fe4e6dfd3608d3ca567558d2bc77685c3b8b3650b783dfb248e29ba3d0dcbac9

Resubmissions

10-08-2024 19:56

240810-yn7ppszbmh 10

10-08-2024 17:49

240810-wedn6azgnp 10

Analysis

max time kernel
9s
max time network
188s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
10-08-2024 19:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.8MB
MD5

7b39bf11b45453c54a771125af3787d3
SHA1

cb8ce2a7dab63d1de60f1216036644dba715b5eb
SHA256

fe4e6dfd3608d3ca567558d2bc77685c3b8b3650b783dfb248e29ba3d0dcbac9
SHA512

1f63f7a839d1ba506fc23ece9133afa02eb25a56fb0ae7af3dd9c0c628e320021f439469b514923d32e1fd7d66a8979eb304c3829fae4a069c0d761f75f65942
SSDEEP

49152:KTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMvOefo:KHy0mqTy2UU8ViQv+Mt54CjRFTeMvlfo

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4312

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
39768e52a9c0d73477cf787724dead17

SHA1
fb84666c1ae96bbd0677267905a0ba35cd45fe1c

SHA256
84168b4c066117fd20ed66e0e8bd80d19162118315ba6d0fedf783111c4f63a5

SHA512
a09ac53c25cd7bb9693d6e9aca9fb4099659221ad5eb4c616acbb2a6e043532662ab2690971dd9e26b5e8f2e39091fb16ea3457b117fd5f8bfdac3329ba78e72

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0387d9753dfd79cd8ccd3ec98c408045

SHA1
3b5f88ac75346f2532f75dc0bce3f798008ffa18

SHA256
10dcb56b0a779a79284503cc0ff9eda8e3f35d3217c497c84f53c0b3ff2c8d62

SHA512
cbddbe176a196d83ea39d5a25a73fabe506f8e872dd5a357b7f0c8b8da4c8a41bc8515505fe812e45a3ecb1e1244b43c0025e718f8b49a387bd528bcde61c825

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c577995b0de095fc5235b58cbf071d39

SHA1
b92d45b2720f244f54eaf37a1935873956370eae

SHA256
9c469de9fcc0c2d6c865548a38217b9310abcf7f10307d0d2a4070e95da45d9b

SHA512
b7d051b8b756039d389f78e9e6b42aaac467ba43d81aabd345a1e6252bae2fc6ce347ff8ba5875b1b8237e7d5f6510ebe0c4b567555a47db73f13896983fb6e2

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
130fe8d782cd2741df3ab9b0b84c72fe

SHA1
11df4e8fca64288407e1a2b674f795658b5af465

SHA256
7bdeda8d69ce3915239bf83598b14098ecc1b924130ae7c6c970a8611f4552c4

SHA512
24910abce687a25f655d3caedacdde939632b811c44bdbee419fe12dfb1a7af79be754801874ec2b6b0baa265b0f8dac1b7bb5bde5918b65e6dd3a15797ce4fe

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
cd24794ae76d88e05638a9d55c295545

SHA1
58cbba29ab4d9883e7d67f32cb2c9f532cec8504

SHA256
21ff8c6046f098773cbfe4dd509bcbcfdb72381d37eb096f5bef1d956a5a02ae

SHA512
d76cd71543b2fff655877d257271665108fbed3782316b4381a98104e0b88bf39dc34d098403a2138972829502da478feea0ee2d5427cf447bc1fed63708714f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62ad4a05cbdca7f47b3206b7dbda487f

SHA1
4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

SHA256
18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

SHA512
0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0fe9e8bf149aa85fc49f682bdb7cd028

SHA1
7197a403321da315e5846f9d1ba887f98db39974

SHA256
5398a0e93eae607a26d45a987bda7129123791c423f6c6c6bc481f83a4b2a23f

SHA512
f4205579c79585799aa4a96e9a259f5459548aa5fc8286987e337b7bafdb0e0ced15e245375bf6399abf7caabcb139639885f4ba1d4a47dfa21dac4965f44c16

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ca98a7d9fea614ef0749860133f7d644

SHA1
3bdf401164d71ca3f9d0c8f2bd98ea3924506529

SHA256
338b6ca93480721a665e303a893744f737d8cb43bda78069c9e8d1f747a188fd

SHA512
e9456728f2cf26b45ea6932427166ef0731ab775a7feea8c8d8d8c21b9bb5a379a4e341c6eb7418cb81ef8cb438dcc57672311da4f2def46755d1bbc68b9c3e4

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
2f6a8a96a9e83567377197d978594523

SHA1
d6f7f7e7840d52dfc2b969f2e40fc43dad211e2d

SHA256
fec5eb5f15f56548b44bedd92ed434d65217d07146e8b9982eb9896d2e393aa5

SHA512
be97070ae74511fe767b4c466d3acd71f9d00a6c62967c780869602947a75589e3b2d73de3ec1734146bd4db868aaaf92f2422d4e6cb50dc5fcd8647eca836fb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
f4edfe196d39d0c9385f037e3b1d94c9

SHA1
87cda6c7dd34d8040eb24bfc9b964a9ddb507ff3

SHA256
6053e7f90600f6eee7c8de8924905548ab6e74e5b3d56171924e7c7f296196b0

SHA512
936c3f79a52cd38eb174b8ba0efc753146d36933861ed48dd9f8d03b5e2a823f63fcecd66c503f6a0081cc8c4adaeaaef7f9c5304eb53a8393c86135986ef9cd

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
db2f2a8569b4b39faeb5a86607245c5d

SHA1
c23ee142b227ba04fbd61af3a193963fd5157fcf

SHA256
a473284d4eec76a2e1d215c0ae72e89afb3c06b94d30ceb3a5cddeb3c785bd31

SHA512
cde817dcfb07ed9f56b04b105c5d6f7d91505dadeb7aab5476b0906811c9555758af039f1c00b01023c7af9efc7f067ef6c02ce8f5d437611da634a41827b9f9

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
50a631b1aee7ce22161750cbbe8dada7

SHA1
68ce596ee072a89a0d5f7b0e8f0c40f75b9bfe19

SHA256
c0668a179fc1721703576afe5d2eb82eea020018e11382e71c04ef1bc152a3b4

SHA512
d7683f594b4745b6976f660cfff38bd6e2768dda8be60a8ac1cd3c08054413e6b8827be8b7d670de879511d0efcd3e75dffa9700ef762184e2fc53cfda88ea21

Download Submit
/data/data/X.God.X/files/PersistedInstallation110558722620445660tmp

Filesize
90B

MD5
dc4a8bb4b54599db88f9bfefc0707e81

SHA1
5077eeaeab417515279ddca8e0d87097aea288ec

SHA256
d9d4ca6243c3968d8cb098a53ac0abf56f9b41e63336fce2e47bfcddf916938d

SHA512
56ce956ad21db137b600636178d58f84f483b6447e62d88d558ab9341a5163650c270c8ee738334fba53ecd3fd738967d373ee544dbb95deeeef5d159b45b8e7

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads