fe4e6dfd3608d3ca567558d2bc77685c3b8b3650b783dfb248e29ba3d0dcbac9

Analysis

max time kernel
20s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
11-08-2024 01:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fe4e6dfd3608d3ca567558d2bc77685c3b8b3650b783dfb248e29ba3d0dcbac9.apk
Size

2.8MB
MD5

7b39bf11b45453c54a771125af3787d3
SHA1

cb8ce2a7dab63d1de60f1216036644dba715b5eb
SHA256

fe4e6dfd3608d3ca567558d2bc77685c3b8b3650b783dfb248e29ba3d0dcbac9
SHA512

1f63f7a839d1ba506fc23ece9133afa02eb25a56fb0ae7af3dd9c0c628e320021f439469b514923d32e1fd7d66a8979eb304c3829fae4a069c0d761f75f65942
SSDEEP

49152:KTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMvOefo:KHy0mqTy2UU8ViQv+Mt54CjRFTeMvlfo

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

X.God.X

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener X.God.X
Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4467

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
afad9791dcb950783b7e3bf4aa73c0ba

SHA1
137b544a4409b76ae94ae9e5ac1645a26e103c4d

SHA256
592beadd2b1782184f163377f030f3bc363436e2bf14bc65a33618cb1e9c4deb

SHA512
73324f9c07036b30e5415e800f4e5f774cf5f8f64b94d2c7739d06191293f97e49ed8d915904ae96a3d1324d9b813c2148c93f4d628f59a08e7af66405ce3628

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4822ff45010454ada4d0b8657a03ca0b

SHA1
301ebcf3aa587525ce5655c974678187c884e65a

SHA256
665b42f643b986e542c334368b0528aab2080df8a3a4ae5bf83d386ec30e6ed9

SHA512
5af1024a9a569235373e1cb055eb7bdfaed72e8cdec14b7df040a2353ec525b74de9cdaf2ccda5a237972f04161edce534ae7f66972fcf45068cb05977c687e5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
22b7828350589636760c7765dfeafa4b

SHA1
e9090f544fc34539690881daddd8768f6ae74abf

SHA256
d5d37344e87e1df8dd5a561237876f2da0cb3ce492cbcf18e73abd347a3a880e

SHA512
53b089ac64f425bb7c6522b11820037b895b59c7c968fd115d94317565a16274fc5456005d58db1ce94ecd96b26c9519e9aa8ce0d9c64b4093c0ec46865e6c3c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c56770403584f3c4cad49862ce83852f

SHA1
7bb8d7cb1cd3bd6a4244be6723fb59115c530bb9

SHA256
27e85e017ca034e030663f871066c7b6f88e0d38ce3770f19e94fd08e6a10ba7

SHA512
b78410c298d2d80fab8e3fa4a37e19102693d6e5427168b81cb2c852b06e8a655c04ee476484971efeb23cc99ff21bf13f184915949b2b92e5182ae5e634357a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6dc33cdd826167ba46be3c88e12a912b

SHA1
ba1a6cd8ed8ec8f4c1c070d3e68158ef4c77ffeb

SHA256
ab977db66e5863fd3c832da53d4c171f63b56d5efbe6282e487b8858895bcf18

SHA512
5c3ca4d734a52116f8dbcab8d2225cd677e991c56494ef11ff93b785f94180e877ad8fc2b1da79cec55eaba3791d6ef0f45b55470448b616a4aeb6519d7cd221

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
cd97bbcca60f176b5e25364453f532ef

SHA1
d3e03eeefd9bf4d89760800fa4fb5ad53583e144

SHA256
6dfafea2e1a0892a1f8971139e98317bb197a2a52153c24b54209df88dc7de7b

SHA512
704ff536c91d8a1b8dade1799324981b6e496edded7698ccdb98e2e9bc848071af5399ef6c08f8bfb7ac40b2e461b1f3be4e06ebeeaadf379b3b608346c283d5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
14ec696e34573786f853997be511c441

SHA1
e80b30b204f692c5cb55b24d0b04148edea4db5c

SHA256
03e5b4d8e672269f6f7b25eb666454ae75b04e1d6cab895381aacd553c2dc6c5

SHA512
b58720dd68443132008acfe3f2d917dda5afe6ab920859e43e296e7fb2ee670435ecc703998e6f178b503b9d2e4bf0de9fa489422b34b7e78ef97fb33de50d8d

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
dc45b8d03f55fb812851388aa0203b24

SHA1
3b263b3d2b894b79c2c22ad86fd1bd11a8933895

SHA256
cc1b37e4c2aec3761440a1f9a55bbffc7d07a3bf9fc4409362cdf92617cb1151

SHA512
306bde5218b4f23b6b3c9ad0c747f98b86ffbd733f42e7917c4935025672267b6ecc51a10c158a08460e8b9c5fb8f5aa84a9f3ce77e447619a9dd5eed3c1f211

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
aeef71ee7dc2ef78247558775e53ceec

SHA1
a1070203c63011eeda224ce233a419f3b1473af0

SHA256
2397b59dff95f506e2f22adf775a246699990fbe2930ed89ee5f819657efb3d6

SHA512
663d218524385ee78e9b2baf2746b7714bb412f3433f1edb5adb8965cf6674b2efdee1f95f65b95593c883bdbb5f018beaea08513c301d9376cf49649e055f8a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b27b33f00a4999378bf8651ea7935883

SHA1
37ea772a9deb5b616007e1300a7a744687dda634

SHA256
b6c4de4cd6c3cc2859ffd66d70482a76e4e52d40b8f74eb466181dfad50eb11a

SHA512
1f1f1d729f05b41e15352ecfd0c4cde3085b5648510f3da8326d6527e94c8d427097ad5685cc5a31e5319e36dbd8a22163ece3dd4e47a78f2c590f72b45135a1

Download Submit
/data/data/X.God.X/files/PersistedInstallation1697668915394268898tmp

Filesize
90B

MD5
a3f5fcdabd758d47f7e9fe27eb6dac26

SHA1
13395c9aecf8cbd70873ae99e6932c9f688cce2c

SHA256
b2007d99f3a7b6f8d47a54105d94546bb689f9775584aeaf195bb8783220992c

SHA512
1de0806fbbb74eae7340dbf845ea3172cf5d5ecfbc0725918e2fdd39c57d771eba79016fb7f4ed71442cfebab787e625f7708edbb96f78c5db619fbe2d0a4252

Download Submit
/data/data/X.God.X/files/PersistedInstallation2942132009350240083tmp

Filesize
570B

MD5
363afa0b9c2f7209d0e5e415546d34a3

SHA1
b50c9ab71ad2b82df6c3fc2eec29cf4322f1fe1d

SHA256
d0ff75e635189c15c8adb696734f79e69e7937fdeee82879e82471c44e3bea91

SHA512
74a9a2d0f106cb747095ee5341c649a3dec2dbe4f62667e3a1f2f27eb110202ceff99b53676c9ad19b31a5816714376a8d1dc577a36858cb2dd0a8464750b1ba

Download Submit