b89ecafde09182f1b0eaef752d5a146c465e49d51840a9b571a63d359fd5efdd

Analysis

max time kernel
19s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
09-07-2024 19:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b89ecafde09182f1b0eaef752d5a146c465e49d51840a9b571a63d359fd5efdd.apk
Size

2.8MB
MD5

ff04ad3b47d9b71753545bc02dc8c33e
SHA1

184b7979dc29ce42fcbbb033671fb928e695331d
SHA256

b89ecafde09182f1b0eaef752d5a146c465e49d51840a9b571a63d359fd5efdd
SHA512

6937975030162551b38e8d91a35b175009be470d66eb30992a460c3c9275f16e8d58295a7a20cc5e544cfb3455ea247d3c22dc6212d791de06c4ea6758dd9d6f
SSDEEP

49152:mPSe9096pV6rX+Q1VpBaHoIkoo59X9SABZ+nm98mFBXAwtWk0ESkbUxpP:mqe9b2rX+QFMIIkh9tSABAngW6qP

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

X.God.X

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone X.God.X
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

X.God.X

description ioc process

Framework service call android.app.IActivityManager.registerReceiver X.God.X
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4251

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4689f531f9d63fa571270cf378fe68e2

SHA1
d996ec419bd53bc7a071d928c946c389e8de7816

SHA256
e4e2fee0f5a3b5e8756585eb541cbb9253e8f9ef85b0ed6b125d6554896581ab

SHA512
136489ce9a831ea4c7f518ae109dd645b35f2916ff13a841781ac96241fd007776fb06b568d9f28e4a84fda039f1ed221c628bce00a6e1f113bc03494173cea2

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9b1e7303057057b8f7461891d0779225

SHA1
aee9595e6f6ef96be04165777896631d886b1415

SHA256
56298b9a551c186b0cc14eddf090e3603cfaa7d1b8f416bddd882b80335d36f6

SHA512
b1496a444ede2304197d46dfacd12f04b7bd644509ea4b0c5d36ce1bdf2b4f594f5faca3506be52afcc599d42eb8d60cbb94821d2fb673f668c9fb2288f0ed44

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
624e69409556fc14f11fd7a6605e5da6

SHA1
360ab52f1fc882bb3151995ec9548d3c138d81d6

SHA256
472275c89f3351b198ee1e4e8abfc6b92c628b6b1d0534f013ce09c6259e79db

SHA512
edbf0a2d15fa5d75946b617de17eadb8771567ca462b80cac9691fa818a0b18a44c8fce781bd9eead25bd961e9c6e5b0a6bb2726770d2ec9603645c5a394bc19

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ac6bc0011b7d3a9d7c861f0a7582fc50

SHA1
e131ddc0475073fd9d81c67720d4ae98fcebe811

SHA256
a7b45e20f0e5926848909275308b363e97ee49ef3a77ff96f3529b600b4b8cdd

SHA512
07c685cecb5bf2a0a7e69859c62a0d0487687369c5e94dbdab66d94bbb173aa1769ad3412222580e775b3b2626e7f2931967abc04230fdea268554bb7611643c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
46740c1207de673d3cb4b9469d067754

SHA1
089f72a8d397a387beb22593f2505feacd7b1aca

SHA256
05e94c71d93693c23f79e7c9a66f9f4e733b0248d2298d3a94694544e3cf72cc

SHA512
d5fe79bfe05ccac0d74aed82435147c73776efb4982ec1534f5ccba8667b5b5cfc952277e8f8abee7288b331170a479009bb4a36ba52e151cbfef461b6464555

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
0ddf26ef4bb0584dbcadb993d56b996f

SHA1
64aebfc41b7ccc83c2a6a3ea7b3be36afdd78990

SHA256
f16bf53e6e9b4d073e555bce05b8ca3bf3f02286ab7daef015c07ac1543d3707

SHA512
cd939e42f58330b509ce025dd97a830f833d830c1775278d519e20ce2a8a40e1f5f1d620b0c1ae4ec41ecea175e1de5b76448aa3fcdb8d6a510f6da716d0686c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
43a5e6575dfbd833f641807ccc8ba81d

