52bd9870e87357e66a416b9a8a374138048077e7fc1121025cf3790bd5efd244

Analysis

max time kernel
75s
max time network
131s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
24-08-2024 13:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Application.apk
Size

3.6MB
MD5

08878d839c3106967e9e0472bbdad562
SHA1

c727e854536485b12e064a1d523de236a705d790
SHA256

52bd9870e87357e66a416b9a8a374138048077e7fc1121025cf3790bd5efd244
SHA512

19830fccd9f8568393f1b7c697f485e7a45e20cd01a01470788915b942ec6f62c4464f5eae6a5eafc8fa1d4f71c05df2e01d15c0d737227b3ae4514207e38abb
SSDEEP

98304:fu9WkQ/jMdVWxfAatYZNKlEmmP41aHpxvPe3TyTHQs9W1:fu9WkQAdoxIaOrRP41aHXGjNsk1

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:4482

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1eb292e5215c6811f27601660c7923c5

SHA1
929e76caa16d85d4627dd72058c5a151ce4fce7b

SHA256
a01852e3a82104ec02fc47ad68fee4b9346c7b461b95d8230a5f17223bff820e

SHA512
c3709f768ff237a3b15ce5190e2cbd7f14ad20d5462b0da26de52bd9a61fffb73477356a5f7ef6efaef53c019c8c1c953b419f469fa7ca6a5cd95ab31def762b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
28ec1b6be16586c6956b0d0dc2dfabde

SHA1
81ed0fdd815b1b701589bc5c914c6214faaea69e

SHA256
b5a19dc209f31b7fe98eca2209710d77909ee9766410726370f8c4c0fc42581c

SHA512
62ae39783baf9bebcdf25c3dee907c9024d930b2ac39b97a859b11b9a5137588f9cdcedd06eae2d4f52f76f536aa280455b909211d99011765d27b5f78fe554c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d45fc755f5ffc25fcc4e327e6ed8d33d

SHA1
381844c1cf30ed9f8758b565758dcbc2ccba1699

SHA256
3248c6be1c16329578d17cb8192ee0a20fd645bcf14fbbeabe3b92b74de0e65d

SHA512
6a5c5fdc7940f12f8b0ab062c170d022efb1c05f6fcd0010563fe05ce92cf44e7a9b538247b85ff0bd1a3700f8d626fc0ba894e5a5ea4d7ee0aaa6c63d99ecbc

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4f3d6cee15d8fa54c199e8a4b3154ada

SHA1
e092089ab6fc1eea62cc8ab7ee495a33c5ff90ca

SHA256
3dc8429b1295054020b6f5f91bb74ef1e3a30f49e2d7bbd529f133bfc196b927

SHA512
0250b85c9faf727833df0466e026417eec0ac2ff19368bfd761c697216c8bfd80c41a9ca2460d316dcfcee10b18f61e08e7550487d06af4bafd8b77cd8817a8c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
2d0981f24ff22da72218cd5e05af4ea2

SHA1
56f63fcc8df12016103a9e01822c8da0900b8fea

SHA256
588775ba34512dd5c1b10fbdfaf7ebfb7aafc0d385b43644c8d71b71c7daaf5b

SHA512
0503f5fe23ce1f63ecae36133c68e15b40fbdf63e532df1708cb6ef3139b75126cca75b5f4bd810077c4ae2dacf560ab3460ed871a7f5cfaf28d6d55233c1605

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
462e14629df9220de4dc0aa532a3bbe1

SHA1
9a61212795d3938fa3bd063f8ad035ebc2ab7680

SHA256
eb412386d7c515d0c94ebd43ee914224ddd4697953fc851e8616dbdfbea1b802

SHA512
303abfc059f6fecb06e06381cd490d504285dadaf09442daef35f427842e8f837fef26498070cc3968f90041acff829ce3f5a30c6593c3634580c70396f227f3

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
e5c80a00850793533aa2f3e031b2a544

SHA1
99374655fdb5ae8b5625e665381b475743269da7

SHA256
ca5fa38bf67ab9850c179db073f1d3cdde808a9ee83f8a3d267b3cff8609678d

SHA512
6bfc48f4d513c9f6603401ce7f8b224e28a66c4b757699e1024d6ec43468861e27d75e364a7016748ec67c57c8b895c7176a2e13bdc01ab69e3e50c685776139

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
f5f70012ade06f37be8a35daddabe07b

SHA1
e7bc53b3578b8069f4b62df316053d7ab8647e43

SHA256
439057454f2609410825078c871a82af51c8ced01e38d97c08c66180e6b445cc

SHA512
379cbee238522f249d8424ec0262715246391c7e1c10a624e8fa534085c198575b3e3866d2ec66366804e413833dc0ed7296255b32ab7c87a6a8fcd2255770b6

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
e5f79eee67593c401aa8714190674975

SHA1
dc279112847dc09aa1e5534fde4768ebc8d87f9b

SHA256
400fa140e6ca7208477636104ea0abc19dda9cbb6372b24cdd1624acc991ce4f

SHA512
653af3c0a5a5fa4561e2ffc0e82bdc6ad1f9127fbd5358548ad4c2341e9edba4ff7c1ae0ce728c75710b5b95e0060fe9e4d398cb8fa8b9ce900798119a9a5c28

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9c384692b58a993baf99cda8df43fbf4

SHA1
f64292dcd0c8f2b104d03e2a85c588b5058b4406

SHA256
e1545c936725ae5645d19e1658a91fd139378cb4967a00d741f0bfb0acd49b5d

SHA512
c7c3caf8cde5ad40aa6e0156a2bbacb9d3e5c631c917a2e3151706e0ee618bc4f09842adf467cbe3d5bfa204ca0b758a0c9d5bd78a62e48b556a465e94f50698

Download Submit
/data/data/X.God.X/files/PersistedInstallation6026821881065189538tmp

Filesize
90B

MD5
7c39499b854ebf1f810e9badacaac3fc

SHA1
cb60cd07928f00bed5126fbe25aeb4449966f638

SHA256
474afcaa3081335abe0495e666de03a285ad21b3ccd43d5221de3d49100ad75b

SHA512
7552ec8de9f64b4e43ef5606bd12e445b820ab003723fda092d968a508df5fbfe7e34ca73996c62ba5664665089f6ae4b3ca4bbc6c46b1d021427a7f4287dce6

Download Submit
/data/data/X.God.X/files/PersistedInstallation8551548622546150784tmp

Filesize
566B

MD5
9bd478b9091b6a43c67d31f303b12ddb

SHA1
7a747ab14ee6fcc8145860ebf6a9d191d7651e31

SHA256
6ee8b20d96910090b3a7aa9de0191e586f2480d0cc310c81c228c6ea733fdc86

SHA512
0a4762806dc7eb77969d9c03651925bc4a777332a584c847a5c24424e997b2a4c7fbf2d5fb1d02e378b5b0ae1cd275f182ad0b48adf92d49c830b756e077bc01

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads