8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a

Analysis

max time kernel
19s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
09-07-2024 09:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.8MB
MD5

4c307e6962c91e6ba9a7a85f662f5db5
SHA1

c76926b8d6af7f8718510c200f2083f842ba1ac7
SHA256

8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a
SHA512

17112c92ba8ad9a36ff8104b6102d33308effc4f520f3f430b2dc00ffd50b1efc4b9ed6b675597b57b9809e805ddaf99553069a7882e62f0c6191c85a4e52cc4
SSDEEP

49152:uPSe9096pV6rX+Q1VpBaHoIkoo59X9SABZ+nm98mFBXAwtWk0ESkbU6Yf:uqe9b2rX+QFMIIkh9tSABAngW6af

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

X.God.X

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone X.God.X
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

X.God.X

description ioc process

Framework service call android.app.IActivityManager.registerReceiver X.God.X
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4261

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
978f7dd12f348551626138364e32f148

SHA1
4cd1185c5f748f1568da09c07d0d17d7dbb8c303

SHA256
456f5d1a34586c2810823577ac30779c415a456be0b16ef90741f42160d9a102

SHA512
45327cb158a322d378b055b10ab9e114a987419a167d5fb3f08d1bb0d9b8830cdb8db17384a3407ec25c9af5260bc183e6761a0a83c902693b8fe33f15c76d04

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0bc0032883559cab0fcb54ac02507b2f

SHA1
d4972431b6f65a975e90b63718e67e58ad827fd2

SHA256
57b53060f4561bff1efb09f1917d951240b3a7544ea9e7cc1266041011d173fa

SHA512
3f5a8b204d1cdbae6275e391692427a1e209f4ce4d8e0ecbeb0dc16db82ca7e1eabd73a7b8633dbcb07fce6677f9f87300da208503aee9109fd0ca673424396e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
822fa1fad3f3e7b756a378b95c278bab

SHA1
14706df17afb3769198d9eb1ff15460dcc798d98

SHA256
695a4d2912fb83ad42a568f6e487e454489d2346d769f1c5e36f2070e7a6b5fa

SHA512
61155bab34974040c91d33227aef21d566f2ce4927543c468fcb4766277a456cc61ba85024668a0c2118f877b862023e3f97f0e1b1def29bd5619a6183b194ee

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8d35835c11dcfd520f63923372badccc

SHA1
a1e0bf4349000bb815ff9fff6e65178e28214e7c

SHA256
74e03e21aa74a355fd19fb76ab85a2a0ee0377d3fd1518cd4e31cfeeed680846

SHA512
9a4b6842b4135321fc066b1e1b13c77647f8e1e9cf7ecb25ee86409a7c08f20cce6a90e37c17ad78fac27d057899efe0ccfc4bb9b826b331512485a17b65b3af

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
d01b315b8a2458fd76973d8947a3e558

SHA1
f0df0e40ecdc3e2e154099d3b6019d04f4e3042b

SHA256
11272b9e494246c51950e3ebe6ccee01a2ea6d633cb0e19f28c3444dc18227a5

SHA512
817da7e1101189fe155dbda31484085afab2a01c45a4f1d6d17f5d05706f3752ab2541fe3b94fe6de7be46980c550901b78c6cd9a75312b1b42d90c6ddc97d3b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
07eb3f53d9afe306d1b433f6c417fe28

SHA1
4321f2ea76b57221a1e94ffe0935a1af6b2b1076

SHA256
2b51f3d4751ed5f446acf2c018a47f257f8bf6886f189bf2c17241625802eceb

SHA512
f6bfae9c6ff818246d38d401d9e60acba2a51219ecd59330f64b107577bf82ce8dc2f751af1e291b6178a1b0c8715e7d24384ce878f53d7ad16b48635df66bb1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
9426d18386dda957774851a42a1cafa4

SHA1
7d884b90ca32cea21d4cea311e35b315658a2465

SHA256
6988f1a9658acdbc762f4919dfa93dd11d21096cf8fba07c97ba2a79bc0ab507

SHA512
62a22a342819caa11b27a1faf87183dfc46e48d70f4d263f03cb6c28b0d66300dba4fbc78f746003c46f3b245807777560f32d8c41091c0b3921ca64f228ad7b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
3179ed1d0cd4ae6fa1b779ef13962a82

SHA1
96736a3b0a0fe040e8f9464031604a0803117e7f

SHA256
eba958baa64275a5f7097e0b89ba92b535cac7f2717ccbe0f5cd0a2a6275ba5c

SHA512
97085ca255ec8f22ee072b215b06b9826ed4e0dc10619ab0abf350e1ad86561ab0119474923c6852fee153491a35aab48fab62d8570ebb8855b4de5eddd2fdfc

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
90dfe6958267a3327e20b6a8254ebe70

SHA1
b3e1ffbc3d1a7ff0497c33559dc428c68fb2f19d

SHA256
ae9522284b217be83bc62818c27b8a68f9f6a95ccac10b9ba9e259721e668408

SHA512
d223da50a06b049744c34156b66663da163e4350469013a20e36ea44f8e23d48ed9aca4fb9b8a70be7d96803c8fa6c6c53aec58e88a86ee03bcab7f428c88815

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c9575d36c8d9fd3d56676f83d9bcfa7d

SHA1
c005262bd0cca9581f1ddc4897a7e3e3b8704f97

SHA256
ca8f2962d42c47312469a343a4db336553fc3b5fc40209930e0507b4e40618cc

SHA512
046eaf6c4df9b2918423e5ff1ffbb17d106f0c80555989418081dc9a96ac8901d7de3c09d90565d0ac1902032ef8e2783fde11df5753d1cea5579fb25083c880

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
67ce66af8c37cf742736b9c8aae6c26d

SHA1
03c43d4e888f8ee33dac4bcd2cfe3a0ef2abc8e1

SHA256
05794c4ddbd21ebf401ffb3ac669c8c7280b5d0f41e9aa8c1e3a20ea61742d87

SHA512
dac409568e8238f79dec7d7bbe021b48b56721372ea27fe3024fe64cbfc097985cadf69b6e55ec1dc173dd3542042f8444aae7a0471f51491f0af0a1a901b4aa

Download Submit
/data/data/X.God.X/files/PersistedInstallation5999438824494087460tmp

Filesize
567B

MD5
758cd93c8d43040377ab9b4878da1773

SHA1
69ef86106e67bc3a1a9892ccf9d867a321e2bb24

SHA256
b7d4b4840cdd155ed91f67f2d30e62c1a404e7627d69cb67ced2f933641c39fc

SHA512
0366c67ddb0deef2de73145129a9d9a3171944c31d3b518d22fc2a0897afb6c8b282562d756a061310bc2d8c2a6290b494cfca56a1d618b1f3bbf3ec3007b919

Download Submit
/data/data/X.God.X/files/PersistedInstallation8430792173026641687tmp

Filesize
90B

MD5
795b546f40a436d42f43c5961b45551c

SHA1
51e91286ba1fc15bd63294c58fa72c01ea25d5fa

SHA256
ab951db37209aecf7252a9ed7700437a76bf7ccfcdce745b013d03019ecfe205

SHA512
86af7a8ad2ff67eb83f1665914fd632c4871e965af924b89a42e636aa0f9bcb399e12ea84f968dc7c389f0af2e3889771e98108a8a2a5d8d6b1d73f0600fc9e4

Download Submit