fe4e6dfd3608d3ca567558d2bc77685c3b8b3650b783dfb248e29ba3d0dcbac9

Analysis

max time kernel
19s
max time network
132s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
10-08-2024 18:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.8MB
MD5

7b39bf11b45453c54a771125af3787d3
SHA1

cb8ce2a7dab63d1de60f1216036644dba715b5eb
SHA256

fe4e6dfd3608d3ca567558d2bc77685c3b8b3650b783dfb248e29ba3d0dcbac9
SHA512

1f63f7a839d1ba506fc23ece9133afa02eb25a56fb0ae7af3dd9c0c628e320021f439469b514923d32e1fd7d66a8979eb304c3829fae4a069c0d761f75f65942
SSDEEP

49152:KTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMvOefo:KHy0mqTy2UU8ViQv+Mt54CjRFTeMvlfo

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4257

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ca7db0401abef726c3cf06916e0a1973

SHA1
1c053fe7097b80f204566bc667c4d4180ef704d3

SHA256
d4b50900600cf471122ec7a234bfaf2b9324b3fce58e5ee0e54489cee36ab25b

SHA512
7067ceeeefc01ca0131d10fa0f4fc1ac55e43a77ca7ecf57f59d08046b1008342c266a874635454042d6e20c8266950a866acade91b01be18711ca028614bda7

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
152a37de3bc44516c5f19951d4733c31

SHA1
9f1a83d1215593b13894f8162e3f9f46662797d4

SHA256
2d371d00e1ee50a4963860d613b868f92b642d709307b71c561542025b4c5539

SHA512
3eb14bb0f91e7be20e097ddcbf15a2971f941855c9e113f3f93e881cdd10a02ea5e109531d74e12e8e325bda5f197254da445530c48969623110dc5d9454e016

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
27cb96012018e5b1360f61eaa7066150

SHA1
ab71df5d36468edbd743a19c28377c9940f3178f

SHA256
319f2c8f961838902df345d39db6fec4d4f7e6a4f15388aac34ba310120de697

SHA512
588bd33996eb849281c6fd0ea261e6c0fec2da097844f5af7801abdc4ffab0afb2d033d1d22efe5898337dbf4a9ba6d6493aac54189b341a8f9bd5a42d806714

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
86ff6f7bc813a32b45612935d028db8c

SHA1
53d2ff59bf9e432307921cb547ffde2718ac90b8

SHA256
da2a482c102495942b9c931b395412b88e374634a00ba232f367c0813b8fc3d5

SHA512
4513c81e19226d454edc0a5368730ea7f3c0004d085f1b33ab8bb287ef57bed68ae715d97598403a934e899e236170fce1021046ff9799b8412e072ef32cb9ca

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
c1df3224e8c57d8947d2cc5a8fc4d3ca

SHA1
fd251a96ea7b7ba5f88d8b2d45124b33609a0ced

SHA256
b582298d19aae03b149d452be54dc82aa293254288446db864ad52c2079b98e5

SHA512
e67cd08187709488a3133b1ce14c2ffb4bb324170f2e803082569992a8a603c1c6808d2d2978855131ea9f460f6fee268ea797228410f382f4ab055b209b1e4d

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
bf9d6416c43a1dda0af9d64708ff76a5

SHA1
b4c8cf55a8fe05743799510a649d372bafb0e598

SHA256
c5ba46e7efd47691b5a45869f66bbf895bdd66381ce21f9502708dcf12accb20

SHA512
3673c29aa98a7887e66c58e82e92884180b9c9139335d4d5ca38f8fea6127b9a70b3ccc850fda29c589b10dec2734741560399be97b3a0f66b29710d67e4a32a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
9c2307e91a62a651e4a311cdf7d2fe0e

SHA1
ce2746b51b84a2f3a2085f011fa5fc5b21846709

SHA256
f72f8e8e7d79cfd9a846955a9ec2c7247d4eee1d9b80636766ebcf701a6a6ed2

SHA512
b616a0cc02b1f53d4b0972bdd113f86f66aee25f476bd1e018d0636c82e1e2a83467f66f78eb78708c5e6903d644a4dc462d8e335901024e78f9f30cba30da8c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f8d76f8d73941b3d21b60b698d051275

SHA1
6951e10a1465e7233dfed55fada857ac6c91ddf3

SHA256
d15fefd1c5644be37b174bfe071a9b24742ad3711b2f320dbf15bf4e04dbb50a

SHA512
f5fe015c0d76c2d124f85a0fb07dd996e0bebfca011f44f1ec81027581d82a5c3c1a967a9491a39d385773f6ec72d6d0cde059d8b959343abb2916640161911e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
97340df2beb2e48a6b94d768dded9c43

SHA1
379e4709adee184dfeb5c1a0e6ed9d0c833f0ada

SHA256
c81e61e891d6f834338fde27eea6b391a63a587ede8eb47be540c2f9683cd63f

SHA512
5a83231899960b3d3b780dac63cd0cedb28b1ca9139c1d3f516d5ad7dbd5698619cc2b5abfb528f386de0591bfb3004b0dfb20c5d1800bcfa4d289eaa462ac03

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
8326680aec2d151200e3044205252fdf

SHA1
78407238d111d9b1d12516e3baf291da7c05d7f6

SHA256
e02e6559a3cd4e20b5de8c03800850ebf6389688e29f916d8bf0aefec4e24449

SHA512
31b3701e85c99356d361a12e0988460f1b68bd99e96da8d9fc4cbe600b9a8077a5d8fb5872a520ac71799f576826b517cbfe2e4ff9be6d44ad8d377547f3e9e9

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
11d129d420469da0e4662def13857ca7

SHA1
a30340a15f8e894324e24c44e774e6e6f0589459

SHA256
76828d6385e414c10c36f3b4c692277f3c78d50a17e9206c648e8424e0d52f81

SHA512
654a8f39495a92b43b4bbe9b0f92b2a5b9395bcb1bf19631afee8452158e061e74245021686194f921d3e9894089dfc774f79b87c2c0134aae642ab5821ab305

Download Submit
/data/data/X.God.X/files/PersistedInstallation1809550242328595902tmp

Filesize
570B

MD5
e76c3ccf0b7776367bc347d64e5a803d

SHA1
e583ef0ca99ebfaeecb35d4114231efb95ce3b25

SHA256
03998d81de7fa142f3af7f5f2604712accf1271c87989d466a25b96f08c43888

SHA512
11ce939f7c90f719ec4986a38589e9f9b6af3675d66d1a61669d9e121fdbffea2601d1d53ea2ba3d9619d718aaf50fabcedee68395a899a0f11569f6d1f7f37d

Download Submit
/data/data/X.God.X/files/PersistedInstallation452256569078054699tmp

Filesize
90B

MD5
1c771ba2a388b53c7382ca16694c2c45

SHA1
7687e36c07f607175977d8fc4c199b20721ff910

SHA256
383c3323970e74d0205f1849d91cc107c0dfb69fcf1511b569de5e9af2767809

SHA512
e5bd4b4687981e507d72f81cccc6bed6dbda2335cf16383e0a55ac1c98426f54df06ba317140ef8fc7ef3c399b2eab59bf8e8ea14d8cc49322a9de48dd3dc56f

Download Submit