Analysis
-
max time kernel
26s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
-
submitted
10-08-2024 10:15
General
-
Target
base.apk
-
Size
2.8MB
-
MD5
84164f77738a604232c7e497103d7b80
-
SHA1
5c466d6e0be3754e8cab2ba2139944b8d89ee749
-
SHA256
c03ebd3ca7deeb2d7de27a0201aee53298f0810755460d30fb53bb85a5c40ac5
-
SHA512
74be9810cd4e23b411f6804904bc54938f92d2f5bf44abec16a825c99beb77e224524d2f24ecefcb2a05be95142c7134907185c41c9dce5534cb25d59357f8d8
-
SSDEEP
49152:/wa6XjRtCjJQ2C0L5jpUuIfvbnU2Ek8ocBlJixY+Mspv9qcXzqWC0eyeI2cyzVZV:/7SjRtCtlppUvnjHcB/i/v9qkzqWC07u
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries account information for other applications stored on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect account information stored on the device.
-
Acquires the wake lock 1 IoCs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
X.God.X1⤵
- Obtains sensitive information copied to the device clipboard
- Queries account information for other applications stored on the device
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
702B
MD5718bcee2026dfcd3cdb2936362b2a42e
SHA1e6ab0a166b26ca4052b8a35836a69ad756245801
SHA2563c8b088387eafebd5580565031a4ffae103f46018ebd3d46d728e5d4be7282c8
SHA512fcd11e281fce25612d38673f53ddc405d67bd21d2ac57f8ec5afea4424231ddb666d5c9e23cea1a28db05e7712b8184dcbb763e33837297a9188dcec2bb572f1
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
16KB
MD582e177b6c8f292f06ef93bd79a2ff682
SHA1a80ec9ca93b72a8d9a49337554e732d8c4984d43
SHA2568da15d1d057cbfd4107929cee8fac4e18efb6e00007cdbe7f4c8adeea2a8cc08
SHA512b0b1d260173d355f0d62ded037d4e161329e6cf905b70402b45519249cb102fcc3e8988a4b340501b55d8616677a81781073ecd224ea483e381381b28c7182c4
-
Filesize
16KB
MD543b65968b64552e3dacf517dd2bf8d76
SHA1aeebd6da8a2745664e71dd9bdbced574b03f5d74
SHA2560a03f726580a73aee5489a6077b88bfab1cc87f518085b08ecbf99772d3342ef
SHA51278667d662cee9f1a5df66b972e94f93e720d88e5b6b0f287a939d14d64a43d6e0ae1a2b93a8d4b50352fc992ff8f7e15c4bf77593a0b9aead7cdec4032d9d58e
-
Filesize
16KB
MD50b6a6cef638388c53174dcf0fb209017
SHA152be0bce8badbe77ceafdde829382bc4b3b204ff
SHA2569fcae4b83c7dd642b2ee3b39b1769321837cbb09477ac7c87cbd23ab7d3e2d6d
SHA512b8ecd8a0711b6df21ee22d3919e53a74ae2e15c5a853d38b2e203cd8e7d14f3782b30ee447e50b2a798c899fe10ab647bf9b568d1b40522bc3841b8f4737952a
-
Filesize
16KB
MD5b1f7730ec9c3a20afdb0b52a54528820
SHA1f3cbc3896d6a989ef77b8c3cbcc5d470e744643f
SHA256f3185c600321f7c12fbcc63b40b3779b5fbdb5f6934260145958b607022093f2
SHA5122577f24e3c8d7af9329d8458f67d6ad6a10120f981a0515034c72535ed40ab476f3fd5456fd5862ecc16cabf9eb35def5bf6915a0b7a1dcb1d9e0623447e74e9
-
Filesize
16KB
MD5de82e2c94d2718988804b035a46d17b1
SHA1705f5ff19093ad209f2a666085d6ccaed3bf58a4
SHA25629110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39
SHA51268f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e
-
Filesize
16KB
MD5d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA107ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA2562d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb
-
Filesize
8KB
MD5b3640a8a5c7c78e223a533439e558ff2
SHA1ab68b07fc9cfcafeea7e39ddc0cc22646de02652
SHA25654df962ecc425e96919dc57995d721c1ffc77719b8f0ea4822fcb2057b47c4bb
