19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25

Analysis

max time kernel
20s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
25-08-2024 00:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

adl.apk
Size

2.8MB
MD5

a9c325de4633252138fb2892717feffd
SHA1

c6e2cecf49e761cae125c8a7f1469535cc71d5a6
SHA256

19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25
SHA512

52a665c9016c4351bb59ef3a215895132d2e879b46cf4d3977bc6ae550a450f65d7860f7d99665d174ef54a5846f81d7ed2269a333290b1617d89b87c8d5e995
SSDEEP

49152:DTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMv0HDHN:DHy0mqTy2UU8ViQv+Mt54CjRFTeMvWHN

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4483

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b8906b2abfa7dcff476d0527575c1650

SHA1
156e8f04380e801cf10dcc458638f6277d7b3d2b

SHA256
a014d7f9751d6d11c71e0c08cbce7939e474ab10d9353dca7d91a4b5864e785b

SHA512
fbe9ee8e5324ef6e3a417b9671ee90dd6add717657f07508c3e62896476f9c0c2733e590377b21167854a6fca129c19fe78d0470766fe42ac5dc05a0286342d5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
746fe35ec5039a895de2679bf4fa9312

SHA1
9e185fc093f5ef4c25e863d653ec9fce745fd33f

SHA256
0f2b5df82d9bdf7580a7ec9d841e5b116af55f6fbf3b56b6f8b8e89cdecfc4c9

SHA512
13baf012ee474564c709a1e74359b972347374edaff77c0c6eaa73dca4abab81709a76c823a01520bd22a6b550f205dec33eacd73629cd5a772e3a248c2a195a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fc9d82d92a96f36e07e3f6d2d648465f

SHA1
1f4365236dc898cc6d5fb6769816b893d0c77b4e

SHA256
6e79c777d3a98d5023bcebe5e4b7f18601c5359f9f27e0ba8cee1abc9e553b59

SHA512
8dae2f5b95ff47d36ad7e887fd3b2e782de334aeec7e1b96e958e8430d95546fe81cab9ebaa5d08284dda33c4ce69b8572696f703033e274a000362f4e9a58ce

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
436e75a397e288ad8b1b724e54b60476

SHA1
75d83e7cc219aa3d55f2f225809a637ddc7baa8b

SHA256
9d5a7319dc4afabc5e1a8a0851ac0c51fd9694a3fb7ff3690fac156fe886e1e7

SHA512
c80daba8382dc0f9584ce8896bc5aea2ccd68b2236a4e4a189ae19a797eaacef8ee9ff3a27b3142ae4dc0b22d30132916e15015013ab681d6893b03b843e4fc7

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
abfa9faaff7a1a594f04b0f9d4e96b18

SHA1
ffef8a86fe5be415e2e083e4d750690fca16a577

SHA256
a0f0860da1326225c95a300f678e427338489327a0e7d41c9966256ade7f5591

SHA512
d1843041c29908fd792fc20c51523f4fe56f59aff50df924ec96e10f4b2227f6fe2f88bd2e2e8cc0f7d47be953d3db1ef28897a09afb8db7a90f3bacfb9c6c8c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
3ba07522f4680722a2191f8191cc7a03

SHA1
93703a7dc03bce1b417a6285e203838073f58b22

SHA256
03a1573de7b433879d8f97431491098833df63aeff80db504c8908f234d36697

SHA512
5c134e53c6297cc8b66127fe87a5521f0b3f3676b683c6a8cb2829251f107ac2c4c4c885c24c33cefa1310c2b6c53929358e0420d9f4b212b62a762b523869d0

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
4f0490e3b51fabce06e3c110be78a081

SHA1
9b8270a1350e7f49c9fbc7dfbbc390f6e6fac9db

SHA256
033912ffad55b24d2e61b7a2e512f125d79f3244937bd8194de14e5df8934c18

SHA512
97126edae3ab1684b50f0ba1e0e803b2b8d0505d30a3cfc2210fe98d5bf6ebfd0fd646564342456eea39a911d2699ed75104a8c9e034b93da449bcf34f88ddd6

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
f2b962376fa880e1738ae36962928474

SHA1
feb97d4ade0fac16147072538b2bede3fabe8e52

SHA256
97aa723d5e0b715d801036f40938c82be8697d2a7dcea6cd15ad68df95bbe49a

SHA512
1812e40e4fe7f81a3c52c3abd96ba552a75aa82b3c6e296c8841b5124d259d5871c73f36485c860d4dd46e83fe3f9f161cd92b7d3ab36b266e93dab78e8e0f88

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
456e1295c5dc2c93c4f63847ed458212

SHA1
867aafc36b8859f53911234cd14545ea9f7b546c

SHA256
11fd1b545e95dcc92674edcda189a9590c14ac75444e5875aa2fc7ec17bdd3a7

SHA512
9cef1dedfc67bd8916c3d6fea8b56284b435d479f9e87cbba984e0430e21de2bd262b00785b1f076844e680526c6db3bc0a1f95898fccff5bb4accbe7c828088

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
dfa00fc6ab6493b72fbab4835db51078

SHA1
fbf1855d96a04f0d2eb9e9e2082a21bf8079b72b

SHA256
15ab1cf697f566140e54ee25e360f99f26bf729c5df179387b04b7f21afe125f

SHA512
ca3757f88120ee7554f51029004541a62bddd64c9a61adb97600c23bd10f52d5b0ff6629b900050bcc32a01081d5c4bf174ecf2f641eaa345c0b95c573ade27e

Download Submit
/data/data/X.God.X/files/PersistedInstallation1709262385299380910tmp

Filesize
569B

MD5
03918efb5d117a6e55d4c20b5a46dc79

SHA1
506a01588fd5dfa872980a938f13cf460eb79658

SHA256
8bf812368673dc1a2b358e3c6601d3be375140d765cec6e47975e26b2b25d6eb

SHA512
e66e9fb60127fdf776317a1972dfb0e6bbbffc54b782fb9dec9e8c7c3aabda0f22278a8e93fece244c8ae3a6dcb283292335a9f503d7d0a6e5c1e9e06dc7a0ec

Download Submit
/data/data/X.God.X/files/PersistedInstallation8964984058547688367tmp

Filesize
90B

MD5
0c24c968dca92a083cee82aff77d22c5

SHA1
a5067c825dff573a10939f8519341ba7d6469a09

SHA256
196deada03cb320dd8c2c95529df8a6ff0fa3c6155a5ca824329f9d290142d2e

SHA512
8f422c93c9d59c2e410a90200fd2eb09660f481eb93811ff3d7eb092763b6e619f1c0f36269b5b96e4cee3613d737cf20a3681c567d924d4bc649cc742035cc2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads