8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a

Analysis

max time kernel
19s
max time network
129s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
10-07-2024 01:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a.apk
Size

2.8MB
MD5

4c307e6962c91e6ba9a7a85f662f5db5
SHA1

c76926b8d6af7f8718510c200f2083f842ba1ac7
SHA256

8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a
SHA512

17112c92ba8ad9a36ff8104b6102d33308effc4f520f3f430b2dc00ffd50b1efc4b9ed6b675597b57b9809e805ddaf99553069a7882e62f0c6191c85a4e52cc4
SSDEEP

49152:uPSe9096pV6rX+Q1VpBaHoIkoo59X9SABZ+nm98mFBXAwtWk0ESkbU6Yf:uqe9b2rX+QFMIIkh9tSABAngW6af

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

X.God.X

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone X.God.X
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

X.God.X

description ioc process

Framework service call android.app.IActivityManager.registerReceiver X.God.X
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4257

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
85cb66af80d22fffe7467927ad6a270b

SHA1
98502e7f7112cb46cc6a1d5a2b30cc0d3f902db8

SHA256
717e5535b5eabcfec9881081a900487a41c029a4ebac8588e19dd43c703ee660

SHA512
1f7a81346f2b8314e5d38a81e9aeae52cf7e39af3c290755572bc5cc8d242766dec91a32a19bdc471a5668aa79b10011ba674b7a0d89025616ddd82883b332df

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7c639b831841d3c1b997dc5a207fb3cb

SHA1
ee56a9a6b12af3ae7444a4f8a09b25ccfa1c91b9

SHA256
36ec853820da7033bb5d3e2c4c578ed5573d5d0695152a9f7358747b502dea7a

SHA512
eff300411a259f7fc0a79d21f81d4ea2cd4608cb4f9423f455ade93a1d961f8a61d2f8e27441dd25f3f27076884006e462516115d68fc264140766e757dce6b5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
324cf3b15da82da61bac3f1da006b21f

SHA1
151a451c848cd2e6b03b620d0a00945f5b92c2e2

SHA256
5a1419de5ffe57f756910c888f9018d445c9c0160c00c5e210c70d9ceec4db1e

SHA512
b336dbe2c4b684523f744dc44c5f625e9d5f9af53448f3fd8e6da82a5e22054dcd217f0475c1425d83ad0dc4c4c7411aa13934176b2bc16c8bbc8a1b92bd2560

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a0fb04825ccc6dfed01d957eaec3c28a

SHA1
3104996faf7e52445a750ee88fe031da55b27ce3

SHA256
19b9e6571c84bc3f16ecddd544de3cdaaf775b610e89187e7432a3e3281b8d92

SHA512
c18879526996aa7bdbfae6a315724a02b732b039cd187263fcb4ec725fb77609e9e3158e939d91501bd086feaf562fedaebafcebfe844d65d2545845ae9381dd

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
fd30813512d1a3a95338717a8ec7f9a5

SHA1
6223b63df2dacaedd3fc3bb65f59f5119fc6fd73

SHA256
17a0da9305ea890ac5b3b5698bd52cbd8fd4bb9d229650107783da03d5b0a72d

SHA512
7971805fbf435fb42ac150c47e5176c5246a9591cb542247a94fad12ab0920c4d49d5e573d3401e9ad4a5cdd2a051fb71e89334174ae4099f568b3aed7e4f0eb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
86b54676923671121c49d88abef6fbe5

SHA1
12f71581658fdcaaf8d5031865c574803914bcbd

SHA256
180a4d20cfbaec8a2fe982e335fdd52e5e563646f6ac9017b9c6a2af88403309

SHA512
f89480510848ba46fdf3e957f0756359beb0e013d4d1caa159c1aafa2721f664f9abca920885e34078fab0d5e4f60cf4a33a6c32336779163377acb284909300

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
38a8efbc405538b91a1d073cc546a2a1

SHA1
8b015d47a40ac85380f039b12ca78c6ab6269314

SHA256
774bd6b4c24fdfa4bc837086a0210394aca351084ac15de53083c367113df0c2

SHA512
d4d7a49826e0ee8658197a6f0fb1aeac29caf461ff0680acef7bd0a761f81be102c3921538ed8f048697b6b22454ed7c9ddd412c659a8339de469b974f8ba6d1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a78bd56cb50d6ace7555b331d9cabd32

SHA1
df48d59b676f9d5a08f1b341e56fbc946bf21b46

SHA256
906afd8d58daaa3860e0fe1610f2af107f6db0062a71aee45837ef0714323f89

SHA512
792825f3a3a0f2fc6295fce99aef3d1e12a468663dfe65e313e47102ce02b0a93996acdf96d2262488c20b0f12f2594a2d2ad331b1cea19fbe41ea8e2e00b40b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4dc5b71958d508fd7d9f44a5a47ddc93

SHA1
dafdd560a0fefdc9621b546d4c8a9a92fefa5ac4

SHA256
988b3d1df94591b207b83e09a723b9631214ae5d589ec50f85bc45c016f76949

SHA512
2ff7895457e9a8a196672f248d3ed07cda5ebeca3e85041f64c6cb8009060c9aff4a1bbe8be3f1bca8e74bb2c0d81d36e3d3692a97dd3bd14c1ba89ffdede553

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a23f054ffe92982150ab16a8f6055aae

SHA1
28bec8cb7aee8ddc9382423cda245aba457727bb

SHA256
9d53b4d326e6efbdb52d67989c024350f2ba83c2e7c21e66815f545ebeb87e64

SHA512
bca00dae4ee6991b880a90062abcf0f9513a3338a4738adf17aeeff4c00e78bbd5622982c18a98bc449d4afd703e8703d65de3de1ea0396d90867dfa131c2fcc

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
5f6824ae392bbee54a78de7cde665cf4

SHA1
44ba7a32ad74681fd786616fc514484e3f198918

SHA256
27b83bdd791c7b396b66a4806c5f8b1502e2cd153cb61f9554f13d2c242263b5

SHA512
913ef28ce343650c7269af22497545d783c27d2444931665696a2ecf43e3cb014db27a188eddd2af1351edb3e6f3ddc90657880dd1a0f60d392500c5da2c9d98

Download Submit
/data/data/X.God.X/files/PersistedInstallation4888375927551269120tmp

Filesize
569B

MD5
ec523dc8382d66faea37cb029dac67d5

SHA1
ac92c27dd6453ac0857b8db0da3c500267759af0

SHA256
15d779e28508d693d9eb3c602fbe0d0ec62bea7df621fee3e5eb3479a8918d8c

SHA512
1e9a784b71fa20384c4383ba9cd403ec01768762f7492dc3ee9b4c443cb966eb9a7a41479f0936164206c3c5476fc5d98e367b43857f5a613dd8f9f03f6b9735

Download Submit
/data/data/X.God.X/files/PersistedInstallation5131691332815713878tmp

Filesize
90B

MD5
ba59ee4e325cf42c99e2a505e9166937

SHA1
346e699309a4d96facceb24de09d66a38989318b

SHA256
5f002464821d56952f6672bbd233007734a970da840ae7c4062a3412da0dbae1

SHA512
7cc5911bbfc45abbb75360294b4b7837b711ade106f95aab462ba8c2b692f3664d0910e6fde4fa7c30b60f8b9cdd759cda40817d4f12c18bde54cfe36ac64f10

Download Submit