SHA512588130d7ee4381f012317d22f24dd5b39e74be1c68a985b85c21c9dc1cf6ed35bcc09ff3210a7738e63604c6af0be27ab671bfd78d7e8f41aaf01ffe811e6f4a
-
Filesize
8KB
MD5a6baa1e590e7231915e071e77520aad4
SHA107455a28c6f5268dd016bda4a5970b6e72c7d4f2
SHA256b2dd113520240220b7dc9edddfd9a1eeadacb06fec92d909fef17a8c043e4d34
SHA5129aab3f95329d63a259e59a817d7c13c5906a330f3a8e653c0a9cd393cbff6e8000d63592cffcafcd0ad4b0ee653547e73eba715a36f1d961515d034c1c830869
-
Filesize
512B
MD5672fc490e0360a6e83b58a2ce31cdf7e
SHA1987625364ca2a998d18f94b76665ce9fc602db22
SHA25652021ee60a8b9be9af39fa3edc3478da1b70598f446825325a00bb2d83439837
SHA512742d51954a3814fcc8940bf249bdf6689276a89cb43e3982785f711e95a9329ad67f0cb58c822a9a62b1e4690b67a3e2534ccf8d6626c8f3b80c882173e53565
-
Filesize
8KB
MD59ac98cce43f0079e21a56831f1bbc391
SHA164cc5508f74cbef597f0fae65c788ef666bac270
SHA256f8523c96895f31faed4c792511f78c64f3e02157e777668e22beccca3ee34e28
SHA51238a58710bea23e01ae1bdb33975758e46fe16ef25ce58fef31ccfe27328e93c2a482b3130185f73713e1cefc184ba3970d66fc918fecaa03e006ee0e1764a442
-
Filesize
4KB
MD5bcf544f79d018f0e925830fb08fa320e
SHA16834c84b0e66e076c8fc85f5fa2df0accc9fb0e8
SHA2569e674d7e2f9dae66bdfc7ac0548ae9c69ea92642ad3935263c8261bde6a48edd
SHA512ef4bc181f02d342455ca27811d984395f7e726569d7cd25ff5ebe4d8c7757098a27640712cc81caaeda2d932acc7b3a8489a7837840bb06e0a1e6d7cbe6eba4d
-
Filesize
8KB
MD5c19a45865d041af075baa6aebbfa6a39
SHA1011eb3df7b79952f1d54249f81b9a7739d381c94
SHA256eb99cf23be9482f0095491b1057370858fb1f012318657e81515bfaaefd7292e
SHA512d6c0c4912086ccb0347c0f071ec743bcefd3a54e4cb2cd71c6f349a1b285569eb29ef41fb3da0c46dc3c3cc9c048fcbe01d104847555098b0b436171e808d795
-
Filesize
381B
MD56f1d334c9695835852e19ed4163e6b97
SHA11989cb808fd3e203eb77f8e00a8d4f3794dfda91
SHA256a5b0cb36bbe9d80a6b8abca5d2364745e93e6564b3701db24144aa2d4a1d05da
SHA5123da4f14bef9e21f213fdbdfa6492cacbd115d129e258bcf5ebd1d64bf9bf97bb8e446d3378df82e94cf2a839b84e8641e57154b3c0b02b83467cc9fb6a926ad5
-
Filesize
31B
MD5c8228aa1d400c839f1d60a60077be03b
SHA1b19ccf8fca76d532a57f1218599719a78bb7ff97
SHA2560c71064b8b93ab709f94413fb4fdfc06c38dd71286fa31b9b90224dbf7eb1028
SHA5127587003996644521a40f73cfb8160d5cd8bef3cc70eaa60de855e3c7e5db3ee8b19f35cf05d4e6a9f8925e86426339d78f6f6b3daad646b8bb9cd3699ea503ed
-
Filesize
90B
MD5cfe0c69d6bdac751d4198bfefa60e907
SHA1a67176f10d0594ba09959c74c988f90199fd72da
SHA256175e1a70419463523e3f525726a23c4f9a8be94c3adf89402ad070acb7f01237
SHA5120071e4941541d16106ed094918226de92d0f8fe3cc44060554838445e0ee10a589a5ebf17c8b88c7571212b13edd447af5190e8fae4d2a45375a5600bde50e9c
-
Filesize
570B
MD58216715ace81a1e6e4b67f03b5c34264
SHA193394aa6d5e3922265a156d2661b3981ee5455f2
SHA2569f5968da5936bce1e719dc0df0d668a5e22929ae375124b05090196a6058b522
SHA51261a32a67ce27516f61ae672dc3299970a35ff59cee752b6eb4fdf73b605a2b9a8dfc4bed7f7e979e2ab37dbae842e734004b5553ba58445423a1999883eaa670
-
Filesize
6B
MD5960b44c579bc2f6818d2daaf9e4c16f0
SHA145e118d0563ea8581f830f46e85b60ae714faae4
SHA256a7248eeb45eb1ce247f81693283e22e8b39e8a50890cecd22d02e75025547d90
SHA5129b2ab664b8599c84637bfc6d49a7b7b040fb25dc1c522942609d1945ff51a89e9cf15d400ce082f1450ea028cc30843f3d38ae75c1eeb544ef978533e6ec55b4