8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a

Analysis

max time kernel
20s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
10-07-2024 01:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a.apk
Size

2.8MB
MD5

4c307e6962c91e6ba9a7a85f662f5db5
SHA1

c76926b8d6af7f8718510c200f2083f842ba1ac7
SHA256

8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a
SHA512

17112c92ba8ad9a36ff8104b6102d33308effc4f520f3f430b2dc00ffd50b1efc4b9ed6b675597b57b9809e805ddaf99553069a7882e62f0c6191c85a4e52cc4
SSDEEP

49152:uPSe9096pV6rX+Q1VpBaHoIkoo59X9SABZ+nm98mFBXAwtWk0ESkbU6Yf:uqe9b2rX+QFMIIkh9tSABAngW6af

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

X.God.X

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener X.God.X
Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4490

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
040209f8c50ba87e8d85ac721b3a5d1b

SHA1
3e7d0110af5ba0e8dc8cba9d1d2283daaf8cfb44

SHA256
7b139c0a919f6b749e471e3b6d6536727ebf14f282f4be29b99b3e3e41ec5ebd

SHA512
69adf3bb035a65183e1e9d967b24200f596323535fa08c7a9e7009ef8061e26b604e7815d2417f2aec23e3bc1cd2084fa4da40a958fa3f67bb7a219d06bf3667

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f53af7c9c1505e0ac82ac3270d2dc8b2

SHA1
a70ef2537e36b8ef70b7f2c728bdf07400a3866d

SHA256
1f1bd8fdbf7351116b949fded742655cdb5368d98fe8f42123a657c19d86a74a

SHA512
9542f76c4b55b4c91aa60341599c48304938e5e0675ab14a009d957b22816b6b9263da2f3f68a828ebd37a5d0c658a3cf64d81a4dc8d5c2b6b9ab38c8e628929

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e1359c89f7745f591fff906c71cdbeb6

SHA1
f71fd0d3444c26af9c684cff606978d2a6b62610

SHA256
a06d56df28475f0c06530df2fa2f2ba18142eaaa8a2e46d9de263a6ad1a0f85e

SHA512
49fffabcc2527627cd97220955532cdbe2e25b6988192741f384d92af4479d091df2abd73fa37ef1c5ba264ff63faf210d6c2c69aa6151be47a69a09243c8d60

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d03f2a9b0841d156e03c052f0d06665f

SHA1
a89234d872a94d465ef0e15889d5a1819be6d397

SHA256
bb6a20b0d7007fcdfd9ce727bd134b06cec72cc302fd31d225abc87b4f054677

SHA512
7d89e8ef5ea2ea6fa14141b8a5dc63d35ae0c419b7a35605772a867edfc025f220fcf2e0b0e23bc19510da995224cbede0c413beacc281f63fe7f494205f07bc

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
402cea07033c67de7e248f73cef559cf

SHA1
057f6b343a6ad3388e3bcf711f3e0e1672b03689

SHA256
18c84ec16c70838f1f49187264eb0c956f61da2659dd0f4f61353f1acc34843e

SHA512
af20fd3bbd5c4dbf1fa59f04c743af9090fb67d8f69d5cb5583bf055afac0313625fffc7ab9c69dcc7bf2a03413f845a60971cd0fbf3ce20e80d7a322bf5daaf

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8fadb08e89795c85deaab45da9c0d0d4

SHA1
193b0b1021bc5cc824c22e9843686f8d9df1381e

SHA256
ddd754bfb58ab9a3acaa0017498aef2eded9845ee18a43c3cdcb0de9b35867d7

SHA512
7aa56604e09586db910d8702474e80237696940d6bcbe5af42e786c9d110acdcaa75379417a0b80b269847ee3323454a7dfb58e4c9738c7771f2a43059d0ec97

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
d2a0bb6ae58ae5066a66af4e1bef63af

SHA1
3bcbd671a5a31d5cc7ad3e577c52b9ebf49dd9de

SHA256
3ec4f417a6f54a586f8447328b131c6bc406543b0ba5c9e8755def3a88165b9c

SHA512
6b957599125587494a0de6763c25b49228aa2513b91417874c89e27c0e728281fb8e85e22a471b7714dfe5f83137a9aa67f915b4dae6b83ab83fef5f4310c216

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8dbc0d7cb5962742e5a8b8c81e21d15b

SHA1
aa2de64ae27c148645c667353de0be23b71be26d

SHA256
6be4a80e73afb1f5744f62ca8c48d622d63d815e4ab59565aab272c002918e22

SHA512
a5de60ac6c02c431554e681d6319f194e7325dce048f1bb32105af7e327f3cb213694302f4c19bad3160ef5a69f7f9f0c1f503ad6fa1fc86d6c50c176d806864

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
bcfa34ad88dcc514732bc60228457320

SHA1
4dc20e94e29bd7ec3885345482dbc441093dd952

SHA256
a255d566b4fbb519fde4a121a582ee356edd241594dd072b1124182b41789100

SHA512
c4ee6a727efc38654ba95a95baefe428c42f40b450d5ed61ea247095cb0f98f173b531e43687355fd1cbc74ca7496f7dab33bb4e213163fb212c15554e0f8d7f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0fa9813c23ec6b59c7c1e8d734a9cc8c

SHA1
01d8b74cf417556d4f95676621b04b3112af5197

SHA256
cf4f618a8f123cfa2bf325636ac7ca66503b37dec603ef5d1af7c3d5b2661a92

SHA512
ddb79b72ab51b150afc3e4791af00a975ff43dcb7b7d76f715a755f4c68f5597ab319eacc9990e4edbcaa7adf0f810c7e351d234e56ff4a9d0c48ad353d32024

Download Submit
/data/data/X.God.X/files/PersistedInstallation5673451184303993553tmp

Filesize
569B

MD5
3f4740bda3774e31f18b487f00be1c89

SHA1
fab88318161840475ba4922a4f61a85dee796cf2

SHA256
1324ec43e5f47d941c8c1432732478fb729206146416c520d905be39cb92e2f5

SHA512
fd2c0360c12ff217ade02ee1b649d98114f53651277ad08053c3dd32aa21f44f98684f2cd12f7daac5df8ca6e099a023fcb616ff7834a04de80394394c1ffb1a

Download Submit
/data/data/X.God.X/files/PersistedInstallation7901515343624752292tmp

Filesize
90B

MD5
b661f0996538f108b6c9195f4a4e9393

SHA1
8411faf2041a95e7e694f1ac7a43d0a5df8da6f3

SHA256
e9d21e4d5b68349f0752c0176865d805923d279147f31ce82e76422c621bfcf7

SHA512
33fcc34a0952c9ba3ac9e115c99c374011a0e236f6b8bcecd88bed0bb522ac60957ab79f3201bd14c5dce2a2351931593b600ad171cde47501774673a7b0d566

Download Submit