93af370c16032f2b34ac2280d50651708249a5e4729d4cd8fac05d3af184a7d6

Analysis

max time kernel
19s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
21-08-2024 05:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.8MB
MD5

ba4d33a8c94eb2d7964922cfcee82d3f
SHA1

5816ae891e89185f9d13f4592f3e39b5fa0ae009
SHA256

93af370c16032f2b34ac2280d50651708249a5e4729d4cd8fac05d3af184a7d6
SHA512

c6d82fbf055e7354a83d1d9a8aff9767e10a13c5ee43046da3a298f7581166ee286e64c8d211f8442bed8791b0c9154cc4e9dd1f6d8189d4a7e89bdd145b1724
SSDEEP

49152:TTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMvtu/:THy0mqTy2UU8ViQv+Mt54CjRFTeMvo/

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4254

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7abf5de81b6c9aa4da265e9fc6bc2d44

SHA1
227e46d3dbcacbdd38b474eefb24af439eb4d111

SHA256
9e15b260ca1f2b75622270b605f36e36a707d420f320a20854f021ef39f7189c

SHA512
bb383034bd0c1df0932f0713c5303768f77b1b4bf623a77985b53c9abb90a64fc40d40cb368c5e4f75f6778a7156ae71f9ed4fa9cfa56b8e2f8dab48607629a1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6e8e3520fc2c25b14c6e2fcb91ab6d2e

SHA1
e875127f3c61baf5c0a28146f8116e1a9beaa03c

SHA256
b9fa471db2d68117b549fc6be1632041938d1eb716cca9e2dfb886aa6e7c53fa

SHA512
b30138d8862256d68d99883e0f4ccf7b0e7dcef54b88f867a56d95feb0c66f240534cd6a118867148f4c1e0adf84792318490e2fdc87842c4bf831900cdc9729

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9b822a685a0e6220ae340e588bfd87d9

SHA1
1a2b335e55b2816de5f27a42f7f452dd5f1dc01b

SHA256
55a2cda7436dc6e58ad6eaea776040d610d525818c59254f1d772f9348bcf650

SHA512
62a2a43000f00a5ef23172d6d29fe96cacefb41cedc1bd0a67a80f5f977cf8315c7dc50f1c0cdaa832ec64377e2007600a8ede906da43fb53fe740cb7a7275da

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8b9f3995ea84c29732f1c63cbf4c1862

SHA1
ae3b54c262ddd5fe4f513ce6c5403ce1e27a6836

SHA256
8d86cfec2114a9ba293d290f6fcd0d4b5ab2b66aa3478913b17c186a422160eb

SHA512
fe0b9e5c2aedde5566f832045b5a4cd6f78af0ce0e6fb7c878ab1376f51c601f924b40ddc0b431d8756f24eeb8d9021bb92cee5ca2167853998e61cd93aefea2

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
eca02133983944302f6691dfdae86853

SHA1
bd956f34594f227551b3e2f9e8d3155bdac2e10e

SHA256
754e03e910d96d5afc08209a6c71246c58940087c6c8c3d256807df2f4d2b034

SHA512
2ecf482f269b78f6737fd91ed540052b47a100eb370fa38b7695081a824a95114a34a92da7105a2eceb3589f7faa3750491252ec00fb0bf53a7a40f270f6f7bb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
49fd91a771cb0742422d2ce72278cf6d

SHA1
45a654f5c1c657f32f5ed986367ed461e2880507

SHA256
161e53673b58a079aadcc405924867d3623c291cef495df8091fabb15b2e04cc

SHA512
23e9c648889af479611125762aa2a52a8d89640513efdcf86e453dc866225c5fdcac54d15bd51477459a8e6cd9e2451e1b01a7449d4565a9f8b34ee5398ec2e6

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
3a68f83bcf1c0738bb54d33e05e24146

SHA1
9843bdb2a2dbb8836669707515f1fdd0698e3209

SHA256
42186d80b8b1aebd7c04f5adf0358aa355d7660387a733edc35cfb26881a1739

SHA512
760af5a8f1706774ee0c1e2cdcfa2a79697e294ccfc7190cb0d0caa66a16e509544bad5f8aa580bdfba8ca2b76402d5acda1ae3ac2e291abf83165c09fd4b8a3

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
6a2b6f721c69b851509d21e3f0132a4c

SHA1
983ee39b3c720a8e97c6c0ec5c8b1f9944d44922

SHA256
a84ba21de12c7b4cb2055512e0ddb4ba2be6a2b23eebf39063f318b16e39f3de

SHA512
47e4d5c3c55e74485bc20fc6735e2461c4ca8f793d89c32e0ed7f99d8148c8572a24df5b56e261a53b9a27413d0c7ae5ed2d51fe12dc2bd5598d872164f93b57

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
0ed5db15a1a0659c5a9dde3c388733fd

SHA1
9026ea26554f3bd4241d7eb122e446f0a55c5e4b

SHA256
1e1008ae72fca96e208995cf4e4c03312062e6b7c7f5bd02a085d04db64144e0

SHA512
1368678786aefdfe87c377fc9bcc882e1ba46d4a3f2ff67f9501569b22d9b377dc5d01cee028b4a8c6a131bf4cae6d8e47a3cfb21516ddffc5972c850f15fccc

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e58ec986d9938d86dac6c24eddc5e0f1

SHA1
5a1c3d105ff117ad5f38fb5f0407c1011fd41155

SHA256
6966b6218bad22e75f9109dedaed3531e1fa75223afc291c38d031a47f788cf9

SHA512
148e13871f044aea98fabbe4c17c7bd4b17c16168d746cc57573ce44076d4df538862fa190caf45f645dd48e1a9cc731d80af3bd326237798bb66e8aa0d81a39

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
3ab73406de93924afb2e3e1bd62d182f

SHA1
1cf5181cd482c93a0b2bf4c83c374ecd4648bd54

SHA256
dc9445a335e592dee7e2538c3aed6a187c30dac6b52be2714fc0d8ab58392914

SHA512
cb21d1ae6ccee79e8c19e0be1c05a53bac2fdf0f26bcd804f4dad1bd0fdeebe5dccd09a0b5b8486bafd72bd22255ac39ba3b15b03159ec18bf349182499e6535

Download Submit
/data/data/X.God.X/files/PersistedInstallation3480367304141699472tmp

Filesize
90B

MD5
d0e6ef8e8235525aca5322fd428e3231

SHA1
283e17577a04152d7a972f8a9afc296074c7cda0

SHA256
8cb60ceeecfbff17eead3d96597ef9dd6abad597273de065a8439b3a863c646e

SHA512
457ca698959d4fca91401e9a675d8412ad1d1ea68faef3b0c104e454f7567a1cba2879c41b5cb5cc323f8a1ed8ce2c52d171578fbcaefae7208434c4b931f7af

Download Submit
/data/data/X.God.X/files/PersistedInstallation425335889704321608tmp

Filesize
567B

MD5
877eaf6cd56b431be2753d1b8875f667

SHA1
fb8ac7d09a420ebacb8484909d4872e38acaf001

SHA256
e2507d899a8b94110a54363afd010facd13ae472d1e1ebeda03db15ea12f869e

SHA512
b7fc8635150cf27f1eae2b08b118af1a32a2e0b37cf3cc6b677e3ec6a31fc0f3b528903da7a2f36e6d05b297b943b0b6560662debe7ba60f63289efe9260967b

Download Submit