d793fe45400bcea8b3f7e0acb6a64eaf3a7ef3f45042bc787aee4469d63bb0b1

Analysis

max time kernel
20s
max time network
129s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
24-08-2024 13:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Application.apk
Size

2.8MB
MD5

369c156b46407d1c995957540d919557
SHA1

7bebd8b3b5104d1fe2ed39ef60574b58c38f4eee
SHA256

d793fe45400bcea8b3f7e0acb6a64eaf3a7ef3f45042bc787aee4469d63bb0b1
SHA512

94ca26375baaf0fa75f9feec26c188ad410a3a1ac4d33421fff227d8f85be7a898c65346009e90ebfa3b3c96d1026ac7328555df3c1b8c075a5e611cb5c2f47f
SSDEEP

49152:CTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMvP1fX:CHy0mqTy2UU8ViQv+Mt54CjRFTeMvtfX

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

X.God.X

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone X.God.X
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

X.God.X

description ioc process

Framework service call android.app.IActivityManager.registerReceiver X.God.X
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4249

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2799e13e13289662dfae5a7be527c9fa

SHA1
87d04c42002b9b0de56e68eb2c730f2979110d62

SHA256
7fb03e1d883086f087aac4cc1298b257a87e4407bc167db8b884bf9597f4d8b1

SHA512
07fa0cc78de9c01671d9a819675944057a2876af20c16491b2cd73ce9eabbbb8470ebbbc8aaadb98aa534a82a39a679b32e587d872f22c881623e9f4a3fdb788

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a9386770c18081f8e624df9619953eaf

SHA1
100203583bceeb89001a07f253e5a0eaf7eeedfa

SHA256
5ca2a929a91036bd80e7f45d9cebd684a64a90f0c07a81d032371afd9d9ddcfc

SHA512
13761c24e91333adc5120f51cdce04b27d03cda8eff66700f769f778c7e8b278afebe0261808d1df5cd7fe827b4d4c31a4f4d6f5ff85e652933bb2d3a796887d

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
27ed07bc5c32612a7b2016a478b2b3b3

SHA1
e6a27e4be66ad9a906e21333e80cc6906fee0b9f

SHA256
9e2085a1811b87d20b895dc00e7c810a6e9362dbaff8ecf4136d7ba9dab0d710

SHA512
9560333c6608d7b58f44736898a45861a360930261d954df94d7e13773fef666ef0d704d59d4efeaa13fc4246b730014ae65400788755e535dca435305db2655

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d660be35ab2f5ec917a177e29c0ba42a

SHA1
7b69d1861060559c58e766a551168dd1839da3d0

SHA256
f41214924e686987d0a71d7d7b7a2b64309a7258a902d9dcd94fd0d6eeba630b

SHA512
6e79eaab21195cbbfd9eb73255b86c0551eaaf47b827270dbd9df80157effe2f696bd557b353f6e5a5edf5ac7f9c6e87e1fcf3c2e8dacdafdeb3be4dd51e611a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
48eb4ce4ac2ffc9357bef806b1ea7435

SHA1
0ecd411724bce9f9297fac39d264a8797ea391ee

SHA256
78e2b4131f793bc1a377fe27bd6c237ed0a46596f149fec7ca4d879446de52cf

SHA512
b4a0de787325dc73422a739b5281bfb8d9fb67006432d1dd90edcb9e8d9b3eef9641cbce6ba0fedc13b49fc288887613584eeae23ed4afcae2baf36c608caaba

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e4ef49186109298c722da9e3fa31b571

SHA1
a3e1509a1afc17d873860568bee5f247de9fb4df

SHA256
d24d57f17674bc92fd27fbabc81a9741661826fd59ab6f66b0318e3f81530c6e

SHA512
ea361cb74268c99af9adf4409326782d108f2baf1eb44e74f183bf26d40e75c34154a015a826dd385d294cc465002b6ae914ae217e0ab1dd2d04884d0256b636

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
6e0a628d2ab24b62e69a16ca73dbc38e

SHA1
539a13076a4f0c9244456aa1dac7a84deaeda563

SHA256
10a4b757e80de98d5e5dbfa0c55a3da1d5fed473f20859808855562dad17af11

SHA512
e4374a25da10733200f40c1fdd5444feb543e573c9905b2f21479d3267fc8134cbcb33e8d4dff92c0c01e674346aab87a797dc8e2729dba391ccf6f000f69218

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f815ef19d5390f6930e4d1a5176683f0

SHA1
092a8c464d6b8086201664f22d843e852b755a46

SHA256
4285dfa56838c84469423393e4d459e44a032e4377b89cf748bf581cfeb3df85

SHA512
6a1d1a76191d643370dc1289f955e49505ac84d561504edca7e6d4b4066886fe6d9a169d775757951dd3e8b2f3b2019c3aa767e421e5186b816aef9bd9bfc995

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a16919b48b0854a6847f310b17cc9605

SHA1
b3436d71137bfb9390b276866c8dface50b1a97a

SHA256
86a506e957c2b19d297cf2dbe8ebfb1b3c6c2f6b3bf0fb3f956b23107c75b559

SHA512
f64f79ed23017d55ef56e3d59fefb4adefd21cc3ac652b77c270f774806f58552938186e4d5dfa33b9e0fe8cc71dd9fa505cced371ad3b1d7958a6c744fb5d8e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
0b130b2b5abf387724d548670084a236

SHA1
4be4fe496ffff15a3c24a28de76ad2259ac7d89b

SHA256
8102457a2283e9ddac9b17d67153249ab0bf0e18a28667fedf3c8cb95ec16be8

SHA512
b79500d6918f7ce4a70cbe2074e20297b4c62b2362329f4e1053f3e72f4b6001703dc565379c1d7b12f1b3a642b694b9554798a6be6bed40ddead235d4bf4cd4

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
91f645ed25cafa4221ad840ee31eab76

SHA1
5423c0757fc0b0f9178f878c532e98f6e48f968e

SHA256
2e7d04ac41d7cf5b2646ee1e223e05c1a5053314ea511e7d22504a4315011ec2

SHA512
46c2685dadd50b8d66a595ecc5bbca8f63ed4c6fe37451401a8bf7967579c3dad121eec6ae9133269b5800e48af20719d89d2dee194495189b9a142e9f82e32f

Download Submit
/data/data/X.God.X/files/PersistedInstallation2242984582219589436tmp

Filesize
569B

MD5
0b59d7f33890b18ed35d95496d3cc976

SHA1
cbaf1752245b066bf4853ff5dcbac8549c6ac338

SHA256
7d313d42242ee68764cdda40b328dbb5c192332e50b626ff9472e199edde65eb

SHA512
978c76c57dab6c87b01886d59dc2647ee3112ab44988ec2c14a713fb774dec9a0c28c0a2a7047282dce89f12ceb0ba9fa8e710425bd82b66e063dcf37415c801

Download Submit
/data/data/X.God.X/files/PersistedInstallation6292278964574668498tmp

Filesize
90B

MD5
10453aa7ac5a1c80d2811f3801504b13

SHA1
3a5ddcbcdc28698e4075eedd180a641011bbb0fa

SHA256
0d8148cc25ae71da9685b167272644e34e4e6505c0f7cb0a97532ab7df8577d5

SHA512
d1d2617b7c06f12adffb322b82d217e4ce11356fb0ee2d814f592a20501df64f7fc3083a9899aea371286b8b0b44b44697f7cab7dab6ecb181b02aa8f98b4459

Download Submit