19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25

Analysis

max time kernel
19s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
25-08-2024 00:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

adl.apk
Size

2.8MB
MD5

a9c325de4633252138fb2892717feffd
SHA1

c6e2cecf49e761cae125c8a7f1469535cc71d5a6
SHA256

19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25
SHA512

52a665c9016c4351bb59ef3a215895132d2e879b46cf4d3977bc6ae550a450f65d7860f7d99665d174ef54a5846f81d7ed2269a333290b1617d89b87c8d5e995
SSDEEP

49152:DTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMv0HDHN:DHy0mqTy2UU8ViQv+Mt54CjRFTeMvWHN

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

X.God.X

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone X.God.X
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

X.God.X

description ioc process

Framework service call android.app.IActivityManager.registerReceiver X.God.X
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4247

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b4cb82b1684b9285976c5b9afc6e3e3f

SHA1
0edc3e9b73a7bf6cef4011de04a8bf6622229b21

SHA256
ab31beed9930b3773ff7e4f64e17c340c9ddac0d4185c26001eabf0becf6cb69

SHA512
4884f213c038d18915763b9deb5c711dabfdc4ac7cbdb536a0cec50646941092c72e13b47eb17a0f509b5f1375c9dcf9064bbd10e2d6c5d92ab676486d0ddb86

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
42c7eedf13efa898992b759dbe4c0a26

SHA1
bd5ac8f1e3eaf2eb01416bfb9e8dd1d22734e119

SHA256
a60c3707157a60c59c4a2ac323b4ae8fcaf131431a49eec48297e8bf65ccfb0f

SHA512
f03384b853526f5644a23bb291902152753c282c3ff22d6d28b23e9cb459f5022d8160334f301d9438376349c66b30918e9c2135a3e6b68241ee4b27d33fdfc4

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1d96883070ab00163e139dbc0f3692af

SHA1
e09b498b23abd0799153d5e1f49696bb075a9b57

SHA256
377c1fcb6038c5650825b42fce50126fbd193985ee04777e2937b24ade5d51f1

SHA512
bdf0f582894975f5f4837de30ccdd618a98f3c79825f70924055e8911848a11803d8ff6d7ed9bd91fd283b7d96993de12b0e0def7d2dbe83c5308ccaad30e5f8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
86a80514f0168c2dd597110a0fb717ec

SHA1
59b3eebe5c9c9896474dd78da6623c343daf7d94

SHA256
569c19ff775c85c52761306818ab77f82688d34f2e248b70ba42420ec83552ac

SHA512
712a2064242256f7e33cac45b0d12a38a5872a6809d07001954440392205e2deaecab8332084b6290e9eac2465ee52c6583e6d50344e5da4bdd0e1a59b54a955

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
8c3982c31f940a4c9fd07796cf09a15d

SHA1
be927a2da0508582d364c05eb1e557f1f2daaa73

SHA256
0e0ba0a63748c4b64b5209d2b2b5b12cea39245d82af25a9e4d7663df97f56e8

SHA512
d7e947c8240ebc630f6d19086ac47f70f8827fb7f0a6b8e5509cc1545751edec4d812cc7c7c42e3a698c4985e402fe5fcb8340bc409616631c08053afc188587

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1841b8fb3dab3e3cf091867bce80a654

SHA1
d7c7c8586f51d72dd432b0bf600eb2aaf579de1e

SHA256
7646941139d8b1abb87d3fd6e615e11179e2302cf1c705cb2ab55e6d7274e7e0

SHA512
49c01a3eadec7c5b712cddd693e22ed0135f5bad939ecd4c1ad836d88b5aec4875ff914d40f95da61fec38dcdd7aa21fb67e684f6f0716702a9ff993caa35f74

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e8b628d2ec1db51622ae2b82a99fb248

SHA1
255db5a39efb9c6368a965cfa2fc98323c909e27

SHA256
7a429fba704ecd25d7a139d6667d7b21cdef6f81d59591ed5349a7b3ff7c5a67

SHA512
56dcd5e6e069411156afa3a1a7c564740fc326757d60fdde737eb1a3cdcb46209deded2cc60928a29065f8a5a1ae830a1f049ab07e847917fb50e9c12011a7c3

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
90986caafba98bd3b03e805a5fc99f12

SHA1
8c09817beaa1f005a28ed80489c1ca309325d259

SHA256
c91af20c18512697284ddb76c2adadcf366a8c4a53550442016f7100a680f8bb

SHA512
ec6ab9dbfe33b4aa557170ae1111e69d1a666cc4f43ef0838523f302021593339ad092503b20576ba23a4c56d7305f258b98b76c582188a49a28f3391d442852

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d2c05d3ff5bb9f045828ebcc917bf1e8

SHA1
a48612ee633dd519c2e431cd1dd13135d0981694

SHA256
645e6eb2f377a259efeee911d63f400769b486ac17b05057a40e5f7239fa72d8

SHA512
8ef576c29861ecbc777646df4c02db45e3222f40af6fcd6916e4cb439dd41088cecc96c7445627232d7bb1956760e86ce9ba33b74c80f25d4f966e11caa9488e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
be965ce2722c79ab40a7930f6c99ce80

SHA1
7a1c4ece1ac45acad04d5a6f36b8b4b748f78da3

SHA256
7436c666f622fc49afd3ecf09530a28bd66344ad9506f67d95b4c4e497e30b9b

SHA512
1f52eb88605666113792e87e154305ac99b5bbe7c2a3d91e3cd5aa3dd42be35201c03bdf8c3079133fa4e534bb1f1f0fb87cadcb950ae1a61223619591003196

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
2aa2eb85dfae65d0a5a6c2698129c6b5

SHA1
8011d9cd64aaf052a80efff78bf283ff7d351c71

SHA256
8c3ed0b000979c9aad47a173b8089fac7aaba60dc1f24986ea087c5b1848d4b2

SHA512
c3f9a057298b027a2d9f0659ffdf832cc702183918d7bd645f0e84de80c98207a0be5ac7e215691001143eafc6d3b620b2aa9bb0e46021e77da0dc1b4f9bb392

Download Submit
/data/data/X.God.X/files/PersistedInstallation2317562762904590207tmp

Filesize
90B

MD5
80f9ced81d35b9344dfd6ae2c4c3e2ff

SHA1
9e444dec232dc9258e1ffa78badeaa477636cebc

SHA256
fcd72340353f4ed11bcc8d4f92ab10bef9de805b245632f416947c9a487e4b68

SHA512
5f8f0781f81dbc1009e763abecb5342821419de8ec7483ecb46817eb75f322d2ce4eccd2b87d77622296c48b4aa13f66e793c2b3474f2564b474da035651a9e5

Download Submit
/data/data/X.God.X/files/PersistedInstallation790467483503614401tmp

Filesize
569B

MD5
833cec78e654341d8211883c7448bb41

SHA1
605f5b31ae23fb1af320cbd99bd0f6253855e457

SHA256
c0fb06e8fdf1ac4be4593942186675f858f9ba45c7942fa9b371f99f60039356

SHA512
1b5043325c4eea8fdd30dd45b96e4896009b12f453c992b506e4d3cacc2861bdd4459804bb5629443e4b1396c134d6d0833f39e3653e33ff54c42186f6ebe6b6

Download Submit