47e3d1992aa9f0c69d4d97040021430deb4afea04af702e966142ef3c267a75a

Analysis

max time kernel
1807541s
max time network
165s
platform
android_x64
resource
android-x64-arm64-20230621-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20230621-enlocale:en-usos:android-11-x64system
submitted
19/07/2023, 01:21 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

53762a15403a02f3197196f879e99a2a.apk
Size

263KB
MD5

53762a15403a02f3197196f879e99a2a
SHA1

9c9ea161dcbe04b733cea8d569d1a2465d043108
SHA256

47e3d1992aa9f0c69d4d97040021430deb4afea04af702e966142ef3c267a75a
SHA512

90e4e6ffc6465d8ffa1b776eccae37a95ac09cc8536057f253762afd7a3f314bef3044e28253970475a0e0f63c0c379b9b59c28608dfaa9ab7064a40ae882dc4
SSDEEP

6144:Z2freVcdX7IdxUdk1zPw3eIcKCLp8clz9LO/ufNINx90gE:sreVKX7pdoPw3fcHLCclJLeufc9w

Score

1^/10

Malware Config

Signatures

ahmyth.mine.king.ahmyth
1⤵
PID:4379

Network

DNS

infinitedata-pa.googleapis.com

Remote address:

1.1.1.1:53

Request

infinitedata-pa.googleapis.com

IN A
DNS

infinitedata-pa.googleapis.com

Remote address:

1.1.1.1:53

Request

infinitedata-pa.googleapis.com

IN A
DNS

ssl.google-analytics.com

Remote address:

1.1.1.1:53

Request

ssl.google-analytics.com

IN A

Response

ssl.google-analytics.com

IN A

216.58.208.104
DNS

infinitedata-pa.googleapis.com

Remote address:

1.1.1.1:53

Request

infinitedata-pa.googleapis.com

IN A
DNS

infinitedata-pa.googleapis.com

Remote address:

1.1.1.1:53

Request

infinitedata-pa.googleapis.com

IN A
DNS

infinitedata-pa.googleapis.com

Remote address:

1.1.1.1:53

Request

infinitedata-pa.googleapis.com

IN A

Response

infinitedata-pa.googleapis.com

IN A

142.250.179.138

infinitedata-pa.googleapis.com

IN A

142.251.39.106

infinitedata-pa.googleapis.com

IN A

142.250.179.202

infinitedata-pa.googleapis.com

IN A

216.58.214.10

infinitedata-pa.googleapis.com

IN A

142.251.36.42

infinitedata-pa.googleapis.com

IN A

142.251.36.10

infinitedata-pa.googleapis.com

IN A

216.58.208.106

infinitedata-pa.googleapis.com

IN A

172.217.168.202

infinitedata-pa.googleapis.com

IN A

142.250.179.170

infinitedata-pa.googleapis.com

IN A

172.217.23.202

infinitedata-pa.googleapis.com

IN A

172.217.168.234
DNS

accounts.google.com

Remote address:

1.1.1.1:53

Request

accounts.google.com

IN A
DNS

accounts.google.com

Remote address:

1.1.1.1:53

Request

accounts.google.com

IN A
DNS

accounts.google.com

Remote address:

1.1.1.1:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.251.39.109
DNS

owthklaoig

Remote address:

1.1.1.1:53

Request

owthklaoig

IN A
DNS

owthklaoig

Remote address:

1.1.1.1:53

Request

owthklaoig

IN A
DNS

pyenpwirbfcnh

Remote address:

1.1.1.1:53

Request

pyenpwirbfcnh

IN A
DNS

pyenpwirbfcnh

Remote address:

1.1.1.1:53

Request

pyenpwirbfcnh

IN A
DNS

cptxgwpttrqzqx

Remote address:

1.1.1.1:53

Request

cptxgwpttrqzqx

IN A

Response
DNS

pyenpwirbfcnh

Remote address:

1.1.1.1:53

Request

pyenpwirbfcnh

IN A
DNS

pyenpwirbfcnh

Remote address:

1.1.1.1:53

Request

pyenpwirbfcnh

IN A
DNS

owthklaoig

Remote address:

