42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6

Analysis

max time kernel
19s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
09-07-2024 16:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6.apk
Size

2.8MB
MD5

6bac095ca7c3546e1764695f9c09474f
SHA1

5d729d4f4fcbc98681ba7b1478ca89b1131a0d8b
SHA256

42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6
SHA512

0bade827030293dea806ef2a5dbd31e37969759898d6541c82116281f7b8f81f92155618df1fc4743885359b487937381f225274cee60c7ba6e8cca5f2aa2ed6
SSDEEP

49152:Eiu3F1J72GkfbDVJZYhXnT9/gHKPE7Zi/cNzgLNNGjCYrHPgDf79:XYFvaGszZYhCX7McBITk9I39

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

X.God.X

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone X.God.X
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

X.God.X

description ioc process

Framework service call android.app.IActivityManager.registerReceiver X.God.X
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4253

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
022e3e35a4b0363e66fc8dbb6af968ff

SHA1
a06500610793d96d828b1f1d6244a1bbe24ccbe7

SHA256
2e7e01170a2a977a485daf720cb1fd5cb99dfb81af6d8b730dbf098913e0ae85

SHA512
3f199e5277d2ccd4e3ad089c06c982f5ecc4832dc00cffe3fb86cb56b2b7d0f41b69a6a726114b54472a98777ae6fde8a694cf550d1420b9d185a606d5b888e2

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
db30b25863039d466cf68e7c4099b17d

SHA1
357fd178fe956bf74812a2c96d0134863a23b26b

SHA256
00daeb886bd2218c0eff209855c7f0924e5d2ebc2acc4601da76283d81f8c968

SHA512
de1c56b3e612223d692f40cb06db2cdf2c55bfb5c8e4590eecc2be55f0e015c7e032f7011857c07a487b158318bf263fedae554507f4bc5d1264ac1da412b2cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
255a35613908c13dfbdf2e023b44ac67

SHA1
f35f24fc3a8d3913f610aa71b7943cd82d97876b

SHA256
08b3808dacabcaf9e03cf04ff5d61205b209c36793d94bbfff82b9112c0db50d

SHA512
9a80f488222caea442342165b10642deea5a0d1d46217617c5359fb8d6f336fed7c636a69a7b4ba67e4d1d62e7abe809cd487aef78e1cb52bfd80110d4c2a697

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2c77fe82e3f495000ea7aec8e8fc2d0c

SHA1
cb0bc919ba64ab5c365b7c175a992e002f058a58

SHA256
575a6118d0649c7f8a339bc1ea2583c2ef9f9c7a37c1a67e7be19ea7b35abfd7

SHA512
19bee9d82da01605bc40dbb361b80e933b609727b0a710454bfe0079cb185916a85870db4ba7c5e112dfdf5caf8890a41062d1517d5ea8996f0da3ab956de943

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
78d4ce5da5fc1d54ee4f1cc161b9601c

SHA1
02c1a673ecabd45e8b473ad73e9353a447371441

SHA256
8855d416455972772dd34070241a48264c37106d3cba8118c77fb31897d33fba

SHA512
864a5f47ca63c52794bc5cb9bcb78395d719c30ea3b8239e6f60195a722354cf513d033748e9130e0b7aeaa297efef618ef14574d0d7f91ad48d9659b8bc313b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
28f6a5cb23807a8e80a830d5609fbbae

SHA1
f4ea58fb4dad2bd3462bddd5c0550260fbbc8d01

SHA256
40e4100de2a49990e3567192a772baa721be3eb8f67909ab064ed7defb43331c

SHA512
90240de476488a32279aa1047b8e2ee6f9f11390352e29629a092161c8ebfe15f88db6bcd05de0d451264a44bf5e62a05070468b3cae3a5fd617d2f09aa3c3ad

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
aef6e1cef6e0d2d56358b1615997d944

SHA1
fe64167d431eed79ea78660135a62bfae14ae35a

SHA256
d31b5f6d844c46c7ea13787b401eb33841d7eeadf26dda97a148a2006187e4b9

SHA512
939e6766157797b98455dff948a4c133114b2ace2e35273b5be9e498f0b6308c9d4da2404b613006fab35b6d6ecb433b6c3451f11d2690df35e9d5619bebb452

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c165ae6a12721e479a62b2e8ea9ce723

SHA1
63c6767afe908c8c83093db176650ed7e63779ba

SHA256
1961d3df125bc5eac2b08cc04664c5278eaa8fe14958367ee8b23329f0daf65d

SHA512
8af9bccdc9c86cc8be30df3092acde5d439d1b8259030468b52db9318569845b696415af99e0b63dda9f6d6cfe3fee6b475af66c50bee7f0002a2e4bcb05df98

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4df88cbb765097066107264a0d8125f2

SHA1
64758b67938d6d2eee98aeba4a12444931d81a2d

SHA256
7a53c1e258c1845cac737a6a9e2b6bb25f9252a3787e2604457eaab4560cf9b7

SHA512
254bd575c21b3cee0e40c6ceb65884fb90723d8d359350da4ac7461d8945b52559155200f0f23842eb49f6c7a019ac2ac2f0c0022e1c93060d4ab91b8af728f1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e7b35db7c0e26a894aeb161626e7c98b

SHA1
d52f21a975b3c97f655660a8624fffb78648a594

SHA256
9641ccb369fa99c8eb89ec39608083d5e80a031b21c0801ad9d2ce3574d6cef8

SHA512
226d85d80d0d45aaee83b8f9b876b5858bf8b69fbc97ed3f23a12dd09a3931ad09a8252b31444e2eaf6b44b1f36a0e227d359e65f59746b5e5c07ef7f1d46cbd

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
3f1b07141d6394fe3779d03cdcff31a4

SHA1
7a7956737c52b34bf57fb493a34bac121e0c7736

SHA256
842498f8f73f854bbcdd1ddd9ecc2a668c81d3b8bd64eb7305b12a2cbf29939a

SHA512
e0b69ea8f9e03f5e1c4ad8fec1c78c725d60012ce8dc0b4a24b217b6b34e5aaf164d4946098b3b837540d10f165dcfea6428c4b9569259950e5965c399dac451

Download Submit
/data/data/X.God.X/files/PersistedInstallation7848141182381310406tmp

Filesize
90B

MD5
bc2068d2e5e5950d1e2f41fd429c724f

SHA1
52d4364351d501e23c7e0710b6a6c4cedbb6bab2

SHA256
95855ce456dbd22a32d1e0508032aa3d9763f1b542f1c42fd69da6333d43a6f1

SHA512
64bc57a9b3a41a1b90da4cc6dbf75f21898211feebfda5bcef91dfbca83191f03986327afe26cdd2ce54e0e1633bbe7d5adc80415926b83beafe0ae8f4bb962d

Download Submit
/data/data/X.God.X/files/PersistedInstallation8743066441088156412tmp

Filesize
567B

MD5
3eda79778cf47ead6edad8f3b2e8d5cb

SHA1
ee59640f58394f0c8ee67183f587b4a724d6ac87

SHA256
01b1142f32aedc223c2b0f0cbf6b4e720bd8690e1e9802d832c37088c101cfce

SHA512
088a9f23952862d19865a0f3365258d1da3aa143c85584d5b1e537083a112f4c44a2b8ec22f9de61f128a9e86551af0e54eeee5437b84227f568a71ee1afb7e1

Download Submit