Analysis
-
max time kernel
59s -
max time network
184s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
-
submitted
08-08-2024 08:34
General
-
Target
app.apk
-
Size
3.6MB
-
MD5
4b7437e4617978c96fc5932b868fea4f
-
SHA1
bc064c601906b25374b0a84e041e74057c6c48cf
-
SHA256
e1fd8b7039c0958b3c60b52852bd339a6011ee45f1d8aea23f3f3b5cad24d0b9
-
SHA512
e517721e9febff4741f5fab2e1df795c14f69c996397b6dfcb689258cb440cc4ef38e71cc549fbc243d420868873d2498fea582739bc1dfa9dd271e1bfbbccec
-
SSDEEP
98304:NhgxDJOzORUH+OiKT/ZxilcSvVwlanPV29JhtC:N0lO6RKxTxUlcUwmPV+htC
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries account information for other applications stored on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect account information stored on the device.
-
Acquires the wake lock 1 IoCs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
X.God.X1⤵
- Obtains sensitive information copied to the device clipboard
- Queries account information for other applications stored on the device
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
841B
MD500ca8019c1a17d883a8386bbca91e67a
SHA1480075fac1ffc86541b27bee8018c19e15b505e6
SHA256c6c122d7f20674edf7bebdea1215e6782b87473e6867caf45a606205f25bacbf
SHA512fde9dd88f2bec8a0ce51444ce8789120ffe013f1eac269cd01660e9ec26a84960f46954b00c1fcf640bf326befbf9fd8b5d07d949a44ead736d03daf2c1f8ff2
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
16KB
MD5136f3a66b7a916efaf36f34d7ad42ba8
SHA14282cd5b98675c540c81ec7fae070ea4fef52b38
SHA25606a06ade2735f0ef78c96bdd812533ffc9836d7ef03823629833984dd24c916f
SHA512f8741b98a9ef29f494120aace817f1bf2d437656d0a60f66ee2d05beb711a940c3857154fe5b1da1d9214fedb2098faeef7055d0200f76fe80a71c6416b8553a
-
Filesize
16KB
MD55cada7a8adc5be855c6c87da0994501c
SHA1ba70ea4ac14e3110a99b7ad45ff2ad9c52a4f98a
SHA256debaaa0959bec7a2bbf5fc8bfe6376ab3f50117c18160a7848141889903e24bb
SHA51203861d7e5b561f1fd30c5f04683d37e7a5a27d6a8ab9cb1f4f80e4fe9675dae08b44f8a3d1669599d735f0db2c541aa23a025217762df8445b09bf6415b74f85
-
Filesize
16KB
MD521f3d5e8418be13ba0e4f01ec91885c5
SHA1411aae020bdf4df3b4ad5e65dbe23e8fb48d4e80
SHA256bf3f557ce008c472cbe10ec8eefcd70f026a7cc70d6f639df118c852f0b27d8a
SHA512b613d942e36ac1a43ae6ef8f5fad24722482dd51c2aa5fc33cd1fbaa1dad8b5c27ec7a35b5da847206c18802cc3fe2e5ea6be28f5e3b4b72691a2a51621590f2
-
Filesize
16KB
MD5b00c4861e0eabd86d904dbc22edb12bd
SHA15dc8a6793ff36922c7674f874c7d2c89dc8ab671
SHA2567d60e572f91057d06154502c27f199733e25833afabb99575c400e4a19eccf0d
SHA512491e30d8cddc3b80e178393d04619310de047622499efbb57a86906bb6784173f0d069f24d45e0d7fbc040f1d2c8f364fa95dc2d896a7230d12e30453ce1280f
-
Filesize
16KB
MD5adf6082723784327d7d1b34adf974e7d
SHA1b1502f70eb881a1dfe41139cb719fefb877ee37c
SHA256252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9
SHA512762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b
-
Filesize
16KB
MD5eb52a90bb70b76e946b62f50b6f7fb85
SHA142d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA25648472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c
-
Filesize
8KB
