabf2ab5bbddab3ff9453d17f83fc54eed9de79a16dfea84cb64171006c259bc4391015a74e35b6

Download Submit