1.1.1.1:53

Request

owthklaoig

IN A

Response
DNS

update.googleapis.com

Remote address:

1.1.1.1:53

Request

update.googleapis.com

IN A
DNS

update.googleapis.com

Remote address:

1.1.1.1:53

Request

update.googleapis.com

IN A
DNS

update.googleapis.com

Remote address:

1.1.1.1:53

Request

update.googleapis.com

IN A
DNS

update.googleapis.com

Remote address:

1.1.1.1:53

Request

update.googleapis.com

IN A
DNS

update.googleapis.com

Remote address:

1.1.1.1:53

Request

update.googleapis.com

IN A

Response

update.googleapis.com

IN A

142.251.36.35
DNS

update.googleapis.com

Remote address:

1.1.1.1:53

Request

update.googleapis.com

IN A
DNS

update.googleapis.com

Remote address:

1.1.1.1:53

Request

update.googleapis.com

IN A
POST

http://update.googleapis.com/service/update2/json?cup2key=10:4251839629&cup2hreq=9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5

Remote address:

142.251.36.35:80

Request

POST /service/update2/json?cup2key=10:4251839629&cup2hreq=9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5 HTTP/1.1
Host: update.googleapis.com
Connection: keep-alive
Content-Length: 1314
X-Goog-Update-AppId: gcmjkmgdlgnkkcocmoeiminaijmmjnii,hfnkpimlhhgieaddgfemjhofmfblmnib,llkgjffcdpffmhiakmfcdcblohccpfmo,khaoiebndkojlmppeemjhbpbandiljpe,giekcmmlnklenlaomppkphknjmnnpneh,jflookgnkcckhobaglndicnbbgbonegd,ggkkehgbnfjpeggfpleeakpidbkibbmn,bklopemakmnopmghhmccadeonafabnal
X-Goog-Update-Interactivity: bg
X-Goog-Update-Updater: chrome-83.0.4103.106
Content-Type: application/json
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK

Content-Security-Policy: script-src 'report-sample' 'nonce-PGux-VjQPGl-_Xn6YOTgdg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Wed, 19 Jul 2023 01:24:00 GMT
X-Cup-Server-Proof: 304502201ffd601e77c399029240ed84d497b6d45dc12091b34ce9e27a0dce1f87032a67022100cb774b00df3a63f0d937d705ab3003384acb6f9dbc59c721f2cb5d41cc160319:9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5
ETag: W/"304502201ffd601e77c399029240ed84d497b6d45dc12091b34ce9e27a0dce1f87032a67022100cb774b00df3a63f0d937d705ab3003384acb6f9dbc59c721f2cb5d41cc160319:9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5"
Content-Type: application/json; charset=utf-8
X-Daynum: 6042
X-Daystart: 66240
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 1932
Server: GSE
DNS

edgedl.me.gvt1.com

Remote address:

1.1.1.1:53

Request

edgedl.me.gvt1.com

IN A
DNS

edgedl.me.gvt1.com

Remote address:

1.1.1.1:53

Request

edgedl.me.gvt1.com

IN A

Response

edgedl.me.gvt1.com

IN A

34.104.35.123
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/fessmlfzcgvxcvvlvzjb5y3pia_9.46.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.46.0_all_j3wc2ia5cvmxcar5vj37bzshkm.crx3

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/fessmlfzcgvxcvvlvzjb5y3pia_9.46.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.46.0_all_j3wc2ia5cvmxcar5vj37bzshkm.crx3 HTTP/1.1
Host: edgedl.me.gvt1.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
content-length: 35135
x-request-id: 0d64b155-b7cb-4942-840a-7eae87be637a
date: Tue, 18 Jul 2023 06:27:22 GMT
age: 68199
last-modified: Mon, 10 Jul 2023 21:00:47 GMT
etag: "180aa2e"
content-type: application/octet-stream
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server

