8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a

Analysis

max time kernel
19s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
10-07-2024 17:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a.apk
Size

2.8MB
MD5

4c307e6962c91e6ba9a7a85f662f5db5
SHA1

c76926b8d6af7f8718510c200f2083f842ba1ac7
SHA256

8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a
SHA512

17112c92ba8ad9a36ff8104b6102d33308effc4f520f3f430b2dc00ffd50b1efc4b9ed6b675597b57b9809e805ddaf99553069a7882e62f0c6191c85a4e52cc4
SSDEEP

49152:uPSe9096pV6rX+Q1VpBaHoIkoo59X9SABZ+nm98mFBXAwtWk0ESkbU6Yf:uqe9b2rX+QFMIIkh9tSABAngW6af

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

X.God.X

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone X.God.X
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

X.God.X

description ioc process

Framework service call android.app.IActivityManager.registerReceiver X.God.X
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4266

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
585c254804823335ca50cae53c3586bf

SHA1
bf841bd2f09d13c864acefaf6f8ac5bb8d763f69

SHA256
7382eac2fe4b7ab01a203a7b653c6a4f115540e485964b81de96d987e6a3a869

SHA512
92c4abf121dee42706f162c35be7a87721ee303caacd518673a2066ed836225320c141fbd6ba04e4229a6ed1eff859d1ace4aa52676eef22e0db30bb6200260b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2174eb70ff71a26eb2a21945aa30ebc5

SHA1
6372a87ad043d10791c749de2206f8be924e6bb6

SHA256
d4b722c54dd409592c0e4f7c9b8212c094d8bcc1e1e118ae036c5d6ca2a688c5

SHA512
81197d6190c7d58253e31119e25205462f969c0074f676b03c6fcf0123795993a73b3975ddb436d943ecab8673fd66ad248e2101d0995624d3eed9de17e912d1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
977f91063e578d916456a5bc26803d5f

SHA1
cc32249a6e5cadc8d38c33e4483bf714d424d9ae

SHA256
bcfdf5ec2d4884c92afb0572a0b20a55c0df0bc7f0e3bdb3cfd37d7a94c13513

SHA512
76f7ff2a13d39b045cb82defd549b7755c0ad9f62fbb0d31185217f67d030e4a7a65cbe34292b96fd42e6f579d49e2378f35a05903390b9320cdfbef5317b71c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8da28e46708d92b8061801ed00423dd3

SHA1
1dfff5316b2cf0b8abb9a5d51cd04262d26eeaa3

SHA256
d14c63dafee7764c3c5ba5da8294348814fec2f9ba3fb1f407ffe5571ef56049

SHA512
c92b93fbe4cf79dfe86a591bee80637d4467ba4b651b6713ffe9e7598ff14702cc771a77749f553007390d31d19e07424524d0e77ec58b587358c3b438ee685f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
3bbdfcc2ae25f32273a78233ecad3f7b

SHA1
95c9245289832f2cd9724507cafe9157a49d91bd

SHA256
85b322a6c67206fd1a4ed2aa7239dfd795149a002fd11942c7a30bbcc6513eea

SHA512
65f5d82bf809d80a3d660138e025f1f17a356a23d0fd0392bf414f006f0e83235b6d48aa14f46b5516a26c2d4856f7ca36ff7baee580d00fd1ea5ea30c981e41

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
12ae3f86735e3da7df83e2d36bacaad8

SHA1
bf9d3b4163bd13dadc22fdb2544ab108c56e6daa

SHA256
064645ead29a87bf84ec4965266895bd69f18329ae1466e59cc5bdeee22309b2

SHA512
ffbbf76e1b3bdd77a82bf8d31d69563518c6350925c5cc2366dfbba5e04d3500c92efd80f80113804a7a30d4448aa0d027ea9a2f76d3c7a527edbe1b3e7ed221

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a4ccd824f0eb9629eefaf31271b3cef6

SHA1
ee3daaceaf5279bcfb3e928532b930713ca96dbf

SHA256
9195b042cbcec94fc55b324ad4d36890818cc9960aa3cb83d2246691bfc5ba1d

SHA512
9e92aba911cc6508a728abf7897e828e9526510c1be41a9ad1ed7620ee4b4fe81b5861747a271c91e3905f34458b2637a3d321851647114caf39cb737f6a2b0a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
74b6f9a6dee953f649fd14956d01bd77

SHA1
75174e4818f4186244d780cad8df518552293a74

SHA256
d071a3797d087623311c938b380977e9ec4cf7e7d522b511be9080b84c3e2413

SHA512
7acabd78a9798b1b83723ee8c299fcbf7545f80ec1018455da99bd619391821a842fa41304ecfe8572fb26b730a4619ca67f2682f55ea7a4152b1b7ecd1d47e8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
521e2f5d0af1f27e3ef32dbbb284a470

SHA1
b6c4bc1299cf6b8801c832c61b40b31a66e17794

SHA256
95cce16d0c25e68947417475bf70a5ab9e2ddc7432ef034385c279cf83b72b7a

SHA512
aa986e0b3c0c384c342e77095cb2d90f18d40e91ae7600076019b2c7f91cfd4a63228a579638080589dae08a9d2661a2952a98dce546a05a805036be04df515c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
abd26ba255593f6ae392847f99c0884a

SHA1
b7e15319c4f613176f4e35fcd230ec48e2b6b2fc

SHA256
98406c612d698c2db9b96cb934281123c3b103a6678489d95bcd5bcf25006b90

SHA512
ac656b769401ab8e73510507f18a1ef842369a4bf8838871dd96502e258640100980b98d637d0be4a5043bacaa6dc434dc2b1799ccb929805d349ff86f2f1b03

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
4595ca308078d7f596a573ec312a9a96

SHA1
61c6f675f1a9a4dd2d19932bfef0df501f97c631

SHA256
4adf129adefa753097535679d724a5cbaf6e330c174594fe01e91e543d5806bb

SHA512
0d7269600074eabad522935b2101f33cdebc290e7973a8777dbd23d52b4b88fcb88431597413a38a1b41119d1c6a668cfcc6a995d3a7cbf9777654914af3b103

Download Submit
/data/data/X.God.X/files/PersistedInstallation2793583717826583255tmp

Filesize
569B

MD5
dca4fbe155240c5997a6fc81ef9efb6d

SHA1
6282443b5408910aa9109b6d9389c92d722b4de5

SHA256
a73b385cc4342e560cdab3f86758103a82806adc03a881c1042657e462283eae

SHA512
db2b79ae65c6bcf6cd336831de0bc1cc5bc86f4ab436d580dfd81a16e946813b7c1a8ef3449f94657456ac2bbad0dd36e35d0ac673ecc277b45c771a38315d01

Download Submit
/data/data/X.God.X/files/PersistedInstallation5634113566075326284tmp

Filesize
90B

MD5
dcaec368cd68593c7ee6e38aeffe245e

SHA1
3a08e7159b2ca973e53cb5c7fc24288b2754b36c

SHA256
e1126df65039a3d6903cface12127c998754de6649cc1bb5c83a155648eebe25

SHA512
7e32c392b7df2db8f4972b8f3e2cc4b9b75b89c0cf5dd59a3284a6196e9eef3e3be37ad1f6e8b3c3604e7f3bc442e6ed465a99b5cd11028fc57c426e8893d677

Download Submit