93af370c16032f2b34ac2280d50651708249a5e4729d4cd8fac05d3af184a7d6

Analysis

max time kernel
19s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
21-08-2024 05:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.8MB
MD5

ba4d33a8c94eb2d7964922cfcee82d3f
SHA1

5816ae891e89185f9d13f4592f3e39b5fa0ae009
SHA256

93af370c16032f2b34ac2280d50651708249a5e4729d4cd8fac05d3af184a7d6
SHA512

c6d82fbf055e7354a83d1d9a8aff9767e10a13c5ee43046da3a298f7581166ee286e64c8d211f8442bed8791b0c9154cc4e9dd1f6d8189d4a7e89bdd145b1724
SSDEEP

49152:TTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMvtu/:THy0mqTy2UU8ViQv+Mt54CjRFTeMvo/

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:5069

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f0331320a64b56cfb17dfa45649167d1

SHA1
8d8b09c5f301c5128cc328f9dbc24fca8c799c94

SHA256
5ce5b3e34d3d7d8336a7b4650f8f4fdd0f3764552a94ab8a9ae06f6ff18a7ec6

SHA512
405004b92c53afc77922296eebbec17d4c9c71d78863289c480e6a09169b02674bfa1b60a3c5883349a6e8ecd8d106d235969e158fafd58619f81ec71c6f5586

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ca95ac6f5859f1522d546c2fa0dce6cb

SHA1
a6cee4fae9bf4140dda0293980511165356fde58

SHA256
4fff473d6e8bbae3680e03bab5cfe2737cb5bad0465c4cc259281203a932e0e5

SHA512
24cecf521585a7c002e16de76bdb8b25e3341fa07d721f669bff80749d1c8abc7f9be7e6a076095055b5f8a52261ebb5fa38e31076da82642a1f6ddb45f9fb4f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eabb4ef86c5753ea4e195e272b5dc10e

SHA1
ede3f17a6d02a47b133a1bde96df3c3bd36c1fad

SHA256
da07d9da73f1811bff4183ba1a930b1fca61c3c17d0b9b3e692b3ff2e6524c1a

SHA512
7838d8872651dbffa8ec4bf0046ddc9e348b24ee29eb696c42b571d245ec5dcb05554eea77e0f392d6442bdeeb9c2362eba3393a02a14cd5fc8ff8d5619585b7

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bc88e92a3a07f043e621e2d2d3e3b8fa

SHA1
3b6a55d10c322d61bf7be6cfd14f3085d540faf2

SHA256
5d921419bdd3fbf1114643f7a582afa259439da199b2018d2a5f811098ecd187

SHA512
2833fbd3dd194a8c99b4c5dedb57912338fd3ae432ff9fdcb6ac97eace108d26a6a823f7173193abe725b5446a3f8f001bd2800a368653ad55a8a2135da1a681

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
adf6082723784327d7d1b34adf974e7d

SHA1
b1502f70eb881a1dfe41139cb719fefb877ee37c

SHA256
252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

SHA512
762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
019bac5a445ba3a725cbdac581166338

SHA1
55ace325fbe071202eb7b87aeb2e082487b1e5bf

SHA256
1a822dab4e02ec58ad10af004a9931cb9601e133374c9fd332f37d22f9aaaf05

SHA512
2d176a730bbf16557ca69b807498e1d5e6e89c4bf9900c5ed0e838609da0261f0f653bf517a4e56040ad8e52092466309c26889ddbdc0d72561a067e9842e095

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
2bf60c18a27159bb841fab6a195644ef

SHA1
708f7ba41251f08e4a7b91a5e5c76a175158b083

SHA256
aba10c5f7240eb319fa6f4ea9f560febac0ac9d3845fbd4db72a5eca097dd0c3

SHA512
712d924c0aed6e8c1722406374b2103af9bc2cdb81655a59f89a89fb44519737f2a3da3253e630a736d8d2f679467f66631238ee26bb194d5ae7135c476ddeb6

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
1e32cccfa843b5e530eedfe1daa3db56

SHA1
c6ae2bc5a764790fdaf11562f757bc150e451152

SHA256
1aded5b04162d6dd133023f97ecfe420963a2d143d4c310c31a48cbdf93c00d7

SHA512
3af49e85fe064482621b971edaedc3450030493745ea7774d1eee5b31ff5df17711b8f262b757ac9d5465d44cb7b010585d3875995520ba39219af3770a3911f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
4254ed2667c0eedd3cac02b2642ee23f

SHA1
3ec01ea138505600faa629f0736adcde53ae0623

SHA256
c74d36d9af3bb88df9c192543ba42c1dac70107affaa4c5c9c61e600caffb6f7

SHA512
d085cd94208a181699eae76f40a1b8b4ec0d6a7971656ee24e23b93e86ba1ac3e2f91127c4c39f3440d1b50fa22a07155404685376d7c8c76e488eb368c382cd

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
01676949bf46da9473242e747e9a13be

SHA1
e21e2c381b3b8686d1b4577a882944344008a836

SHA256
06fb7567583328512fd4bd14abd8665afb3f64fb25a8474b19ffdfaa15e75f85

SHA512
d94a461a7b043a70384cefcc0c0e642f91c24dcdc8cf841ff536d87777eccf8d9f458e85efc043e341d97a8b89b52f1dbea7d3b45119501231fd6eab116b584e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c4d01d3cd04713261f2b2a00926664f3

SHA1
49bab26f810af464f6d8165e63b0b3cf4e3d0224

SHA256
e9f19659c3e4d4d7443001365bc6c6e0f7f9f583ae729638f95ca7b82352f417

SHA512
21828ff1951846cad55c61ec48cd7f60569e8768c119ac35e45f054cc0b8d7bbc817e5c8e0ebe21b881b5ec2c75ee476f7f2ea5d5dfb0e7960af60b6fad17ead

Download Submit
/data/data/X.God.X/files/PersistedInstallation5628928816293431196tmp

Filesize
569B

MD5
e636b2eac95382edf557477886572379

SHA1
04f7df3ff028c21f62cd97f7a2665e7075880254

SHA256
1d8f6d98c5a4e9008b8d104d435bfe6ffdfc9bdc45e2acc1f6382a3b3bffc360

SHA512
b30255312e50d448c7bf8877c6e14b6a71cff9458bd64091bcaa4ebf065a5f872a2473bf8bf39afa3304a84caf338c87b69918b7757746351690f8155ddfc6d7

Download Submit
/data/data/X.God.X/files/PersistedInstallation875603773330126241tmp

Filesize
90B

MD5
1be04617224f1923df1b6daf97cec3b4

SHA1
0775f5d50ab3c1feb998612d423589e7f0011cde

SHA256
5edaa62597d3b39d68b19e4cc03d3ddfbf03c123d4f6707fd61770b7bc59ec11

SHA512
399d4c6a050b801d67583e317f9641074d7d5821ff9e023379425c111ef4e3fc540e91b0896a05c0e820ee97223f164b2a9859c50e49ab3aaaf2e4a9a6557ad4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads