42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6

Analysis

max time kernel
20s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
09-07-2024 16:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6.apk
Size

2.8MB
MD5

6bac095ca7c3546e1764695f9c09474f
SHA1

5d729d4f4fcbc98681ba7b1478ca89b1131a0d8b
SHA256

42557a21a58510a23268509e4457921f81b507b9d407e42f3365a6514de1baa6
SHA512

0bade827030293dea806ef2a5dbd31e37969759898d6541c82116281f7b8f81f92155618df1fc4743885359b487937381f225274cee60c7ba6e8cca5f2aa2ed6
SSDEEP

49152:Eiu3F1J72GkfbDVJZYhXnT9/gHKPE7Zi/cNzgLNNGjCYrHPgDf79:XYFvaGszZYhCX7McBITk9I39

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

X.God.X

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener X.God.X
Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4504

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2b6948c549e49e05b9cf95e06fd05d63

SHA1
edecc595e70d480b49b02a63a52ce7926615234c

SHA256
807f4c58b045b54e5bd9e23bc43cdd003c6fa0079f1f1658efa06a192f7b0308

SHA512
8842fa6ae8e60786e2c78335d236f1f2183235c8722f97074bdf382a5865163e77a59176ea3395d67a1cfbfca3ba1ca8ece9e9e900fddf19db68e57d609fd30f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6e68256559067909681580d56c1b279a

SHA1
373bad0e0adb09d9852350bab51800387a7e8068

SHA256
e1b237c9eb7fea48d14aad56a5b28a19560153d024a44ad329d658e01b20e262

SHA512
39582857a2ee39da1ac4a4f43e947546a76d2470d46b2681f85926afdbe403acb8f77859fee30291fe391f2504ab33ab91816e8551b4976aedbef73bc4a59ed3

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
347f0d859bddd6f730753c07cfb10cfc

SHA1
22e4b0c87ba076747072461cef006083d70f9f21

SHA256
8ac25d51e85d30d76f87ac5967488b9343fa2a1186137e84b791dd3dbc91ef84

SHA512
434b06ae8bd703c9eb7c10f2357f6047064a73580911719ee6eecfa5efe7a12db4aad3e93d6044a035a199c5e3f7c8544c41becf366a8c91ec7341d4e31c49ab

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7ade571ec8d516a2de5d4d987782a458

SHA1
472480e465d60ad3c82adcf0b06d53303713aebd

SHA256
0fb7d940ac7db001d2bc48f56526de2f3379515af91c86ac41545049d257a8de

SHA512
5568e5bdbd93042ab6db8e98bbe6fb1a365bd3ba8940611c266d2402157decb806de8e9cef709529ee5b229efc8a97ae96882fc5a0cf85fb4d40ddd0bb97b52c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c7c23011ad7c6166b30c73471efd93cb

SHA1
6256b798345defe793bbad0d02e1d6e1ae096daa

SHA256
d62dd32b8724498ad47533e1cc669f11f4adbbe95518f12dc211832b37e2c4f8

SHA512
4a6b61f89266cc97eaa8405ee148052f49dccaaf498845867e29cd7f945639ecb84c715e250dba1b1a39a671753e2fbd6b6319b537c3a4c12cb806862a06b646

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
4e2c2c83161dd74e50457edb02c10ad5

SHA1
915c4fc0e03490d9c58bf61dfb3b9c127d28218f

SHA256
b2c9b40d3ea82948e7b6f4e497d9092cfb4192278e4231006edfc225e3ca3070

SHA512
6446b016a271dd6566f045fca7d170cd2e3f824da28c57eb2a422eca882c3434046c8c727c643a535a65ce0d78fb38f86bdd9e3e63998d8ddb529a928dee4f9b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
265b7e71c461ccf819a2fdd986b1feb0

SHA1
71c6092d50267268254e05c261b968f0270fae21

SHA256
3f5694220c488d9d75bff83cbeedd3bd1117b753a16df5fa973a2ea30c562be9

SHA512
f90666c0ffcf28bc4bf66dbd62c75f52ce6db02fafdfcf0605cb6f412d35650e44ebbee0c68ba48815befcc0aeaa1b2bac555a7cd9e1d3e50388af3dd459ca1e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0478d1747a8c9337e541d3719c3892cf

SHA1
2e25bc951a30ffaef56a489ae2355c7cc87aed7e

SHA256
a972b51f7bc5c9950324ffe2184f91c0e039b95adbe2ad52fd0c8e318da5de31

SHA512
401cf30bdb0e0e2bdc08fbda525e459653f7c143cf8c9a964b63fbc05adf5b68d700b354ba2b16c450da4c72b7f702698cb3e7617753c606e7d5705136c1a7e7

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
ad1bbe6f6789f23c0b85fd4439d43068

SHA1
26525c0e259652c6aa190ab8eaf24b9422bd448a

SHA256
5a6f0e35d48f4157bc774e7a121f28d144188017b7918a87a90c389dca39ae2e

SHA512
5be8c43721abda8eef384f0adccca342c802c72a9df44551931e6ec3256edff8030ae4c37a3d3500d6aa5c241152baee375194a46719f40874f9f8555a9bff0a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
48fdbdcd04accfc9ca2ff424855c1826

SHA1
042f0c1493110417ac77f46355833768c083e552

SHA256
f99218acf0c76edae979ab51958ec01bca4a962efcad662d3ea20ef104d9176d

SHA512
74bd4dc490a6ad49438988419a86ed390e512b9bb5b8d78ea3c534c31e6fab0dd7d944538a52028bee72c757708aa760674837de895c917bdee0586dbf361033

Download Submit
/data/data/X.God.X/files/PersistedInstallation3019050558579895875tmp

Filesize
570B

MD5
9d251878e66372c88417edc49108b954

SHA1
0f3fdc95f4c846b855c5acdbc4d5b9fb283db3d5

SHA256
9a5c396653ec763cf0c8fd1b889eb191245e53a92c0b3dfdbc79eeb5fcfc8fc1

SHA512
c36237cf53b8c2e8c74fef31244744679776455d8c1c346ea54092eee371014f4bd11e87b8e2080e0dbaa1661058acb94153a5baefb90e11d213192c0ace1580

Download Submit
/data/data/X.God.X/files/PersistedInstallation6587295938295506823tmp

Filesize
90B

MD5
d6c19019775eb6473ee296a7aad79bd9

SHA1
bd57f2a9013c90a532fc1434308fb3a2c156be0f

SHA256
35297e7be9514561b81d570f9e9600e7d0e189190ecaca392488324ceae1c7fa

SHA512
aa186e65e9e18da77e01704e00904f4e11e122795cccffa6b153b05bd4b32a8cda7e608de754816c5e0e0326550cc661f225a7b4755991a9a69b9e30eddb2bd1

Download Submit