8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a

Analysis

max time kernel
20s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
10-07-2024 17:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a.apk
Size

2.8MB
MD5

4c307e6962c91e6ba9a7a85f662f5db5
SHA1

c76926b8d6af7f8718510c200f2083f842ba1ac7
SHA256

8e00e43db6939f7aa53999cc8d8d687625c42a1c707ca74b9d540514cdc7d65a
SHA512

17112c92ba8ad9a36ff8104b6102d33308effc4f520f3f430b2dc00ffd50b1efc4b9ed6b675597b57b9809e805ddaf99553069a7882e62f0c6191c85a4e52cc4
SSDEEP

49152:uPSe9096pV6rX+Q1VpBaHoIkoo59X9SABZ+nm98mFBXAwtWk0ESkbU6Yf:uqe9b2rX+QFMIIkh9tSABAngW6af

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

X.God.X

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener X.God.X
Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4507

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6298b3b4c7bd4712dd94b3ac2ac93449

SHA1
a09ee5fc7fc309396dcf6c2e8850edd34ad30530

SHA256
daeb1894720225d755c949dd24e34833c305538ecff32d47f8ba402ea7596c08

SHA512
35fc7b8d55a5990422198a5e5db26c5f2f2150f6188cab788be7ee83a2aacbafebb907e3dd951f0c7a2acb9d87e57ebf91a7180a6ef2195ed4bc75e7a07cd237

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
03ebd3554be7d40affc1fa1d6ff37d5c

SHA1
4e9456c4d5c6fa3b32980c3212c3d08b453c5a42

SHA256
0da2e5400fe7377a0c21b8117eb976656e601776fa7adc085072904318f26e95

SHA512
f7cf3dbeb8c03e222756f4032f9760f140802699453394baedb2cbef21beecdd60a5d55b084da067e21a207eb5200e374996e76db5186abb81fa158ed437053f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c2a53a37b54aec32c3b01f3c87051130

SHA1
9d3a29e93e8c5cfc1505c9b371df1a278fba46fc

SHA256
4f42544d53787318bedef9b80c561741286dc9be22025710ea39f877a59aba12

SHA512
9963e57b7593e86b6a35019ba8b27a1ac5388751053841cd29493b8f066fefb9ff033d0fdd47975ed142aaf55724e871e2a74074f8c540124f6f303456ec256b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2dc193e98c38f50f2881062f6a848a38

SHA1
550d28df83c2b426da7a07a7b0b046c74c5eee30

SHA256
6576533917fbc44a694745fc50bef8c402db92e6323e13295cc24f9734d6c2b3

SHA512
a6fb175ed2e7535092d3c56bcf28fbc764cd759cd03b76304f17fdccbc41ef468aab0862c10ab121619c0e4e8778a8713605f44c5efc6031cf9e10896955c401

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
a41debfbe8be82cbad43d03679a8494b

SHA1
c2ee4035c3016165005f05127fead8bc27df6ed9

SHA256
63d7646fc8a7e56424dbf4761f7a3bbd9030c7ef02fcc2a7356d3ab2f5a9b472

SHA512
0483b22a60f34bc37718a426c63ed5c4c30eca22695e69daf7e3285bf2be9790d89cb59c33efbf36c8f8b3a1346d2354b4a364dba0de69e6bbe0362f0b066766

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
199ac615755b4ce8f49bfcf5897aff87

SHA1
ed214cb25e2e06ea9153c96f72a8c8892f3b3ebf

SHA256
aeb3e0ffe2629583d23d709dc0f356cf1f5e6e6f0a60b41ab1b63ce6d9eac64f

SHA512
cedbacf5299360b2dcac8fe3b2b8e1dbe6bdedf712185c9721cec91365e6d4f1fe642816dc7f852962e65a1f9f7d1bc47fd6d1a6af1c4189099719e54eaccf3a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
65d9c2ee1a34f542e0ca8b6eee9bed8f

SHA1
04dbffc06fe05e466b7cf487531bf9a0e3a356b6

SHA256
0ae53dc0e9452c63c22c545634c730f1c5720decb795a935daadf9f3b2e2f425

SHA512
c4ad60174a8b73893a3939b046e7714374bd20491ee3d5f1897323653903fd185168c649b5c19e537a1e327176239fe218afd50b8f7840f4b7d1ed9b5e226014

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b37ef703a54c00386fe3c94bf5c71ded

SHA1
4784beac123881b07a1d5f21664817ebe4f7d2c5

SHA256
469811828190037b8e82b00888f14f7acbae84cee5364e22ffc2187906fabafe

SHA512
46ff7d2f8d4414e4e564f590068e8a5f25333c0510ec024b5d5eb2f2c8fb765c44d868ecd5ce59d855340015e1472b9ac511f7c035fde09adb3fef672eac6d9e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
dd00e88dc6eb8b11710d2a4afb29ea45

SHA1
466503b85753faaa2d5740ab893116b9413c3dd6

SHA256
768fa480148f525f7de48954a2013125e24c242a74445cb6bb2d3022b0b21527

SHA512
7de57b19adec680ac29e46c50cf32ca435a7b7ca09cae62be601acf3ec7f8a0bc2630043eec410f5f9dd73174eff50ba3a1f2cd8ce756e16bae33b5d7dcd92aa

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
995188f15309e81f94fe4a8a503cec9e

SHA1
3c0a5a60c9b33cb8f55affed3850d70d49cd0290

SHA256
fa166d3530bb32382aa1a20c716bfbb9f67d0c51d359f2e9d18c4ffddafd30f8

SHA512
cce22c35f07ad01540c7b41755950e32e6ebf49893581dfc926bb04754c7516b8f02eb36c5d086deda59dd8b12210280e7e37ba4d425804b5a0cd22b3a7e1f81

Download Submit
/data/data/X.God.X/files/PersistedInstallation4949398951995580200tmp

Filesize
570B

MD5
f18a2e8df5495159492bc7509bd52f05

SHA1
075bbd0b754559bd237749fdc891baef5c30c41f

SHA256
9ab96e866443ed00f379df2739c0d97832776d9c2c37727da35feb8de62752d9

SHA512
8a79a9eb998f3d0092bcee42b44fb8325af5e4cf192aba6ba063c35d389097c1b9110bd22d5c31cedecbc0fb243e79ed44dab1994fc2824cf719e5e8598809e3

Download Submit
/data/data/X.God.X/files/PersistedInstallation8630193643665727277tmp

Filesize
90B

MD5
30611b8ee81fa76642cd265b3d183b15

SHA1
1b8126e69ad725d6445fe6408a0daf8271cd9b5c

SHA256
75f6e44a315f5c1a3c60e49419523ac94d5f390be5959cd0fa32d44f864809a1

SHA512
9e24d127ec64bfa896077889ed05e3afff7ef52981a6fc7a428e533f47d891aab42c4a2a25aac2d72fbce9848bea8b467be8a9cb34dbc529285055f07d90e535

Download Submit