8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a

Analysis

max time kernel
19s
max time network
155s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
10-07-2024 01:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a.apk
Size

2.8MB
MD5

4c307e6962c91e6ba9a7a85f662f5db5
SHA1

c76926b8d6af7f8718510c200f2083f842ba1ac7
SHA256

8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a
SHA512

17112c92ba8ad9a36ff8104b6102d33308effc4f520f3f430b2dc00ffd50b1efc4b9ed6b675597b57b9809e805ddaf99553069a7882e62f0c6191c85a4e52cc4
SSDEEP

49152:uPSe9096pV6rX+Q1VpBaHoIkoo59X9SABZ+nm98mFBXAwtWk0ESkbU6Yf:uqe9b2rX+QFMIIkh9tSABAngW6af

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

Processes:

X.God.X

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

Processes:

X.God.X

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

X.God.X

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

Processes:

X.God.X

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

X.God.X

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

X.God.X

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4982

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1bc17b0248fe6015e99e472ec53d1067

SHA1
9eb3140a0b27d16afa73bbf0bb9cfc550aba4b9f

SHA256
4f6aaf4a52337c9b5d1ebd3341fdda46014c71a49072ba49d32ea1d1aa94347e

SHA512
ebd377ed4eed1a333888c3488e31313d99d903d9fe5bc166204c6a83a616913fa23ed5c2080db879740c348015cfc6922bf446b2ce726945a83abbec82656b38

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9e1ca47c6a1de8386b64afad1493e3b

SHA1
4d56b8f566c646ee0fff1577db561173e8d3da91

SHA256
9e4d20358807443c2e6e07e3c8a82d0d823a4904aeeaadc9d6fc6b285e185dee

SHA512
3ba005ad1a9b4de66c11a2c06cdcec8421c9936d968d45747b6613b060d15d550d3ba9629dbd525a95704f192fca7d1ec40244b28df4915c9d261244c94c4803

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6c63c1d188ebeb1caf8d711b6117b749

SHA1
7487b4a37cad4e3579b87203add64ffe00e60daf

SHA256
13f197ae23b0f62296655b7510841ef9f96c9d6cda135ef8b5c502921c9d3751

SHA512
0808178244fa72835e4168d00290343d4ace396a7289b1d7aa931d03a731ae816dfe7da8d6d6c35c6a124da776e94f2a34b7f4f71143be1988ba15a4c158b38a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
97da2c415bf3c7a51086947623c93c4c

SHA1
b0768ad006fac8bf4bd978616cf18c544ffae5aa

SHA256
104c2772071ba58635a780b1edd8799dd683b80693e14dc63010e21cf9c2ade4

SHA512
48f6828a1099529cbfb4e903c6ca466e6add1256c5c91baa06d01bfb27d864b4695263d4775bf8063855f055ec0bb85a2b65f0fe87fd4ee732cee54e0d4a8290

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
adf6082723784327d7d1b34adf974e7d

SHA1
b1502f70eb881a1dfe41139cb719fefb877ee37c

SHA256
252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

SHA512
762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
677d596f291d870d4a4623a831b921ed

SHA1
f40b4350cbc50632f554b55b210e7cff0236fd3c

SHA256
7fc552938bfa60bf07fe8e07432fa3098fb346e12395508c95d5faff04638666

SHA512
47b541430727a5978b82684747cab9de3d23935040867935e9e3379c9abe74988205e494d1e0492a70bc8e25433dd5c73bd0ac4403acf7254fe0222b9be9fb85

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
f814b90a6e93e469a84a6aeaf20a09b6

SHA1
08a38efe26bc32cc622e7c94b31bf6c885a14eb0

SHA256
567166076af46bb27d79bc838586964003e1ce6f2b68e1806aa53cbf0d974049

SHA512
5686cf20e60a9cafde77eabd87744e14646f26eb623f88e0a4cd52f2b99950ccd7c0386e5b00138c5d083ecd3cbe94ac02bb839e3b0b006ebe3288e350dbd244

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
741e8184ff7b4e92761e7a59b32cdaa9

SHA1
ba0d88cedff2bde03e61b13820bec3ff36fd95cb

SHA256
191f2fbed3e1b2c7591d94359f3354f61f2266620b217dcbe6387c327183e1a6

SHA512
dd424edb102545684ca0146794e197e97c20908405d64f3c1549bb4991c6247b5d11b9d82b10c86a1a690d1055f521450979931a6b54b0d94d2640627e7d5bf4

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9dbacbab3f8dca15519e3ac8e9e713e6

SHA1
21e97deacf3bf9a85fffc3c46c17e032eaabce3c

SHA256
93dc6457d21881cd57d96e190e2fea87fec09d518158e24cb0fb81469858727c

SHA512
e65f922dfab97cf5fcc12d132c44136fe1e9174ec12fb4c9327d4fb5cf522f41508ca334153eee30fe052eb639b3c5a0dcf27a6b7d37268829e8e684ff06b59f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
43430af430ce1f7472a8e051f6367931

SHA1
9103e975a94e56f4312e4fb1c05b28cece544e38

SHA256
0022951f2d1d76c8e76bdcf90f0ef9c4f8e1e9fce7c8b0ec24277f4bc8db07d9

SHA512
3eb644499a21032e3fa10f969dd22923b35b093c06efeef1e0b26c175e8a13a0370b5b1b99ddd2edaadb758c79114c82965a9845385318cc44174a28100cc19b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8b4443529693345ee15a48eb5d6b5301

SHA1
762ef967d4ed4ce5f34ddbaa4f041926daf175ae

SHA256
7fd3ecc792b35cada7ccb14c60844039f9936991aaa7be209bd1846efb04cdfe

SHA512
6135bff59d2790d34117e10e92e0150fafb044dd8d626aa0f313063cbae397ba7e406b9e7e8f5f38c1e34ac72f097bc66a616712e16a9a3d631d0d30a94e9b46

Download Submit
/data/data/X.God.X/files/PersistedInstallation3176698482475726142tmp

Filesize
570B

MD5
e437d492538dc03360e36ec958a26643

SHA1
d0416be44e11bf9aba38b511ac0bbc76ee52eed7

SHA256
ae42ba69ce777f46e72edd150e51f4b96c4eb1310315c2d095ee35f56999f5c3

SHA512
9d2c21465b91ce57ad2beaf50dc3462559a96612266a074824a8eddc40476803f5d51163bc809b70e44c2c8797b829ae745203a156983bace206383fd95ad21b

Download Submit
/data/data/X.God.X/files/PersistedInstallation5939755982256538058tmp

Filesize
90B

MD5
810e70a842ff04603c6b99b18f6d879b

SHA1
ade339cab2815b1cb7bc664f3d734454b2c117c3

SHA256
9466730e87e8393002eba5317ed7d19f4a9bf121e63f83e3acca1eff408b1f05

SHA512
8df69adb6a6d32b132e3ce13336d7bf47d1e24bcedebeb11876797bd7c8a65cccf8ec8311c9f846d35bdd6155289b60c4e09190b8aaabb637e82ae49a3de08fb

Download Submit