93af370c16032f2b34ac2280d50651708249a5e4729d4cd8fac05d3af184a7d6

Analysis

max time kernel
19s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
21-08-2024 05:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.8MB
MD5

ba4d33a8c94eb2d7964922cfcee82d3f
SHA1

5816ae891e89185f9d13f4592f3e39b5fa0ae009
SHA256

93af370c16032f2b34ac2280d50651708249a5e4729d4cd8fac05d3af184a7d6
SHA512

c6d82fbf055e7354a83d1d9a8aff9767e10a13c5ee43046da3a298f7581166ee286e64c8d211f8442bed8791b0c9154cc4e9dd1f6d8189d4a7e89bdd145b1724
SSDEEP

49152:TTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMvtu/:THy0mqTy2UU8ViQv+Mt54CjRFTeMvo/

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4255

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6dc9ec629af0ea8ab71a3a735a30f8dd

SHA1
e02cf4de0168c284f182fe8c7750f2d861c99855

SHA256
a81c4407fca0de12f4f85cd8dbb9049e82efd7098c440cb24f383bb3e90b64ba

SHA512
8b6ca78bb144c430b4ed2ae439027b6fb1e8a873992e0d376f1a9ca966dc5a378555864090da7fb2efe5f3f63eb8e614ce62e2bb37556edc232a1fe04ae6af39

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
35033f7d51890be143c0032568ccfce1

SHA1
4f5daab2e3dfc4f4033a6a44f7fe748fa8362169

SHA256
03a259697df017951f53637fc8716779976339524ccf45bf960edd9619d88948

SHA512
6db66910380f4d694cb757adb68c80cb96b4aa83da8c9538fe95738128c3ff148f64dbc13797dd7314a35878fd0e5458b7f62f73292571e2e2c579ab8e5e0bfc

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e4ac63f6fb08b68a2749331eb98a7e44

SHA1
6e555b3d5eeaca29fbed24bece665efbd6ff9f1d

SHA256
e09d18e79574663faf4c7f1cd1b35f8159774240e4c934c676d6be9bc9bcf56c

SHA512
91ddab49902dceebdfc0869962322e8b6ae0be0283489c659abf348061ed5bce1c165a37f01af34ee63f0bea54bbd52d952f44560b258bd6c4eaa37f1358014d

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bbae554d4a4749e99e795d03f958b505

SHA1
b95ce9977a6627f5b9008a053300f0a59a62a52a

SHA256
89a15688585db85802a4e9215c949f0debe1015c623f7fd51a0885bf29903914

SHA512
d8427f33f613ea90d25d990b85955a3913b30b1bd6b00d970953212f1b5f7d9cae1f8c5c8a8ed39c9f024ff493d924bc6f32134d0bd2e81d324b3d26a2f0b528

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
452e1d5f921a7bc2a1e430d24adb88fb

SHA1
5df7a812d89abadda438db8dd22684f6055469a5

SHA256
e4ed049f16f339d07ee2fed4c6a6fa7e041644b7c249c13501268092f091fc64

SHA512
f302bfee2f1d809fdd3da8823841b0e20d9228f79270771a27b4dd8c988834d177ccdb9619c04d56222f7344750fa7804367f9373413c0a4b07fd09dd8837630

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
57e363900144a81d30db6d5ac857030f

SHA1
9386249a4af3cf604a82b7ff34533255abb7f05e

SHA256
6ccbf77cf0f656d731c54154bf82e2e2ffca014f7588a9ef237bf18106a16c13

SHA512
e19ad7a8df2000c0a6d997bc58312a3aab03ea927e1f60e3497566906fc892f9086fd1805aaf66c225233a323205a3c1ca457e17993826ae33df6c7113e281e9

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1ad48c66071ab7865a5d1a35bed8c1de

SHA1
76a0bd4a89235100abcd6995fb391b95bec3dbc7

SHA256
7d4c434a224613a59215d5559e33ef20f1a8726cafe3d8dfc683f541f989d492

SHA512
fd3c80c4c65b080e05588ec52fc602fd918b3a442bf3a0ecd159c2a2cdf1d10f95d26bec754bfd44959ec5b62d2410c0a29f5afa5bf1c4062c23dec4297e6f26

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a8f77353d095af1a8aed7faf14e0e863

SHA1
d448efb74b60602514676226a3b731de7615c2b4

SHA256
6e2b29bb6cb4bb9994410f556d111a21a742d501069ed0962e6d5ecf46952031

SHA512
a33b1805b09e9dbea9b7234c00d134e7dd92a664b709a81ebe46587b0b9c079d8a2fadaefcbc43cba796a64586a737016006da00df236406dc4435fb01470047

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4be9488b10a731e7de24b932273a1602

SHA1
1d12b49e2b72a6355f8342e4b7f26da9a995dd38

SHA256
9da64f25416659228aaa9aa6b2abe31df87403420a3a5a9b3c38014fc7f8a171

SHA512
8b4261d3b9e5a469553539256eabba0b7d02286d8064773b88691a0d046e257a97e0306fc3e112907822871a329ceb4c61d2c59cec30cd918cbf705949f1f407

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
83bcd28bf0094a3a1536e6d4069c1b1b

SHA1
2a50d0f5128e815e503fcbfd1d4a805b68acd742

SHA256
ae7961206353dc2753d86def01c35d381e13ba46379f45696de70fcb6899b745

SHA512
c6f182ca9a3f98fe599414806d1f981e9f97644949dfa72d24a025a2bde9bddd928c0583551ecc6100d6bf181854005aa325ad6cbd51234644a53ebade2f4013

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
8fb9e7babdf5343ef09042cedbd59027

SHA1
2c75c733540550a62ebac946ed54d8c4b773cf58

SHA256
2cf26a0ac7cdf969ed1b0249400553076f6203e542f733844c1850aafde8da80

SHA512
a362673a23657093de816f52e622fc03fa83ac90166107cbd16f01d5d59844d06e06f3fe2a8d9f9da599292a7bb67a854a55a40677a809e77d0842198e2d1791

Download Submit
/data/data/X.God.X/files/PersistedInstallation1517644157854257026tmp

Filesize
570B

MD5
a4b2aa4a9758797fcf48bcefb7e8adb4

SHA1
53d776f05f504a4608c57a3babc9b3def1b0d7c1

SHA256
724d9f0df9dc8642aacce32ed3ec5095e396447abb0ebcab57e3e3aa5f5653dc

SHA512
63f2ad7fa871a578b28e6ee84e6c8832d61af657387a9ff67a2854d8b23890de8f2f2fab3e77b7676d5cbae1a5238e2c0e138643e243207309e897ce4408648d

Download Submit
/data/data/X.God.X/files/PersistedInstallation6778276417486078387tmp

Filesize
90B

MD5
773a60140452a879ae5760d31dbd0989

SHA1
567f3dc10c8342cc9f2d7f3e547e02827897b5a7

SHA256
d8501b0d776a4a3d38c58d1c4084cf8a05479539c184cbe020ce6edbfeea821f

SHA512
1053de6c7651abce1746147bb816593130fe66cf9b28102bb899e56ba22df093bb8d45b34788a7c691448685f7d4bb893f51889a4cdaa66e1f6000ced0289d64

Download Submit