464c736df632c2aaabc3be139cee8784daf74d363752363061235585d985ff60

Analysis

max time kernel
47s
max time network
180s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
24-08-2024 14:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.8MB
MD5

12a7837bc99946ce9d24dfffaffb3e16
SHA1

2684184514239d29ac2724a019f64f1a9ac81644
SHA256

464c736df632c2aaabc3be139cee8784daf74d363752363061235585d985ff60
SHA512

b1b8b11a06fcc8bc006c472a383e0727deb2b25c077b85269df78924c301c42bd63d679db2e26d41396b0894694c492fd78ed4abe3f01ec685f876b5d557c7ba
SSDEEP

49152:6Tbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMv+R/V:6Hy0mqTy2UU8ViQv+Mt54CjRFTeMv2V

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:5062

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
442e7ed5987a4f43880ceae0cf4bc0ae

SHA1
8528feaa9a2def4649bf20bd9577da6a397dc857

SHA256
a3783601c442ebac3a6970e8a47c04768eaae087229be1a34098c762aafe96b3

SHA512
689b34ef7bc0ed44c346bf19171fb2a7cfe1c913d5d178ed91521ee1043872b34b88812ff19fc0708b6050968e6970259a6bd814cf6e4cf5098eeffab8b11509

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9dc9e57fa0f5e5f3b368e76c81cb396a

SHA1
ddf7b4dcec3fc3d532af612afc6a09b49b21644e

SHA256
c266ebb48476b45e690b1bf910a535a08a177bdcde65d1c809eafe1594125f25

SHA512
3f7a2b7679a7f269aa0b42c2f25c4af81a3e0a129b52df26e9dfd8694fff615822f17153893854361a877d1711f710c1f69394d87cb4072e107be05ab08a2569

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7f1459169e0a3f1ede64bcd84491bb18

SHA1
0e8c008b11fb1ffe71ce2ff24b93bb7e263a53c3

SHA256
3ef59c905c13892e7e0ea6934dc8c395544e1358421a769c4012d88a25c8c940

SHA512
8b3bb45903df434f6ec926c74c6fbddff02913c3636e1833290768d6aa484aef899fb7a379accf4281ec8ca36c205f5c575f80b09097e3b19102ba03b6d4caeb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b9981698e4431a5d17217a737da50555

SHA1
31bf37ed6057398ea2e5532a401b313e229b35fa

SHA256
57af345d7f27d27fe7d238c2d6106b083cce88481f708b758fac1b84ba78f8fd

SHA512
cfc2491479bc90e0b4e49c4eda4f88d4d607d2ee61f703dfed0e90759c10cb316839a266cc87b4746cb42f1529ade086cab1d52afddadc4e3f833cd653cbba07

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
adf6082723784327d7d1b34adf974e7d

SHA1
b1502f70eb881a1dfe41139cb719fefb877ee37c

SHA256
252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

SHA512
762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
baf65425928b61b141b5a625b2d3df7f

SHA1
17c9cce86fe47213f42344b8382fe0f4d19b135b

SHA256
c4766c02d3a2e54126c5699ee55a75b23bca7fa55696ab7295be737db9caffca

SHA512
bfb8f544df666dda056aeeab3c940a127058a5d72e573a5b293162fcf6de0c103c8095b87090fa9707e4a3c557dd0feda16ab3737d1bc46892edf0c3545aaefa

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
63457f49f2bfe75a943d8d6a3ec90974

SHA1
c0438bdea33e5dd85c169946cac5453836c1bb4d

SHA256
5008690fc7a9f6d55d9ab88c1a0e6f80e54548f09c42d71a73442320e0d66b86

SHA512
d7fc61858abc495ab1474f33372c074830a2934cf7f22d07487289c978606894251d7b6a384b76e258ee0646a994e031d268cd5ede027674f628940acbb240ff

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
1e6c7fab569a1755b008310e90575340

SHA1
2ce35f0c3d2c1b1e361183649c39c172b608a29d

SHA256
a71421e972c147b1d24e7e88a3a2d1456c7132bc53359140d550b2d3269613be

SHA512
02f8a8e918a60a66c5992783d8bc9e9379de5263eb4a16d582ac560465bf9cda523a20d35b6fa3a6e30f67035202e4715faa3150a2ab9360694460779448dc5e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c90befa125aa19284590a2864015806b

SHA1
6db470a290cdf49b5a670db9a476472606ec3874

SHA256
c75fcbad06f1dbcdb0b8363dfc97e3978065ca366664ec2e2000238346dda355

SHA512
ad82b106468d95b78957a11cd6bdd7977c65f0d03f4423fd0d4ca9d9476fcd2acb0368d53ecd4acbf6bfc397d675546293a6af431edf9b8999c221be72c47f63

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
2375f478bfe4d04c2a4f128888bd8b24

SHA1
2c9edfe583abfb4b03db157c9d264577e7da974d

SHA256
60c1e164f6756d7a9d7b320b0e15752907a288b1f6f293f39d3de12649c945ff

SHA512
10447b5ae8ea7095e9523a9b9631f0317615471c273ca6b740f34207162e7b645a374c4e67b931f7dc61aa89ab9d6211d5db883d8e0c5e09536e887c251b6d35

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8d1fd8d50d986ef6f62378369920e408

SHA1
0052eabcfe563287278f47a7d8059032110b33bc

SHA256
ed50c0690a13bbe40474cb4987823e3b8d0ada9db581643b84c5ac3250954964

SHA512
e1c554009f0f5c358b6f01303c5614159a176a5d88695a715618b1cedab1fda451ab057979233950e4ffd453478afe4aeee1f7c4bdb51da61c7588f7921f02bf

Download Submit
/data/data/X.God.X/files/PersistedInstallation6826538104455417663tmp

Filesize
569B

MD5
186df757855772064cc0272fd9d72cdc

SHA1
91e7dfe673673a53dddb4104b6d4e3d544100676

SHA256
ca29644843c329639c9d65ad9fdb101c371b2e5d85d30a174f76530f5bedc2c3

SHA512
b2a03473337616b88778174f8d8b87159f8877629962fc45800befa6efb71d25c8471aa6d76f9a308f7c804509da031e8df2ff828ad1d3be404fb0185667175b

Download Submit
/data/data/X.God.X/files/PersistedInstallation7899501795823737470tmp

Filesize
90B

MD5
1bacf2188333e773d0043fd0ada8610d

SHA1
2daf3cb769c763a927ebf186e0062aeea145503f

SHA256
88fd0cdd16e174b7123cf42d7c60523af0aafa144265ba87b87ad10b6b7d6566

SHA512
ab3571a781b366f0c200875868082ce42c8bd76bf88efb7db6d531ae3f1d410adb52fc779e92f73d335b2dea1fa3f8600127dfe604f2a125e5f71d90f057c123

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads