fe4e6dfd3608d3ca567558d2bc77685c3b8b3650b783dfb248e29ba3d0dcbac9

Analysis

max time kernel
20s
max time network
134s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
10-08-2024 18:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.8MB
MD5

7b39bf11b45453c54a771125af3787d3
SHA1

cb8ce2a7dab63d1de60f1216036644dba715b5eb
SHA256

fe4e6dfd3608d3ca567558d2bc77685c3b8b3650b783dfb248e29ba3d0dcbac9
SHA512

1f63f7a839d1ba506fc23ece9133afa02eb25a56fb0ae7af3dd9c0c628e320021f439469b514923d32e1fd7d66a8979eb304c3829fae4a069c0d761f75f65942
SSDEEP

49152:KTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMvOefo:KHy0mqTy2UU8ViQv+Mt54CjRFTeMvlfo

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4459

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
26987de873dc73a85c5c90b043de4d53

SHA1
cc114372d9be36d28b02abbfd53ab80d560b3e34

SHA256
4b5c354298338fdbe461e0badacdc19a0b3325baa999d769f6502b8b777dcc52

SHA512
57189a2836884bd52db2874ef5bf3a5e17372066857860c524fd2aa37ce9363aad0a6bc8e4297a697a5a4d3e1ef5eecf93a056b3fe8660af027a411b53cfa8bd

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3f6340014abb4bb7a7eb2c08438c29be

SHA1
bc1facca3b85b44267825a0e4be98f68878e1178

SHA256
8ada6b8cfc42ebfec6f0b6f93db18a2812c9c7423c24a56ebe4ff1d9e4a4db22

SHA512
4ee59030603fe8f69a3c3b79a17a3c297f4b0faae5fc208dc97cffb21622fe7005868b1c526bf34b7819d986e69746d7f4a2680bce5a4bc007e4b4422886d73e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3b0b5b76ac045b9a4e5e5c509a400e6d

SHA1
d546a9bdada63b8a9dba00f26bddd93c2b0a0290

SHA256
61948fc13aec73f80e8282730408978c46e24d398bbce7ab99c5a1045206401b

SHA512
537f2790c7337058c823ef7ea0f9ca24f524752d7893da18c481cb6a942da5ff7687fb3ae0a8d02e44c808a0c963db57d7a8e535bfc61787f2381eece1ad4bf4

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b61025f427fd4e6f4e59385d39746fa5

SHA1
a31a600e356ec2a84eb84b76584d96a1f8733004

SHA256
2e96d10fdc4fdadf79619a29c97d91bd951363a98f5ad693c43551346dc188b4

SHA512
ea6372843667d46d1c24572ead260754f3db7892cfabea9dc374234cde015db8fd10dd2b2197efa5f69f07a54f971e5bfb7e0401d69fef1b6ae9d87a2b1c5af1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
14970b006f673984689c70ceab3a9a94

SHA1
27081331f130584f2df2dfd555083cf722bf4540

SHA256
5c78b440c6c9750ae4878246cc1f5728e3d30bd02f0e7ab429f0e80a550edfce

SHA512
64dcff12431d74e8134dfb1eeae84a57752d1a56492abfe101a24058413e5fa5e69036f37dc11c283933a3bde3803c4a8eefc9ef9c4271fc79335151e21f0de5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
241492332f43415531d3695f11b4fc4b

SHA1
6a193f7155faab71c8b5860f4adfe47dc9f254e5

SHA256
e807d7b0404ba10052c6a29eaf3fbdc6188e10c540b817b93f5fa827c52390b9

SHA512
dbdea300d0ccbd061c841633d7af3bdcb38db97c40b0f3553e74f8829287d8b4a5d58bc7d5fa7ae0af2a8873636651c334c75c3eec30ea808897d364177a2b68

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
18e266dce1d090a94eb41a30e0f5dbb8

SHA1
705662ad8752f4be3ee6d31863a6cd0a20343920

SHA256
02194fac85554882a7e290cd70eeeafd4a12a83a6ee4d71bba6f6c054fcea985

SHA512
9a227bead49d4ba4b639e9d92937fac40c35a9be9254d07f8c52f2de0d53b1c976ad8527eb2e660a019499447f622fe666689d99b540001751586c23503045a6

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
110d1aefbfb0c3d90f3df60e430182d4

SHA1
c1a5219f05791843346694fe43fd67241dd6e69d

SHA256
75eec5b69c59b7cc01191a964301b83d3d13babc794ff7aee47522144b0be4c0

SHA512
e845adc765c0ea3aaf149f9d30fedffca2f1018b2ba71e85a9a998944f54e47d55449835c416f27470ad5148f427fb92e8a0ae96d0690a703082e23aff6657d7

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
79863505454a91bc6b9a3aeec902e9ab

SHA1
27750fb9852a9571fcca75b9991d41e67af8a7ef

SHA256
5b5c22cebe6585edb71a03306caf8f8e32da9321a3be68862c9614c86d7dab63

SHA512
b5f8e46a13e0d0287e6a3dcff88599946d9e7b218653af3f04c7bc53c4db149713ea2a04e4b7e23fd8a6f2a5bb3ef14c8e050c2954d76ee420740a00f016adae

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ff465a2ad63121cb5ed16ba7824bc9c8

SHA1
062446232989cd8cd8cb066a5885561d1217bd3f

SHA256
2a296b406de7b82a4aa8d30e2cabb39e1ad50cd9053e9d7e52295b8f7d08449b

SHA512
1eb3a5130b1d0bb11e68c25d5eb67b56630e0cf245e48b443b96932dd78b16340ee4a0aa9bd02116c6e3b4d94d3f6bb1b1d4b75d88e8184fd0608d9def43d458

Download Submit
/data/data/X.God.X/files/PersistedInstallation3881160751231141279tmp

Filesize
90B

MD5
4261175b92fecd7f14543b311b9056d8

SHA1
d96450a52d389f63fe52d3d9d5944e836ec82b08

SHA256
6458312dfaf47baf12baab237b525de3cfcf91d7a098e57be93f17029dd1b422

SHA512
08f5104aa9daf50e72cfe0b46ec704515b0dc667d7ca9adbf434da38e28a3310c89de4722a81a192ef3803cd592a256ef5fe0a84b6b7e2a191176d0b39d100b0

Download Submit
/data/data/X.God.X/files/PersistedInstallation5413633126608323172tmp

Filesize
567B

MD5
5297092867349001fa92161819caf66d

SHA1
564a34bba54f68c0666db7931222a5fe573178cb

SHA256
76813577237c6a0ff906647b21872cceaf2e2850cc724ef69dd166f0371aa4aa

SHA512
f752179eec151e429312ce80824c53f2406dac737cfebedfdc6710be3da6bc00c031c20e48a01e42366af31ae02ebdab6c0610ef5f7d4e6c18ac8e46722afc57

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads