19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25

Analysis

max time kernel
71s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
26-08-2024 15:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25.apk
Size

2.8MB
MD5

a9c325de4633252138fb2892717feffd
SHA1

c6e2cecf49e761cae125c8a7f1469535cc71d5a6
SHA256

19390c5069814743cf75a979e733e54846b26c38fef6e6063d2127d8fcd6dc25
SHA512

52a665c9016c4351bb59ef3a215895132d2e879b46cf4d3977bc6ae550a450f65d7860f7d99665d174ef54a5846f81d7ed2269a333290b1617d89b87c8d5e995
SSDEEP

49152:DTbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMv0HDHN:DHy0mqTy2UU8ViQv+Mt54CjRFTeMvWHN

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

X.God.X

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener X.God.X
Acquires the wake lock 1 IoCs

Processes:

X.God.X

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock X.God.X
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

X.God.X

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

X.God.X

description ioc process

File opened for read /proc/meminfo X.God.X

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	X.God.X

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	X.God.X

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	X.God.X

description	ioc	process
File opened for read	/proc/meminfo	X.God.X

X.God.X
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4440

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
964e33710d12651dab01fa3c42681e6e

SHA1
331bd1761739886b9f587761d37354082ffc3fdc

SHA256
980b9fdb8bdb5fe3ca00e7e28d35fc7494844bd864e892896dbdbd3a6bee81d3

SHA512
8d107d7455e13d726e69c273903511b7073b3cf65e46b35ef0fa0c77998a369364e168b9472d35a067bedeed7eea0a0d7b6545caaa5425e7b2c6ac2483aa4ab5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
382f1a71aa5fffa523b49b49e121f1ef

SHA1
595ffd937e01653acfcd5d47a44f35068c2df8ea

SHA256
031eeb161c8069dbd40ab5d35a2ee427f7cebb1a9cd580e954e0eb8d4e068b2f

SHA512
646ca6e657b78995fb2806d22947ccef8bb5b026aa74789c0bc01bdcacac7aed80197cbf6761ace37ccf19293f6112efce7f018db6ea66fdf38c553932aeb5f5

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f97c95f4fb5169679dd777fdb9a62dc4

SHA1
bd9cc8aabade0a80d86a4765746e7f01f8daf019

SHA256
bb1635596e21fa253d377f44566c6d8706a2f8cefe11726b784e1d0f1a6e911e

SHA512
771ea9020e28b947a1675ffd781b664d148bba9cb685db79e3c1e61e75d881a4febfe939843e40cf87cd30805cac403adf33aa4341dec1243d15eced8cf3a5bc

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c5fbf9fd8901202be43aaeaf5305914b

SHA1
dd9d554d4ad4f494c46c61d9db49daba98795b33

SHA256
8ad33de135e933c02475ae549d3b189b4ea7c661a748da2604c1cf150c66b8d0

SHA512
6542660634e164e15318b6c6ec9efbcd7975286be6ec61625f7b226e9d975c6c7e694b4a0aff32566b66f06a9967d4dbf7d35f3cdd7f739c0e3ce4b0dd7c2217

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c81f5a695d9f91e770dedf283147ceed

SHA1
98745378b8aef366c067076af97f461b48aa1074

SHA256
c649ae66ef279db795aa50231774b17ec5f761f9d92b11faca0a07ae83295cb1

SHA512
64d795860641c4fb797a25a451844fceac0b4af37c70405c71543307b9fe55d3540f1826de3cd340a4ee8c633e4d35c4074955090109d8b032a5ade163731f4f

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6748c428a317c7a953ead6e9fdffdfdf

SHA1
fb2d44428f01e20396a1fe7b298af3a4f8a8e90f

SHA256
0833c3eabba889e319268e9e4295a93439c7c2e5753b3d77bab9f6605bac520c

SHA512
5d0cba15fc4903fcb0544d4cb1f10e8daa3b1255b04d41aa0400ed315e497ecdcf4450406c7bcf3918c21dc78e907b8b2c263c8da88ff5b3fb5a215e7cc312d3

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
7877a4b7014769c45a32a9da51715831

SHA1
6fa4ce7fd9b4aae56781f1ea008af88518578d10

SHA256
b15bc01afc25ccc8894bbecd59389f46517c1ce9513058dec98a50649fc5fa7e

SHA512
40198e1bc20202c288a9f0071bc9cf9e1f08669ecfcab60a7da2b5d203d20785997fd4bafe688b149eccc969a34600d486e7753ba3b2dc53fab9032b0f9b8982

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6524c3021c8b31225bfeaebd1818ae44

SHA1
cd204b6ae0a12016670c177f31804b81434f7e61

SHA256
0fb464bd90230b2cacf5c1a94f935d0b0ad89f09545c89bf5640e2985416358a

SHA512
3a232baa2613b99959b73b76e741c45b9c2c262cb02f88260fc69232d5db367d027420d21bced2d9e4561a3e8af4cdd8a87bc8e0ce54dd0ec9b221f6e1c9b477

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
0b2235e7beb549f4ea9b5dd47192803d

SHA1
fe065683f9f2a0b58ee0167581045bfc546fc2a5

SHA256
9eba153886109e391b351ea0769a3570ef6b20f03fa1e7538d8d6f4b93f07b5b

SHA512
f1a44adcaa22891a2a5694c081e8942a1d66de8ba34a487340c9b191aa20889709d7326bea66aea0bed462b87017d2cdd1b3bc9c5ec9a3312ca5e4d71904cc4b

Download Submit
/data/data/X.God.X/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
2d8e374f87f24dde06e7486350715929

SHA1
c9a510d4ae857d0fe6b83c0263a97a5e09dd3889

SHA256
f6d3c54bdb312dee148bfba805f776eced7b7468969f37f891b753b6ae0acb0a

SHA512
52ed9d37b4c0a116976b06d69b26aaf277d83d05d2a52b76460feca00262d30c1ef994562456487d0d2f726db6200f70695939ba4db9102f91cec1a6032690d3

Download Submit
/data/data/X.God.X/files/PersistedInstallation1585651242647308994tmp

Filesize
567B

MD5
f0948e155f8125bc1ff975adf3d07419

SHA1
949052d12f49837b4ec977ed47b4c2b3c9b08861

SHA256
7d3d6b63c0c1bbe94054fc6ed4fffab7e46ddafcbc51ab78d5c76cb52b69ac9c

SHA512
333f945906da2d4e7c2676a2c83f737b8c327f88df7ed73bd3ee3337d85ae6b7fd649dfbfd1fe00bde5425b85e6e5642e4c75a1c29615fd0259814a0f69750ce

Download Submit
/data/data/X.God.X/files/PersistedInstallation9116156573093845975tmp

Filesize
90B

MD5
30f87fb5b934a738b34566e2efbbe3e9

SHA1
2bc777dae9ee687a77fddf28556408fa847f6b39

SHA256
a87412d596f8e9a7d0a7d14baafe03196f4cde9f11edc302d070c375821e7595

SHA512
b0c4323ac54c8518c7d255579a95e5ebd6aa0c3e5ac95718b701d82141a8d5dae4fd93679a40b954e52e005d513f5c8964373f7d2b6dcbbd30d917c146016e47

Download Submit