19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25

Analysis

max time kernel
20s
max time network
130s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
25-08-2024 00:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

adl.apk
Size

2.8MB
MD5

a9c325de4633252138fb2892717feffd
SHA1

c6e2cecf49e761cae125c8a7f1469535cc71d5a6
SHA256

19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25
SHA512

52a665c9016c4351bb59ef3a215895132d2e879b46cf4d3977bc6ae550a450f65d7860f7d99665d174ef54a5846f81d7ed2269a333290b1617d89b87c8d5e995
SSDEEP

49152:DTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMv0HDHN:DHy0mqTy2UU8ViQv+Mt54CjRFTeMvWHN

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

X.God.X

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener X.God.X
Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4509

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
af50abce1b92e14c4b52538e18557505

SHA1
3b46b9091731574ec001437480faf1ad4040e611

SHA256
66c52783bdef14689f64f783b5ff170b26c91207f98bea57dbeb3063222c05ae

SHA512
f23c38570d78879531f135e65bb92a9a9cba7e8ff03d71bf55f4337723d072c5e7fe1e1170f2c2766784b18bbc373ccfcc3458639c646673b813302762b4f9d1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
19ac21d2eca69f5526424197cd574406

SHA1
fcb401b62564da79184d62f7f50054124b8ae94b

SHA256
1aa7c33c795ed88ec4a13985426b6c94e39a2e5583c08dd0bd04e2c898245399

SHA512
befaa45a0704b7de46a23201826ffa977ec9f534ea25f33b070a8258a6f79ef932313fea358c168db0a8554a44b7769551970f9f523ca9648952c5f9bb4f910a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b675a211c5b7101e1f7400f4291ccb83

SHA1
9d5b5fe20d39c1c31c47d354cbb266df3e0919c7

SHA256
ca0aca0960c7f6c372061a57e8f001463ca5f9795c2669c73151651220de70e4

SHA512
adbb7aff6a78a39af3c99951b373ec5b2dad026d4e8f3072426cdf0e695f0f7849ea9977d5f5ba7da19883f9ab00d8ce08052536c78e09c638639e8158e1b623

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5d3eb2e85203f7f85921855cc5875eef

SHA1
38433c9f1e3bc11735242712fe0847bf11c25f09

SHA256
0fd567530199295d93cb205822f54df21d52b61141d55383e7ec5d241bc2cc6d

SHA512
8d4022df657bc7e5a31634ae48b83846f526593042a79d1c08e32cf0affa163308d0bba9e4d33dd2bab5bc00d845e1c19e1b8c64d730b89c217f39e11df54ea2

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
de469a9a95c7914fdd735873ad4b2388

SHA1
a08e191f4ec90260bf257171755b4436a401cae7

SHA256
2cdd8b6513a553c57e8e8cb5e26fc5e7fec69260a4b5f7b72dd628c025feaf25

SHA512
6571b10cc0c25866a8e640e3a948fc5cf5f1b5cc6b14e0966313b8b1890d7e4e6e83e3c1ceac46dccf2f5e7277bb58bb0178b85036cd33062d9c20ea1295f772

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9b542b3737bf96591efea1191c02345b

SHA1
b1666e2f709b8653eae3105704fc55728d8ab8e1

SHA256
7bc2a30098640ff93ae685083dae620f4260875738dd27d27376c2eb518b92f2

SHA512
5e50920c4b98bb57ac62ef270e4ed6c411ef8a5ae2bd37040a3cc9d24123a425f23e3b2055f9fee96e635623e7801f31579ccc7f99dbce9182056a41ed8af0b6

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
95c9c65acb2b09a1fc040f164b217b05

SHA1
69dfad76a776ff7a1ed7b8ec45d321bf9945d201

SHA256
40506072d681bdc0dc04ff48c468695a5004d1d07d45214b3a15eb2b9e37d74f

SHA512
dc143179272c6d208a4ebe20bc8fcab9fafe9e2f1ebf5a2265fc0ea036a83b509dfb89a9de7df24053afb34e2747a7ba0b29ea2c4d888fcaa76dc3df08027948

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6978391dddfd5da5f0e7bff11268e97a

SHA1
6e78b327dcff46ba9d78ab2a9d7ca73d5ab003e2

SHA256
b58f425d1ad359eb38c6758da4ef095054f9333850714b057a4694390557241f

SHA512
55fe3ab0ab927bedb0eeab6b12200291d7ae0876e475169add42e4a1fbc6d2103b0c434b0c22101629bce0a3ab082b429a3088036b98ebbbb5e66945ba9273c6

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
9a106cd4f8de5a42d4cff496bfbe794a

SHA1
ad600be1d11ad966e5165461157ae524560c9e1d

SHA256
c2c67fe970d9b068c605ea6052c1ecf05abf83b878ae9a6ca91138775483d713

SHA512
47115ad1070afd7f66a4f8f9e76ed5b83daa41bbb80d20de23e1f66f19c4d3c09f38798f0b8c47c5a46f75b88568cbe032f1f4a6a867fd44ada8703373420d01

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
57cf344fa586d64ca126fed40cb1cb31

SHA1
74695086b1e7de40284a683cc1c0a41c20e39856

SHA256
761bd6f905b09a2a1a6d86d6a242a6b0f4ac122f5615def357a6d19299a0ae54

SHA512
991eb28f76dd6db735d5080ed6366952296f17135989020bd5fa878e25b9dd8db7266c2dd6eacc601f6be5a8bfb6ca5f9866f741944a8ff7fc55117a7ccd56b6

Download Submit
/data/data/X.God.X/files/PersistedInstallation2581960193538167685tmp

Filesize
90B

MD5
a47d3789ba10c88bf2af3bbd4da63877

SHA1
5404e3ef20fcc73d722c12220d3b312ce4fa7ae8

SHA256
fb6fb05101ac0238f5131577aa8eb23b651782619de82a5695448015c28ff975

SHA512
b5958348e111ccdd4497fbc1417bab73e7690cba2d56ff576f920e022373df4e4b1f3b5d0130b11e6b91f6550bd436463c76e41ea412fcc74e3faa7e51c461eb

Download Submit
/data/data/X.God.X/files/PersistedInstallation3135111459949796869tmp

Filesize
570B

MD5
fe05e2b90ce685d54e4327ebffd94de5

SHA1
0631bb3782a8dbeadbde6ff30a3c8cedf15e2b10

SHA256
97a18ed51dd56921024b3b2a4fb21d65b6bdb5461c5fed992359787efe08ce33

SHA512
e4ff04f96d8e08caf20725f24a60a2f8e848729cdcea95316298c5648d171a737cecb56686cbb88f29cfd4cc79af7ed7dfe28b63b63e5e3b1b7612dac9f909dc

Download Submit