19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25

Analysis

max time kernel
20s
max time network
169s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
26-08-2024 01:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25.apk
Size

2.8MB
MD5

a9c325de4633252138fb2892717feffd
SHA1

c6e2cecf49e761cae125c8a7f1469535cc71d5a6
SHA256

19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25
SHA512

52a665c9016c4351bb59ef3a215895132d2e879b46cf4d3977bc6ae550a450f65d7860f7d99665d174ef54a5846f81d7ed2269a333290b1617d89b87c8d5e995
SSDEEP

49152:DTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMv0HDHN:DHy0mqTy2UU8ViQv+Mt54CjRFTeMvWHN

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4247

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c1da09bd32ec3c98fe23a900b017219d

SHA1
6d293afb796144c7042edaf332b036064a73ed4a

SHA256
560bb2bf23ce18f0ffb861d01d2e4b0563184a87ab2938dc3559cbdd6df6692c

SHA512
2e150b6351df224fbc4e875648c66e2bfb6c7acc305e8c4f1e12d701a6d1dc97d65981e6f6d867d88f14288d838f11a38cfd6f897fae4d5fefd82bd5cb605b06

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a55054a66bb4eb616d4a38b8a800882e

SHA1
530d552db2ad3d345f2bc803612aae4c2c45f8b6

SHA256
ae9119128c97b9689a73203e8a7a5a2dfcd57e0debe3c753cb2dfa03cc7e49a9

SHA512
255fc06b26a2731243e9e7532f7d609c6059511a886ee3535d6abe982c0da391424dd3e87e2ad3e158247fdc5c790584c8c0325b9457901d9ea65e78db63a871

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9a8eda171eb74e4836cede9089ee1a00

SHA1
7c2d330cd9d52822769996e6a59c72703d9b2023

SHA256
83eec615e1ff7cb597085cab601e24f628d2be94acd8745ddd05da9aee87ea4b

SHA512
71cc040fdaf97f1b280a3b28c3c8125a8ef867f3ed5c0d02c61e36c034e8079ae5f5322d63508f9dbe987a03f83ac14807bfd5371e3f044ef6cceb005e195d8c

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a6f83891cf7f522f994f9aab461a1d42

SHA1
ddd3ca4171d0927ab5561b26ad0bd716d780fc57

SHA256
ca41935a89292cd68637647b9e61c6d10a59f3124305d9534ba4b28febcfac8e

SHA512
142cc6b3f4061d28849350137707742278a885a044b6323d36b53e9ac416c5dd1aa8995fc6a6b0989b5735c4c08352017f696db49d335cf4073230e7994e611a

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
391dfa1753f0b238000986d6d742190a

SHA1
16ec72522652eca8d634699cabe2c64414935a13

SHA256
8216d3a5ced0988e96b5750601662f93b7411b687904ddaa12187e3493524e11

SHA512
b765ec0ae255436a4387856c87267fda0e0e198d8c526622b9055e17a6527739603ca8658e2e8065b0561de26cb67d98106ae05fd82688a8b4337191df5c67ce

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a45054dab3ad5f556a824c29d3bb682a

SHA1
8322b4001ce6b9c4efda6bf9f337ca7ba42498bd

SHA256
db928fccdafe681a1eb5919eff689aa982c332482d2268cacbacdccb8f39ddd4

SHA512
0025bd7aca22f760ca058e9a7817844d86e50a6b5ccdebac7e287c570d1082448dadb1f4a71f5ae63a91596b5576372160e210763198f18cb258ac834ee08489

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
51ab9b93cec0f017eb0809400b869493

SHA1
743cd576b95fef7eb5ced8185d1760aeab609063

SHA256
26bd5b13d28793cac0a5a6372f8395283ed25039e4c3e77b606edbd2daf9105f

SHA512
f03f0cf072baa4c812c8503d0643d3d1edb0943dd85329159f2f70149ab083f6537cddcf36c65f011bdfa9ea4e36db589359428a60c46398c3f0f9d764cdf913

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1360057c74650a890788f39169347615

SHA1
d90beeb7e7b12725a02ed03fd862b97b508de3ff

SHA256
c52a8761d867b0cf9246098e037f7f13b4a804ec6d8e2e043f436c7920dc2dd0

SHA512
37b379af8d6e3d5a014f71d43a82229d62b287e901b077d3a0b13b7a391c50c49e8e2f706ea59716457139985b9ba226b4f09c881aae98ac1fbd75e425974d47

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
64866621aafbc7969c99343135b91a92

SHA1
6289b37a05470fe1dc37d99cdc153768405eab9f

SHA256
a6c5c234ef300145730a200c7736323fb3ba67d40d9eb92318e8ae4341cbf104

SHA512
575290e4cdcc717796440389ade804a073c44ad576a019a702096806735b574e22d666f5ad3e42f40cd57e97c8bfdb627f12961c2d31676c489de13b96859f45

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a98a2ff6482e1a94da286658dbee7bbc

SHA1
f9e2a463a2e05cce06fae8973ad257403dc61602

SHA256
faac0e9babc7668c6d27984fd3216274f4fa0d91b01c23f69eedefb2475131fc

SHA512
f3b312d0540fa7f164097a9976b4d371f2898b4bf92006539a3eaabae564e6fa3ed9dcb558015f665fe278c9cd4b44e9fc22f8484663a892c88d3fbf166124b1

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
38d2d9703d521bceeb4530f7b9dc4a96

SHA1
c8b2b85a557ea1d890f6085fab25c41ed54e81a0

SHA256
eeeff50859bc665c836bd227e51c6e3e6dd596f4a825e5e7fc7f4a44e20a3087

SHA512
6523c7d09c8ccfe18a39cf6b9843165c262310a49a0d4d2eeb742925f59512d3990e5cca6f57571360f9881b11c9d0cc7b71ad1c8d34bc62b6e10189da819fea

Download Submit
/data/data/X.God.X/files/PersistedInstallation2064066581292460511tmp

Filesize
90B

MD5
f1b7257f737c1593a8defcf10423207d

SHA1
816ba2ce520f8db9444cc978efb38951bf2b5efe

SHA256
bbc75f682b2a7d7851b8f245eb378c73111fb0646fd6d5b528e639ca070de7bb

SHA512
9ae9d9c1fb592a45dcf51cc3b90065f68203efea8c338e75f3dc4b38c88afbb6ae949428a7e33911a599bb2410fee62793d662d7a61336a9a24bbb1a44a40bf2

Download Submit
/data/data/X.God.X/files/PersistedInstallation8908419383314553472tmp

Filesize
568B

MD5
2deb2c1c38d34ea30d0acdaf1c4bdcad

SHA1
59321155c33e3fc598631d36038051a68d953bf1

SHA256
3d2399963728436d0a340dbb18c1f70a57c87580b93c15a5f52b7db9a6281136

SHA512
0e52ec3d0f7e42b758121de2327b7bd5e01d4aac9c11afd730667f5b42b996a3308d6e09d9e4e181cf2cf74d99712a5d78b53d185e581533624ba3c27be9db7b

Download Submit