fe4e6dfd3608d3ca567558d2bc77685c3b8b3650b783dfb248e29ba3d0dcbac9

Analysis

max time kernel
19s
max time network
128s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
11-08-2024 01:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fe4e6dfd3608d3ca567558d2bc77685c3b8b3650b783dfb248e29ba3d0dcbac9.apk
Size

2.8MB
MD5

7b39bf11b45453c54a771125af3787d3
SHA1

cb8ce2a7dab63d1de60f1216036644dba715b5eb
SHA256

fe4e6dfd3608d3ca567558d2bc77685c3b8b3650b783dfb248e29ba3d0dcbac9
SHA512

1f63f7a839d1ba506fc23ece9133afa02eb25a56fb0ae7af3dd9c0c628e320021f439469b514923d32e1fd7d66a8979eb304c3829fae4a069c0d761f75f65942
SSDEEP

49152:KTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMvOefo:KHy0mqTy2UU8ViQv+Mt54CjRFTeMvlfo

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

X.God.X

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone X.God.X
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

X.God.X

description ioc process

Framework service call android.app.IActivityManager.registerReceiver X.God.X
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4244

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eeb2c088b8e767a4c2f56606cda0b5f5

SHA1
84a76c7f0cdd66c6aad88bb190d0e329b9753190

SHA256
4ed236d965b3606153320d23ee5b8a4f342439ccede9ade05cbb60f565e57964

SHA512
5b83a212aaab92f2ef2bf59dc7971f5374eb29ea5286ee8697f6b591b9b5a1081d9b3dae64e7b8c80069d6b3f75b7d6465e15d4f5518ed33bafcbeefcba3fdcf

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b8fafb23ed115003d03b12f3017759e6

SHA1
96cda0186e33e7431810790993fec5f9c5a7f179

SHA256
bc2872f1226f47799e45f8adfcc91254f0513bc505e78f16829e006c19127779

SHA512
ae9d46aa4b9835a1c1375aad5be6801b6259d9a30c3d9628e5f41f72259e64d0274e7a6ed8c6d6796fb0956f10e48a925304a92c15beca4dec268a00c74c17e5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
12ec3861982efa48a29339fcc311a865

SHA1
aad1824ccec8dbd5238ebbd7e3fa36bacf3fe134

SHA256
10294385c80e92b2c5d1300811ba47ea27d107a5f37bc405c72a23ae741ee971

SHA512
e88d2b3688ad6f3849ec5866fd1e509812caf7ba25119dfb43ba909542701a9d8f49bd5aeb118597c20d9eda26c4b399ee47215948c44f3e297728468b84e8ff

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
994b2a8eead3c41b7df936eccc5827aa

SHA1
73cfdebd79c4d7205eb45a011c516da5cec62952

SHA256
a03608113756fc49404cfa544bcdf480b3bba163d9c302b03d1b2091fba2f0a6

SHA512
3798a2fd5631dd3ed8e01339aba6405ec3e0031187200b235f96b0e66d83c40297b70859ba4a53685de754b48e9b469704107f9ddb95ca311f047a5c297708c3

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
7d6aefc981688aa952a03e671f2986bc

SHA1
ec7a31396b5db8d6ba1ab1838b596b5b3d22e8bc

SHA256
0b269aad5b3dc6fed6a3330daf89ae907fe9fd88ae646f2e59c1579fba79f7c0

SHA512
dddae2cd40cc60dcd49bc5d6b8050c2e1358ddac7fe66460633f4de0e9fc6c199b79da44c850fa469bc1f61c82e12a62285c943b5c52b8cf41df71506009e569

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
2b6589326e112e4656779868df1d454c

SHA1
0c12b78d97ff770f957caef51870a905668ab8b2

SHA256
52e9b15483854fbb02f96fda9f4d04b3dc69fd7dc8f73d35dc1e56c54068adb9

SHA512
39d0dce1501b3f898ccf374db61b251768b1705269ec2520b6ffce5ee7ca999f0c7b8eb1ab807f2677da5419c5bd6dc35669ab9c633132a59397be40f22df268

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
78fbe7edcc46ddf9ea1c9ac43ec6ba96

SHA1
dbbba68cc89791ecd92be196366a5868567b24cf

SHA256
ce17a0ec205da59acc0447861a624edd284a14f7852e97452bc301f818b07d11

SHA512
1d90c33196c2efd3021a0861ee5f40e6e7491752c462838e7bcf4c61eb43a781620d945481ff7937f7b9d50c9c14086112255bc7000e1afdd27bfb74104e45c1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
00249dab73c9778c8e7c15614e0262f4

SHA1
9a3f168b15227b55765a4db498cf86be5a1f23cd

SHA256
f9c9f7b0666c231d6d0a590851e0589efe642fb2038895afc8ab6188f447b9cc

SHA512
bc2c7539c45ffe5be8fe43dbd7d62befc881d31910870e062e2868e54de7f5cfe0c9c0c23ed5bf4091843cba5702f5ca748236da368ebeba16d2295eed763c43

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c6cdd21da260580974c5764316efa8d2

SHA1
e90869da537ed00627194d5ee19f9aafab97a073

SHA256
0eed2f5a4069d123d638a7b2b4ba06c9db48f34d430de05ba686871ec6a679f0

SHA512
f2131e0f740ac9d285aff9710bfdf33c731dac8dec1603bb69d54fea2514be9a390f51c0717a98c6bd75f49b2dfdb8c3906630d1ffd5c6bd17d09c53d35aa1ce

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
74e6822a09784da99caa6d8d51720be5

SHA1
7e2b7e5e05841f450bf7511cef5faebfc52d2f6d

SHA256
3e3e0fd28f32dc02e697de569e0a1db7eafce689f4f685a3c39318e6917a6ab3

SHA512
bf85ff1ff1fcdad3d435ebfc781f928f20d1ceb38cc4e3f46491d35c0063c84dc49eb04be67fb0f2834d81db157097ba251644d1575d139dd26d62dfa507b2c5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
16b2e02b24bf9cc9b6c4fd0e80ff47bd

SHA1
8f7162342116c42a3aae8b9394b10392cc5a0745

SHA256
2d00ce584a909f62ac066510084d884642a21463eb7fcecbf228813291b02fe7

SHA512
4a1d5992dcf950db0c97927f652f24f57d74faf7ba291f3f064ac515e9e3e8387d2125a85b9796060892193d13fad2a71faae01b283179d017e2ce6d62fffc38

Download Submit
/data/data/X.God.X/files/PersistedInstallation1729690992872183211tmp

Filesize
567B

MD5
f7781102c97e90858f14f9b9ae15074a

SHA1
f0d80495f5550cafdc1bd0765b19cad3bbd012af

SHA256
d0d0b86fc95685ae38e71c2fe2681c21e86ac9f651a502771f2accfe4ffa8421

SHA512
6e43693230c794860558d768632846240f890fcdb97ebc72b2fc58659b7eaab5e4c1cc12c83eba6540a106584ca3aecc23c38c2ca3de2b616be09bf756174900

Download Submit
/data/data/X.God.X/files/PersistedInstallation2692464249924778170tmp

Filesize
90B

MD5
ba34fb22edd8d79a60977d7867a788d2

SHA1
dbf0b73788645253421b01ba983e50acd708611c

SHA256
6fa2b06a9d4506d5744017bf0944072563b05654bc228567043015aeaa660673

SHA512
8f5304156fce4747173d1e7e1747417b5c02a461b39cfddc9114c3daf240f0ac518c414fb407cb1ea03cf67121c54a5db69d2d92ab538ef8d183980eb9f30ddb

Download Submit