af459e6d663d568fae940561b8aab0874a2e34fe22af3404ac3f425cfd1168ce

Analysis

max time kernel
19s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
09-07-2024 09:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.8MB
MD5

0eeee3a9c3d0107ccbe577e99b3ac158
SHA1

3a7cd40aa40cfa58f9173c69edd6acc6f1b18e5d
SHA256

af459e6d663d568fae940561b8aab0874a2e34fe22af3404ac3f425cfd1168ce
SHA512

0530d303482cad04b3253e66a95b3312360609c98aee19d5bfc1a9991b5c45de0b49ff93183707f8921ef0ff85d89829fd97cc5a01fbb033085cd23fbaf44d17
SSDEEP

49152:bPSe9096pV6rX+Q1VpBaHoIkoo59X9SABZ+nm98mFBXAwtWk0ESkbU4Kp+7:bqe9b2rX+QFMIIkh9tSABAngW6F7

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

X.God.X

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone X.God.X
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

X.God.X

description ioc process

Framework service call android.app.IActivityManager.registerReceiver X.God.X
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4253

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6be3cf6b43576ee8554c1202474d3677

SHA1
f3659bd4c2b75d96c413331db547e60e9332cbbd

SHA256
b36069d0aa29e2e006069f6930650a9dfd2f8239c135e9dce53783711f7a96e9

SHA512
fe1fc42e84f2b9888183c1c5b2b1ab24672078b7383a45ddec342932cc1049cf86cdd52e0303f24320459963f308fe9f440898dac849ac8f8c398cce4a5fea9e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9f68984500d68b26ef134d744a88a77f

SHA1
4da76f9474ca1c494534d005c63fd7e9c1413c02

SHA256
b04445e2e76e951862f92ad69a6be3f95409c380feb7602b58d0e28c4c5434f2

SHA512
c957e47396b055831aae1e190544a30d05c1fc27272972ed7fd4d9c9c1124b64a6d8e5796c9233f3b955ed2f447d0e5c476640e2e4bd40c3751d088fed3952da

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c234ea0c61e3479963908846876d02ae

SHA1
5fb2693c2f63e553a79efae1067e5b206be395b9

SHA256
19aa2d4b005a0fff51b51de7c6031d291ee09d773ed5a3e14677f46f1829c661

SHA512
bd579dda02d6ae98d9ef63f251ceda18a0742e4919806684641396091df68fa8ac3a54c0244a2b613cb413cef21a033d6879dc62f89245559bd74a7a8fcb2ae6

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b504bb511526d334e02e968b878e9c72

SHA1
392185b9131e5cfa0642743099e9d4ba1f169fde

SHA256
40ba6ae43e2a48473c52693a9693732b8c2bfa4f664d77f27968a2d6eb367059

SHA512
63a719bf49c89de65b94cc44af078f2e420acc19e1879dbe24bb6d24681b8b5eda98cb20003bdb13804294a4e6aaaa6f69d908b2cc701080a650d5d0113d6207

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
c7209c48246446382d31b3059c12f35c

SHA1
eee70618ecb6a9ea3341ce3a3b76edeca679e611

SHA256
9e172d5f50cdd67ba1c7fe1472c1bf146983e8a45ecb80c03c37549d486ee8fc

SHA512
2a5dc51e89b6ee4c2768eaf607645f24ff12de3d0c7bdf7cc7bedaad0772e1ee775077c26498192410d1230566241ac9fb52450a42879c4e8e468270e6ee24e1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
87ae824e10d68e9d220d7a1b5d5bb192

SHA1
515d27b3dc360daae3226f5b80aed5569e5b4c95

SHA256
aa4fd175ad7fd7655b997eb58953343b7c3f2d09273ec590dc9b93939b3e4eb9

SHA512
1587ecadce5fdf4de23011560360db18a55b63fe2dc6d906632c5ce273eafe19c440115b671fdf8541b9c21b06a433134e50acff34523ed0fa87072e8eb98b9e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
6c16d20560b09575f1421d72ead93a10

SHA1
8f98bd0eb313022ef22ff9908c638e283f014025

SHA256
1ae89d3cb8813ff72494e0612ad1d064aaa1c36cf4f9db62ee30644f1308fcd7

SHA512
b4d133ddba9797b097beba7f9510bafbdc3a176f422f987d95b7b939989a355260f91b4af597950a1cf77f28b46440e76b37da9495c6ab45070c7ee680fcf860

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
5b159e0abca22dcc8c7c936666f2895c

SHA1
ba5a09ba0569b05f46510f6053165f30cf808b8e

SHA256
f45c0ecd92220f2c9228aa9bb12dee25e1bdc91de4dfb26e3501be7fecf48866

SHA512
9ddf113316d729b7124fbd9aa2e1cf225069d9c6a880cbd9c8e37667694e579487249767f53f1410cf9f50cb3270b8ace959001a301361bcb93ee36f48cc6f52

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
b9596f89dd25644cb844b3ad07d5f6e0

SHA1
ccb7a7f285d36c26518eb4db5f6126d0629f3dfc

SHA256
c1dcf7253e7da40316dbd4990c5abcfb149b5d467adb53091601da1fd3aaf4d1

SHA512
6bfaefb3aedd9e7d4abdea3d882b4f6b2b13ff1fe57660d9aed4dfb3c80eceff330d43b107b85851e0345d0025c7754eb2034a8320adc4322527ec0011d146ff

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
07c12f5dc3ee96e92ce6bcf07422cf47

SHA1
8c4cacd2f09e5856c0280c06c30e1245f9e7e0db

SHA256
0fac0fdc0eb72c64771cfba51506c0628faf783890a4ede092960ecea5ea04d3

SHA512
51ec6e98c7262cd5a5fde0668f4510486732290dc91001a3b322b3f910fc4fbe769bca3a9028424ddc7e448ef73873c6d32254492d09ea290bfb1ae7b4f3a55d

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
3e76c00ff771d8f5ebdd0318db1326a0

SHA1
c4faacf60de27cba65ad45fe947093300b8a50bd

SHA256
a5fb2d3f5c1ab327774bb93b24391a15fbbd6ff1d6d7fc7a60b801efe49a7363

SHA512
f7191c33e4e652b2904e6a01e3ce6725e22c46ee444ff12002f0669aa6433b9e67d763bceeaaba57e9a3c648f96f27207b2616ccc0d1181b3791c19c4a48142f

Download Submit
/data/data/X.God.X/files/PersistedInstallation6190682488777815879tmp

Filesize
568B

MD5
1b0fce4ea3a49e8b4efb9def8b57616e

SHA1
c7434bc6294f640478f0dd82c68817ea77b19f74

SHA256
f657b88d3823fa1ca110246b51dea8ff59b1290cd1c5b688f0da1a5479854964

SHA512
0dd927a4bbb48260c3514edea9b34978dd6afa18c1fa94c0110cf22dbbf0c4ee17621f99ba6f307d023fd092662d5bfe0a3564479111edf86793a42813fb2458

Download Submit
/data/data/X.God.X/files/PersistedInstallation8737484139196547026tmp

Filesize
90B

MD5
2eb00b78bdf7a6c1c8b07c883fa81f17

SHA1
bcc982c04c9cda67040d03411d3dda00af4ecbe9

SHA256
4c88a3d2d413574e61cd88cd225640aba802b25c78a44aae0237daec2020c51f

SHA512
e227ca2d0039aa7dfe2b0444d07cc833bd5e79eb6f2b4ced0c881010656fce8aaf5466e8574d9427a1d1ed9e72ee00383dde6e81fea234bb02659d8192be26a8

Download Submit