Analysis
-
max time kernel
90s -
max time network
186s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
10-08-2024 19:56
Behavioral task
behavioral1
Sample
base.apk
Resource
android-33-x64-arm64-20240624-en
Behavioral task
behavioral2
Sample
base.apk
Resource
android-x86-arm-20240624-en
General
-
Target
base.apk
-
Size
2.8MB
-
MD5
7b39bf11b45453c54a771125af3787d3
-
SHA1
cb8ce2a7dab63d1de60f1216036644dba715b5eb
-
SHA256
fe4e6dfd3608d3ca567558d2bc77685c3b8b3650b783dfb248e29ba3d0dcbac9
-
SHA512
1f63f7a839d1ba506fc23ece9133afa02eb25a56fb0ae7af3dd9c0c628e320021f439469b514923d32e1fd7d66a8979eb304c3829fae4a069c0d761f75f65942
-
SSDEEP
49152:KTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMvOefo:KHy0mqTy2UU8ViQv+Mt54CjRFTeMvlfo
Malware Config
Signatures
-
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock X.God.X -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone X.God.X -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver X.God.X -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo X.God.X
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
16KB
MD596dcc50af3cab68445539eb8e3f21334
SHA12c7e8068a686271084a9e032f3e45431f53a42a9
SHA256c61838faa8074b031812c54f83318d4d1d5cd7ce5faee901e6bc49021f6a3ca5
SHA5129161c60b947f06357744a24b0e863194a0bef9b5d8b6a629f94f22febdc5f1ff54edf104da7197ae924bfa2e90c608ea9fe73fdf375cced255cb8e52c139bfd9
-
Filesize
16KB
MD5f9b72ddec450d763cb1b9970c5c96a8e
SHA11d34bac746a98b682c29a6f30f892e446a2018c4
SHA256217774e3c3e5bea31c578694e386cb0c6b1a3998311e43b4e55f9216daec1d3c
SHA51237a1a6aff563e42090ddd2bbde29617edaf52838c9c79a2593979f5b7807276586864d7e7a052a701d37ffd0eeb76c119be5bea5808161346bb3dcd2efa142e0
-
Filesize
16KB
MD509d43f00f9ec75d5bbf69b10e562da9f
SHA1e697ad196ceb32e4e7f357667b2341b49c1a4008
SHA2564b00efce9ecd123a24f7744c2d233400ac7616508af7feb6bf082236b0aded1c
SHA51225551b42547f2e091bfa58870ca23aec3a8c902f2736a16eddd658729ef9c082d6d8cfc6027b013b217c08bb45d571f2a333afd9cc593c88ce4342b26e5d4b94
-
Filesize
16KB
MD54a40da354433e77dfdbe718d80a5b13f
SHA106139541f769af6943adb32b1ed507b496928c42
SHA2562963e77ee71fd8cf5c5618ea4e677bfa58f5607a959601afa8577573df404e40
SHA5129b4a9651384de7bc3e432dfae2baf63a69804a482765cc16a86de69e822fa0ca06941de8c26f23f3b18228288a9f2c9c97ccccac02a69a6f739a24f1375abcf2
-
Filesize
16KB
MD53e881d9a01ca707bed38018ac69f4518
SHA15820f9351d7cc8082de6e5686eb9f8fedf6fb830
SHA2564a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c
SHA5128f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
512B
MD5a1acb96a357f9a0702645aedca7bb1bd
SHA1784706102217ec62130f98e3a1ac25fdcdb97643
SHA256e792a3e8d526795f940c69565e00b0ad8e99bfddb1a0dc4f12ac6fc82f7b0e39
SHA5125b5a76a828fc877a8aab4196228d813583a7f7b15d7dc27063a00d412cb71438d3903b1e5580b45978ada099e160cefd34edb371df567acfb40d3f3fa72a99ec
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
4KB
MD5fe28fa200f5a8d5927d23d06181291fb
SHA191ecfbe590d08d424042a7476064a806b262eb8a
SHA256f25ef18fda9214a7f8dc6558ab02673edd460395c5a6aa96e069ef32f6a70b8c
SHA5127c9d452f833df16518958ca4bdc26b5a332b65bfc826a8fa3fec0195bee63afb845002900fb5c35dc03bdc3c8fdd0f93d0a71d276ad995a9a7af72c0ab7afa5a
-
Filesize
4KB
MD51e7b0f34f023c8f506b80bb4c7e89a04
SHA1860f6100baac55707bf0d3b94cbc6d4458268f9b
SHA25600d255ef656e6e916f44b141744d2844c26b685060b8e64c9f202b37a7dd5e43
SHA512a931ed1f07af81b52ea34ef3b49da25e6e13e79d00b5fe38d0dcd09b3df32b5604ee379b933860b65d82d87177f2cee7096ca9b9b2eda5cca17a4d0b359311a3
-
Filesize
4KB
MD59830e7d1dfaa930aaa406213f4a9dd2d
SHA15a79d3bbcd3916bef3738566773a984d63225955
SHA25609a5554dc918cc9c746cfa990db081ecefd0e1c959857cfbbea63a752b655ef6
SHA51299279fa7bcf2c97739e12fa7f3c8df0df8c32b4c334aecfc153f9ce8477129e93c0372865539a3430dcfb42a5d984ff6090af89dfd4b29821e9abc7fefbf5fcb
-
Filesize
4KB
MD51212cb91822f8ab21958347221db8784
SHA15861b264dea8c6f6c3a0c065651693d613cfea67
SHA2562df30bd9c4c6c03caebff20d90628c598e7cfd08ebdc739b1ff97cfbffc704bf
SHA512587d5def0730f79cc59643ce051299a513ce90359fb7338d7a0672c36c19faed14f66100978ae9f51146b19d80a563da3c8163b9f7a9e28500695b533296763b
-
Filesize
36KB
MD56a6bc42511fecebe0b5cc3cd957466e9
SHA17569f7fef64726d1ed4593327f43e82d6c8540e7
SHA256062cd582ef77d95c42a951f038beba1df9cbd56ba56619c9248fe804ed13fcd3
SHA512a2446e4955acc41d785a7498bbdc7c5f3a9cbef4966212984ad0ea1b9d9e7893961a90b643210bc89a84628c6e65f5bc76d740ba7c94e0ac75a9a8e6cf6bf370
-
Filesize
4KB
MD5039027e6dcd67a040e057aec0fc6cdf6
SHA169af5a7f9ddb6053a5c269990b647534659f91f1
SHA2567b21d5e6d67600e602a8ceed6c571362d50e1dc5b9da33ed4b39e5954bb17fbf
SHA512fadd954fdfdf59ab1459b9c70c03c5cd9750868e91dd892d1fb883c9dd0fac5cf0b1a2b42f8d9e9c6459d731ca38ea0721b6e5d7d4a64794b8245d27d467baf2
-
Filesize
90B
MD599d2f8b7e48237fa3f783c5d1d561e26
SHA1a20e47d7c74633ef33aeecbe8e854101a46fc034
SHA2563b89c6281116309e7a07e1676be7e0713e8fd8875152e32bd14115cbf3e3ad2c
SHA51256bb48724cfa1cfde256cb3f88d368ce7cb754ed4d484a75ea729114c8c1902bb997b929b4ae09706e9f4f50fcfe7a52926ab01c942237a4a555d5d51fd59172