19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25

Analysis

max time kernel
19s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
26-08-2024 15:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25.apk
Size

2.8MB
MD5

a9c325de4633252138fb2892717feffd
SHA1

c6e2cecf49e761cae125c8a7f1469535cc71d5a6
SHA256

19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25
SHA512

52a665c9016c4351bb59ef3a215895132d2e879b46cf4d3977bc6ae550a450f65d7860f7d99665d174ef54a5846f81d7ed2269a333290b1617d89b87c8d5e995
SSDEEP

49152:DTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMv0HDHN:DHy0mqTy2UU8ViQv+Mt54CjRFTeMvWHN

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

X.God.X

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone X.God.X
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

X.God.X

description ioc process

Framework service call android.app.IActivityManager.registerReceiver X.God.X
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	X.God.X

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4253

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
cd3e21b6913de650dcdce2267b1e9d34

SHA1
aee8f8c496378b8cf921d473eaa67d14358fd76e

SHA256
3c788324b02104b151beaa3bf91166ebcfa8d0d57377d4551da944c1d9cc07a0

SHA512
b43bfa6a4f4458aaca52bff32e7079e91cf3b607f2759544002ab636e744e39e85208c2573b00d036ee513c5684b7bf6d660df7801ccff76ad5e5b1fa27aca5e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
985014c1db98dc6d1f950f20b512d230

SHA1
93afd9d1d6ae1f6824ff8e6f0f0e21ca0806c79d

SHA256
adaed73bbc174109bb5b9421d946f5205356d842bc93b57b82083f6db0ae63fc

SHA512
8a771d7de5903ffce0a0f48ff6b926d4c327168785ae533c36a272b43a9fb3256085a3e56eb3b2c2437d1d91a6d2ed1bf1fe9c05759bca0a6098f329d440265e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fa6e4e5a2e293d1cbe81372f70ce0e04

SHA1
07aaa1388abd3121a56c6d2f5c1fc957864c1b4f

SHA256
096de785d647c06f866f8aca04037ddb7b785c4220d435bf1ff722b7fa369451

SHA512
dd29c40b3767d9133c5103a4facc82945401aad993755cd440081e09c436872f1d7ec7fc99a447c0b74d8897bd9900e2d5d350e68018aab08d0af4fca76d1998

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3428e78ef2c28b245b8f7f05c2f4b7c4

SHA1
0a415bf4e40d6db4eba18b8c56b36cd9a70fb028

SHA256
324fc5c51ccc1835151107a06c70adbeba0402b02a75f46895dc413c24b34959

SHA512
ef631c37c67b4679b170a8c00354fd0817e84f0bf221edf208681aa6b8a8b9e6541e93a4b44fe49b52c1d4efc5c4443cc0d04ec24b3a46a3d1a89f7275fb164f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
ddd3c2560bab5a34115208bc29937624

SHA1
23aa2ff16b1488c4385e24db24534f27c914b54d

SHA256
a9fc754c50b592972762565ea83bb9f36c7bda1e302302f52157280653fd2024

SHA512
94279a1bb9b906b156bc3a899036935d2b0fa56dae70f6403d0d24d834ace32ee55abd0fc117b17aaab3dacd60cdf360a914d494621b749a74daff34fabc95fe

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
00e3e648870af20652901044e957bb13

SHA1
a1d850ee76f1ab65e21c0574ad55b92319e73bc7

SHA256
c2f8c9f7cdf46a1baadbfbe763cf558811881a8e0e300d2c7975042c87d19a3a

SHA512
d82696e099237beb14935240863acf587943bcec17b3df5eba0bf02f03c1a2db07b0d0a4634592642b8207076064a91cd7d5af6c59bf13573b929188712fbe9f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c811532c4a431f74fcd900dda9479946

SHA1
bebdc0ff45af52db30aa6d7db6f4ce79b977a5f6

SHA256
2147d7e679ab034faec3d14a54229efb1f2035f3c175dbbc4d520a355a61f6fe

SHA512
9a0886902886bf826da26993eff3afe1806988e08ef243b4453f2d099328d8eb5bad37ff6f4d33a979f80399e66c20e1b45a4fb5f03514505fe6b914df7e570d

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
60aee7961fb90b207f87bac453289335

SHA1
0f2c07f5840d9675feca8e4b034c18708365b733

SHA256
f9a847cdac0183a0bd21e58e1bf0569d32d7748411b4079792536fd366a35894

SHA512
7eecfa00c048259910c3ef01266fba751d4054b27d2f17db54f212703be153c6cfd4f4d23edae3110543755543317e3e2ef2e0b3eee89b929bbd9fa0ebe69ac3

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
935f67d2750054cf045e8ba662387f23

SHA1
ccfa938ebc4a2af138711ef3e418d65bbaba6906

SHA256
725a4827b3c423874be34f494efe4be624fe806da2969678bcebcfe92a84fba1

SHA512
6af7fbf664669c475320904aafa7eb76f3623e5e61510ff7b1535b09cc0d203daa7391217875dc4b43f9bfd5cbd2b1b1158dbe7a257ab615759c6a5dc827cd59

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
b6cef4ee6303ea80d9d4ef516d590b8f

SHA1
c54b4ea8bd586282d9ea14d918490e8f8fd72694

SHA256
49f4d2142238c97c9f33eabca5341d54fce63ec8fe1871c01ab070c95bc6e394

SHA512
7501480d1839f9d47989c77c96ab5d611106b58fc08aaf89ac5f8ca22ad1183b16fd29b4f8c32f6564f2778e7023084af99bb7a13322ea01e0b3e8e5f2b2d8d2

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
76f8de3e3ea0e3f0acfd409a2deaf36f

SHA1
4ca0a632f29876759a6f302a27b6e042720928b0

SHA256
4365227366cebbd11a71e56289817655660b2fc896af430a66790a9d22958092

SHA512
d8c980634b5dea1d2b1bac9052f7bd720fb64150e5b66849d6fba4645c8bee179a455ced6f70884106daeecf3a9954f8feabd5de1a64c89c094f7da5d0595eb3

Download Submit
/data/data/X.God.X/files/PersistedInstallation4784604170062909465tmp

Filesize
90B

MD5
4268874075565644356d0569fdd8af19

SHA1
52c70c269dbf0c498196917b6e9b365f0069fb1b

SHA256
499e1bf20e2d4f576a59355be654d8cb92854424721dd99be1454e551417a653

SHA512
d850ecfd2099d170f27a8f854968dae48c8a7d65444d54fefb9508b7a319239f2bc3d72c03b23407d70ddbcfc5e83a27e760e4631afc9946999ace275af39b58

Download Submit
/data/data/X.God.X/files/PersistedInstallation9175549125434759951tmp

Filesize
566B

MD5
7f349a7c6f4de9981ba266d3df1eda50

SHA1
458bfe80361171c0428695f64b0af4d94c7e092b

SHA256
e37ca1d95943f3ce25a81c73d986493c6e3e6d1c93b08ece04043c6a3df0ff95

SHA512
01b919d32c9817178ceb39dfad80e60d40b12f90ae05bdaf7a89db11a09dfaeb33a7fb796849163db542745e7febaa94f9c4294a3f5ce51b75d2f3ed2250e1b4

Download Submit