Analysis
-
max time kernel
1807541s -
max time network
165s -
platform
android_x64 -
resource
android-x64-arm64-20230621-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20230621-enlocale:en-usos:android-11-x64system -
submitted
19/07/2023, 01:21 UTC
Behavioral task
behavioral1
Sample
53762a15403a02f3197196f879e99a2a.apk
Resource
android-x86-arm-20230621-en
Behavioral task
behavioral2
Sample
53762a15403a02f3197196f879e99a2a.apk
Resource
android-x64-20230621-en
Behavioral task
behavioral3
Sample
53762a15403a02f3197196f879e99a2a.apk
Resource
android-x64-arm64-20230621-en
General
-
Target
53762a15403a02f3197196f879e99a2a.apk
-
Size
263KB
-
MD5
53762a15403a02f3197196f879e99a2a
-
SHA1
9c9ea161dcbe04b733cea8d569d1a2465d043108
-
SHA256
47e3d1992aa9f0c69d4d97040021430deb4afea04af702e966142ef3c267a75a
-
SHA512
90e4e6ffc6465d8ffa1b776eccae37a95ac09cc8536057f253762afd7a3f314bef3044e28253970475a0e0f63c0c379b9b59c28608dfaa9ab7064a40ae882dc4
-
SSDEEP
6144:Z2freVcdX7IdxUdk1zPw3eIcKCLp8clz9LO/ufNINx90gE:sreVKX7pdoPw3fcHLCclJLeufc9w
Malware Config
Signatures
Network
-
Remote address:1.1.1.1:53Requestinfinitedata-pa.googleapis.comIN A
-
Remote address:1.1.1.1:53Requestinfinitedata-pa.googleapis.comIN A
-
Remote address:1.1.1.1:53Requestssl.google-analytics.comIN AResponsessl.google-analytics.comIN A216.58.208.104
-
Remote address:1.1.1.1:53Requestinfinitedata-pa.googleapis.comIN A
-
Remote address:1.1.1.1:53Requestinfinitedata-pa.googleapis.comIN A
-
Remote address:1.1.1.1:53Requestinfinitedata-pa.googleapis.comIN AResponseinfinitedata-pa.googleapis.comIN A142.250.179.138infinitedata-pa.googleapis.comIN A142.251.39.106infinitedata-pa.googleapis.comIN A142.250.179.202infinitedata-pa.googleapis.comIN A216.58.214.10infinitedata-pa.googleapis.comIN A142.251.36.42infinitedata-pa.googleapis.comIN A142.251.36.10infinitedata-pa.googleapis.comIN A216.58.208.106infinitedata-pa.googleapis.comIN A172.217.168.202infinitedata-pa.googleapis.comIN A142.250.179.170infinitedata-pa.googleapis.comIN A172.217.23.202infinitedata-pa.googleapis.comIN A172.217.168.234
-
Remote address:1.1.1.1:53Requestaccounts.google.comIN A
-
Remote address:1.1.1.1:53Requestaccounts.google.comIN A
-
Remote address:1.1.1.1:53Requestaccounts.google.comIN AResponseaccounts.google.comIN A142.251.39.109
-
Remote address:1.1.1.1:53RequestowthklaoigIN A
-
Remote address:1.1.1.1:53RequestowthklaoigIN A
-
Remote address:1.1.1.1:53RequestpyenpwirbfcnhIN A
-
Remote address:1.1.1.1:53RequestpyenpwirbfcnhIN A
-
Remote address:1.1.1.1:53RequestcptxgwpttrqzqxIN AResponse
-
Remote address:1.1.1.1:53RequestpyenpwirbfcnhIN A
-
Remote address:1.1.1.1:53RequestpyenpwirbfcnhIN A
-
Remote address:1.1.1.1:53RequestowthklaoigIN AResponse
-
Remote address:1.1.1.1:53Requestupdate.googleapis.comIN A
-
Remote address:1.1.1.1:53Requestupdate.googleapis.comIN A
-
Remote address:1.1.1.1:53Requestupdate.googleapis.comIN A
-
Remote address:1.1.1.1:53Requestupdate.googleapis.comIN A
-
Remote address:1.1.1.1:53Requestupdate.googleapis.comIN AResponseupdate.googleapis.comIN A142.251.36.35
-
Remote address:1.1.1.1:53Requestupdate.googleapis.comIN A
-
Remote address:1.1.1.1:53Requestupdate.googleapis.comIN A
-
POSThttp://update.googleapis.com/service/update2/json?cup2key=10:4251839629&cup2hreq=9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5Remote address:142.251.36.35:80RequestPOST /service/update2/json?cup2key=10:4251839629&cup2hreq=9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5 HTTP/1.1
Host: update.googleapis.com
Connection: keep-alive
Content-Length: 1314
X-Goog-Update-AppId: gcmjkmgdlgnkkcocmoeiminaijmmjnii,hfnkpimlhhgieaddgfemjhofmfblmnib,llkgjffcdpffmhiakmfcdcblohccpfmo,khaoiebndkojlmppeemjhbpbandiljpe,giekcmmlnklenlaomppkphknjmnnpneh,jflookgnkcckhobaglndicnbbgbonegd,ggkkehgbnfjpeggfpleeakpidbkibbmn,bklopemakmnopmghhmccadeonafabnal
X-Goog-Update-Interactivity: bg
X-Goog-Update-Updater: chrome-83.0.4103.106
Content-Type: application/json