172.217.23.206:443

tls, https

695 B
40 B
1
1
172.217.23.206:443

tls, https

695 B
40 B
1
1
172.217.23.206:443

android.apis.google.com

tls

5.3kB
8.7kB
21
21
172.217.23.206:443

android.apis.google.com

tls

1.7kB
5.9kB
9
8
216.58.208.104:443

ssl.google-analytics.com

tls

1.2kB
5.6kB
7
5
142.250.179.138:443

infinitedata-pa.googleapis.com

tls

897 B
5.4kB
10
7
142.251.39.109:443

accounts.google.com

tls

2.0kB
7.2kB
17
13
142.251.36.35:80

http://update.googleapis.com/service/update2/json?cup2key=10:4251839629&cup2hreq=9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5

http

2.4kB
3.3kB
6
5

HTTP Request

POST http://update.googleapis.com/service/update2/json?cup2key=10:4251839629&cup2hreq=9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5

HTTP Response

200
34.104.35.123:80

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/fessmlfzcgvxcvvlvzjb5y3pia_9.46.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.46.0_all_j3wc2ia5cvmxcar5vj37bzshkm.crx3

http

869 B
36.1kB
9
8

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/fessmlfzcgvxcvvlvzjb5y3pia_9.46.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.46.0_all_j3wc2ia5cvmxcar5vj37bzshkm.crx3

HTTP Response

200

224.0.0.251:5353

4.1kB
12
1.1.1.1:53

infinitedata-pa.googleapis.com

dns

152 B
2

DNS Request

infinitedata-pa.googleapis.com

DNS Request

infinitedata-pa.googleapis.com
1.1.1.1:53

ssl.google-analytics.com

dns

70 B
86 B
1
1

DNS Request

ssl.google-analytics.com

DNS Response

216.58.208.104
1.1.1.1:53

infinitedata-pa.googleapis.com

dns

152 B
2

DNS Request

infinitedata-pa.googleapis.com

DNS Request

infinitedata-pa.googleapis.com
1.1.1.1:53

infinitedata-pa.googleapis.com

dns

76 B
252 B
1
1

DNS Request

infinitedata-pa.googleapis.com

DNS Response

142.250.179.138

142.251.39.106

142.250.179.202

216.58.214.10

142.251.36.42

142.251.36.10

216.58.208.106

172.217.168.202

142.250.179.170

172.217.23.202

172.217.168.234
1.1.1.1:53

accounts.google.com

dns

65 B
1

DNS Request

accounts.google.com
1.1.1.1:53

accounts.google.com

dns

65 B
1

DNS Request

accounts.google.com
1.1.1.1:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.251.39.109
1.1.1.1:53

owthklaoig

dns

112 B
2

DNS Request

owthklaoig

DNS Request

owthklaoig
1.1.1.1:53

pyenpwirbfcnh

dns

118 B
2

DNS Request

pyenpwirbfcnh

DNS Request

pyenpwirbfcnh
1.1.1.1:53

cptxgwpttrqzqx

dns

60 B
135 B
1
1

DNS Request

cptxgwpttrqzqx
1.1.1.1:53

pyenpwirbfcnh

dns

118 B
2

DNS Request

pyenpwirbfcnh

DNS Request

pyenpwirbfcnh
1.1.1.1:53

owthklaoig

dns

56 B
131 B
1
1

DNS Request

owthklaoig
1.1.1.1:53

update.googleapis.com

dns

67 B
1

DNS Request

update.googleapis.com
1.1.1.1:53

update.googleapis.com

dns

67 B
1

DNS Request

update.googleapis.com
1.1.1.1:53

update.googleapis.com

dns

134 B
2

DNS Request

update.googleapis.com

DNS Request

update.googleapis.com
1.1.1.1:53

update.googleapis.com

dns

67 B
83 B
1
1

DNS Request

update.googleapis.com

DNS Response

142.251.36.35
1.1.1.1:53

update.googleapis.com

dns

67 B
1

DNS Request

update.googleapis.com
1.1.1.1:53

update.googleapis.com

dns

67 B
1

DNS Request

update.googleapis.com
1.1.1.1:53

edgedl.me.gvt1.com

dns

64 B
1

DNS Request

edgedl.me.gvt1.com
1.1.1.1:53

edgedl.me.gvt1.com

dns

64 B
80 B
1
1

DNS Request

edgedl.me.gvt1.com

DNS Response

34.104.35.123

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.