SHA1
f78e7f342e6d9b9a33b8f9b60559d376a7095de8

SHA256
3ff33fc6bf871d0f332f834815650c5e7c4f87a055e01e667ad0b708c95c560b

SHA512
45d06bfe6bbf95612d5aeecc869cf382cdeec4e2f03fc0e0896c75e03e55f610d9b2ef430adc137bae3dd16b1b5320f1a17ef01239f5318843dda502a8c6bd82

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1c9e000bb2a6563774257746f4ef517a

SHA1
10355fef9be998f4f0bab3ddad064fee5ebcef1d

SHA256
fc428e65764457509c6eaed1e496802bb70ef70a56cf1ff133e017206c578a85

SHA512
577e82f6f67dd45eafb888d20c6d8c754a53e4d678617b1d1f34e00d76fd926eb6b39198a0f91a2fd1e2eeb9305d687bfb05362a6ffee9802905d52724bff919

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4614c451987e93d49564fb1781c2e2f5

SHA1
ef8badc26be47e3787c29908a3c54debaa4f6d48

SHA256
6eef19d065a444d363722d5faaba268155a72f2f52cf9310afe45cdb8f5322a1

SHA512
f73b1123fa331ea890fa3cb49220c4e3b068948fed2f75b38e898d08c330d6a68da6d299bf3bc5a52b2ab5f748abe1f39e0a3307a34c379dfa80c15d2c930787

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
34b2848671f1a676bd303eaa1a6a90dc

SHA1
7e8cd4efd8af3f263e3c8338014e0cf9a027a8b7

SHA256
cc44eabff73638cd7718949d94829cdd28ccc1b199c655f0ce65d8bb95cbd0ec

SHA512
18cc3e68ce05a49349052921e5a22c009fa09d33a238de9be4168f94dc57ea24713987a5e3ce0e500e792ddfaa9a2cde5a78dcff7590aaeb25aaa56bc3f2bcca

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
d51f5b88235033aa7528684ffed6a9f0

SHA1
f075cb91cb84cb59a62e9b5fc70c7892c9cf0aab

SHA256
769684964bbd4869b249d8a727d6299b49502a2586e891ad7d60962e0e8dcfc4

SHA512
94c4ea7e08dbb1c4e7e4d90ba7ed5a8a5eee853d7c0261454e1fa7a911c865d434fa3cdc8e445424b334d3b782269aad3f2a7262170df0248a1bb297463773aa

Download Submit
/data/data/X.God.X/files/PersistedInstallation2534576261890297802tmp

Filesize
566B

MD5
415d43d70e72ad84ed335d7ebcb54715

SHA1
f4647624bde686d05eb4d983ea8e44d0732cbb4c

SHA256
27937bc8f8ffb8961e735067b13870942a09b3fcd27388241b1bf5b2c5a5de01

SHA512
d480e85133c8c2649d4135e003ef3383aeed78cd252ea4780c25a498d5a39919ab00897628e443a98f9155aa88303d3bc32fee4ccf7b432940f7da8c0e8e36a6

Download Submit
/data/data/X.God.X/files/PersistedInstallation5821657713384814524tmp

Filesize
90B

MD5
eb20c5e44fd8c27434370b222ae04ca4

SHA1
920b7446219af1d65ab72a1875d1e24b0950bb5a

SHA256
380a9807a4af5b19f5db7331a6ae97c1c1e3a00137b6cb77b52fccdf86d7c8ef

SHA512
6be3226e6dabc607e28df8f9d946f8c65c195dd7a016488a8bc2d0c24a0e54250ee8ed144fa3167b2bca876d1850507e45f4cbf1ae59f19a780674e3a836bb8f

Download Submit