MD5ef912bd7d59af81bcd4fc7e1ac8f8e22
SHA129949c847b07cf17bcb255fdbf93ae4842955f11
SHA256761ef406d307a6b287230b8aef2e984fd0ba826874011e8476e5cf63b2bac9db
SHA512bc5e8e995da760c8f118bacd5e21f8d47dda1b4a47432229ef3974fe9a5ca5ee8e0ac55b3263aed95f1806935c04bf7d0aeb626748d9f1d43a6ca04dc37d7db9
-
Filesize
4KB
MD5b5152a253cd26eeaf2e12f10c8d03c79
SHA1ddf8c7089163e78dc2577b5e71a921c6115088ba
SHA256c58ac0ab1ef5785e9c921ce512fa2f2cbb1e5ba4cce90b826b51a168ab7b36cc
SHA5122a607fbe54abb4da5c160837a0a42e54160fccbee5a34bb6acd6f379b448732164c70869a879341a076574ce6fe54c064f81b48f6bba572ed0f15290389362da
-
Filesize
8KB
MD5b7ee1b29ba56fc7a9b45e9589ddbabb0
SHA11a933a2e9d59c3950ca8e17af9bb618cc5d5735d
SHA25654cce5a0a27be9c60f57ef207b7414ad9893a52837299c42e8b4cdb4fd52be41
SHA512ffe81bfa7ae2b004e9fcaf49592d008a283272a238921ca4dbbc0314a6a0cc77913c29b6a3846538bc6dee349d5ac938b7fed496954a521257241215c3763a06
-
Filesize
8KB
MD5f90ba69557f596446e0bd90ff99c5c1c
SHA1ea413952285c8a70467280d666dfd2c21009ea99
SHA256e5b4a2ee4e50049e40ea99425d33cfed6d20989e7e211339c6e80e416d3d4597
SHA512175bcab5f3a9a8772403e5a58e6715136e911359dbfcafb2b009ac463386babbd655cfe580a43d0a3f5ebe6afad6eece3b44927eb1e356421e35f12017b65a8d
-
Filesize
8KB
MD5ffa0f3267a24290183ad32eb420836c3
SHA12f1353163e132e8fc09e298581afa191ffc27a26
SHA256ffcaf3dacd30c4f53da6d74e9a58a59a4bc165845dc66cc7e4b0f36b4c1c6a4c
SHA5122b18c5ba20c82c66062949d21c318f445c56a34ddbfb720ac659f1765cb4ed135c2add1cf0d33e8722f3c14fd848e9994c2978e32e816b58e66e06011132e1ff
-
Filesize
512B
MD53b1d70d6df6e1448ddc2aa2e6f23621f
SHA17fd73118f509c133fea2a35b6c182b5064c82d1f
SHA256810f41e5aefb357d2d013a44d8b3fe2fae806ced0e85dcaba7478434f3afde84
SHA512ba50bf2c575a4ff52a9cbfbbf99571d28e1b3c2949e05a09a3979c56a755dbbe2a6c5db77830d1694551bf73e14985a3023e03a6d373b20d1e472582c7416cb3
-
Filesize
381B
MD56f1d334c9695835852e19ed4163e6b97
SHA11989cb808fd3e203eb77f8e00a8d4f3794dfda91
SHA256a5b0cb36bbe9d80a6b8abca5d2364745e93e6564b3701db24144aa2d4a1d05da
SHA5123da4f14bef9e21f213fdbdfa6492cacbd115d129e258bcf5ebd1d64bf9bf97bb8e446d3378df82e94cf2a839b84e8641e57154b3c0b02b83467cc9fb6a926ad5
-
Filesize
90B
MD501f88c80eb457e7c9b4df7578952d9f7
SHA1d3fc7a37db642fb8c2d54e679a599e5896d290e3
SHA2563f41e89eda430de88a4cd571250414b49cae6deebfecf756a0ffd87caf2399d6
SHA51253791fc9938e4323f787d7880fdedb434f608cae39a22d832d5973db3441820285a2a3f9d99cb2a4660c3998662edb849d533e8a958dbea5601da242a05eeaf6
-
Filesize
566B
MD57f4db9e6c0565281e3de9b773f0ac455
SHA1bdd2dd424c02dc4a4934e838589c9c00a7cd09e5
SHA25610eeaf164fd20b1e4fa45958dcdaf024e146432b032083a9f85e74e9a4011f58
SHA5123825b7f462364a5f820e0256647669ae66f574e2fc18bb68328245991a2546f4fc359e42988a776b45a1dc5fe161b5468aca95d27d66a1d266e49d50109b4cda
-
Filesize
6B
MD5960b44c579bc2f6818d2daaf9e4c16f0
SHA145e118d0563ea8581f830f46e85b60ae714faae4
SHA256a7248eeb45eb1ce247f81693283e22e8b39e8a50890cecd22d02e75025547d90
SHA5129b2ab664b8599c84637bfc6d49a7b7b040fb25dc1c522942609d1945ff51a89e9cf15d400ce082f1450ea028cc30843f3d38ae75c1eeb544ef978533e6ec55b4