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Wed, 19 Jul 2023 01:24:00 GMT
X-Cup-Server-Proof: 304502201ffd601e77c399029240ed84d497b6d45dc12091b34ce9e27a0dce1f87032a67022100cb774b00df3a63f0d937d705ab3003384acb6f9dbc59c721f2cb5d41cc160319:9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5
ETag: W/"304502201ffd601e77c399029240ed84d497b6d45dc12091b34ce9e27a0dce1f87032a67022100cb774b00df3a63f0d937d705ab3003384acb6f9dbc59c721f2cb5d41cc160319:9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5"
Content-Type: application/json; charset=utf-8
X-Daynum: 6042
X-Daystart: 66240
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 1932
Server: GSE
-
Remote address:1.1.1.1:53Requestedgedl.me.gvt1.comIN A
-
Remote address:1.1.1.1:53Requestedgedl.me.gvt1.comIN AResponseedgedl.me.gvt1.comIN A34.104.35.123
-
GEThttp://edgedl.me.gvt1.com/edgedl/release2/chrome_component/fessmlfzcgvxcvvlvzjb5y3pia_9.46.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.46.0_all_j3wc2ia5cvmxcar5vj37bzshkm.crx3Remote address:34.104.35.123:80RequestGET /edgedl/release2/chrome_component/fessmlfzcgvxcvvlvzjb5y3pia_9.46.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.46.0_all_j3wc2ia5cvmxcar5vj37bzshkm.crx3 HTTP/1.1
Host: edgedl.me.gvt1.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 200 OK
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
content-length: 35135
x-request-id: 0d64b155-b7cb-4942-840a-7eae87be637a
date: Tue, 18 Jul 2023 06:27:22 GMT
age: 68199
last-modified: Mon, 10 Jul 2023 21:00:47 GMT
etag: "180aa2e"
content-type: application/octet-stream
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
-
695 B 40 B 1 1
-
695 B 40 B 1 1
-
5.3kB 8.7kB 21 21
-
1.7kB 5.9kB 9 8
-
1.2kB 5.6kB 7 5
-
897 B 5.4kB 10 7
-
2.0kB 7.2kB 17 13
-
142.251.36.35:80http://update.googleapis.com/service/update2/json?cup2key=10:4251839629&cup2hreq=9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5http2.4kB 3.3kB 6 5
HTTP Request
POST http://update.googleapis.com/service/update2/json?cup2key=10:4251839629&cup2hreq=9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5HTTP Response
200 -
34.104.35.123:80http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/fessmlfzcgvxcvvlvzjb5y3pia_9.46.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.46.0_all_j3wc2ia5cvmxcar5vj37bzshkm.crx3http869 B 36.1kB 9 8
HTTP Request
GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/fessmlfzcgvxcvvlvzjb5y3pia_9.46.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.46.0_all_j3wc2ia5cvmxcar5vj37bzshkm.crx3HTTP Response
200
-
4.1kB 12
-
152 B 2
DNS Request
infinitedata-pa.googleapis.com
DNS Request
infinitedata-pa.googleapis.com
-
70 B 86 B 1 1
DNS Request
ssl.google-analytics.com
DNS Response
216.58.208.104
-
152 B 2
DNS Request
infinitedata-pa.googleapis.com
DNS Request
infinitedata-pa.googleapis.com
-
76 B 252 B 1 1
DNS Request
infinitedata-pa.googleapis.com
DNS Response
142.250.179.138142.251.39.106142.250.179.202216.58.214.10142.251.36.42142.251.36.10216.58.208.106172.217.168.202142.250.179.170172.217.23.202172.217.168.234
-
65 B 1
DNS Request
accounts.google.com
-
65 B 1
DNS Request
accounts.google.com
-
65 B 81 B 1 1
DNS Request
accounts.google.com
DNS Response
142.251.39.109
-
112 B 2
DNS Request
owthklaoig
DNS Request
owthklaoig
-
118 B 2
DNS Request
pyenpwirbfcnh
DNS Request
pyenpwirbfcnh
-
60 B 135 B 1 1
DNS Request
cptxgwpttrqzqx
-
118 B 2
DNS Request
pyenpwirbfcnh
DNS Request
pyenpwirbfcnh
-
56 B 131 B 1 1
DNS Request
owthklaoig
-
67 B 1
DNS Request
update.googleapis.com
-
67 B 1
DNS Request
update.googleapis.com
-
134 B 2
DNS Request
update.googleapis.com
DNS Request
update.googleapis.com
-
67 B 83 B 1 1
DNS Request
update.googleapis.com
DNS Response
142.251.36.35
-
67 B 1
DNS Request
update.googleapis.com
-
67 B 1
DNS Request
update.googleapis.com
-
64 B 1
DNS Request
edgedl.me.gvt1.com
-
64 B 80 B 1 1
DNS Request
edgedl.me.gvt1.com
DNS Response
34.104.35.123