Analysis

  • max time kernel
    1807541s
  • max time network
    165s
  • platform
    android_x64
  • resource
    android-x64-arm64-20230621-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20230621-enlocale:en-usos:android-11-x64system
  • submitted
    19/07/2023, 01:21 UTC

General

  • Target

    53762a15403a02f3197196f879e99a2a.apk

  • Size

    263KB

  • MD5

    53762a15403a02f3197196f879e99a2a

  • SHA1

    9c9ea161dcbe04b733cea8d569d1a2465d043108

  • SHA256

    47e3d1992aa9f0c69d4d97040021430deb4afea04af702e966142ef3c267a75a

  • SHA512

    90e4e6ffc6465d8ffa1b776eccae37a95ac09cc8536057f253762afd7a3f314bef3044e28253970475a0e0f63c0c379b9b59c28608dfaa9ab7064a40ae882dc4

  • SSDEEP

    6144:Z2freVcdX7IdxUdk1zPw3eIcKCLp8clz9LO/ufNINx90gE:sreVKX7pdoPw3fcHLCclJLeufc9w

Score
1/10

Malware Config

Signatures

Processes

  • ahmyth.mine.king.ahmyth
    1⤵
      PID:4379

    Network

    • flag-us
      DNS
      infinitedata-pa.googleapis.com
      Remote address:
      1.1.1.1:53
      Request
      infinitedata-pa.googleapis.com
      IN A
    • flag-us
      DNS
      infinitedata-pa.googleapis.com
      Remote address:
      1.1.1.1:53
      Request
      infinitedata-pa.googleapis.com
      IN A
    • flag-us
      DNS
      ssl.google-analytics.com
      Remote address:
      1.1.1.1:53
      Request
      ssl.google-analytics.com
      IN A
      Response
      ssl.google-analytics.com
      IN A
      216.58.208.104
    • flag-us
      DNS
      infinitedata-pa.googleapis.com
      Remote address:
      1.1.1.1:53
      Request
      infinitedata-pa.googleapis.com
      IN A
    • flag-us
      DNS
      infinitedata-pa.googleapis.com
      Remote address:
      1.1.1.1:53
      Request
      infinitedata-pa.googleapis.com
      IN A
    • flag-us
      DNS
      infinitedata-pa.googleapis.com
      Remote address:
      1.1.1.1:53
      Request
      infinitedata-pa.googleapis.com
      IN A
      Response
      infinitedata-pa.googleapis.com
      IN A
      142.250.179.138
      infinitedata-pa.googleapis.com
      IN A
      142.251.39.106
      infinitedata-pa.googleapis.com
      IN A
      142.250.179.202
      infinitedata-pa.googleapis.com
      IN A
      216.58.214.10
      infinitedata-pa.googleapis.com
      IN A
      142.251.36.42
      infinitedata-pa.googleapis.com
      IN A
      142.251.36.10
      infinitedata-pa.googleapis.com
      IN A
      216.58.208.106
      infinitedata-pa.googleapis.com
      IN A
      172.217.168.202
      infinitedata-pa.googleapis.com
      IN A
      142.250.179.170
      infinitedata-pa.googleapis.com
      IN A
      172.217.23.202
      infinitedata-pa.googleapis.com
      IN A
      172.217.168.234
    • flag-us
      DNS
      accounts.google.com
      Remote address:
      1.1.1.1:53
      Request
      accounts.google.com
      IN A
    • flag-us
      DNS
      accounts.google.com
      Remote address:
      1.1.1.1:53
      Request
      accounts.google.com
      IN A
    • flag-us
      DNS
      accounts.google.com
      Remote address:
      1.1.1.1:53
      Request
      accounts.google.com
      IN A
      Response
      accounts.google.com
      IN A
      142.251.39.109
    • flag-us
      DNS
      owthklaoig
      Remote address:
      1.1.1.1:53
      Request
      owthklaoig
      IN A
    • flag-us
      DNS
      owthklaoig
      Remote address:
      1.1.1.1:53
      Request
      owthklaoig
      IN A
    • flag-us
      DNS
      pyenpwirbfcnh
      Remote address:
      1.1.1.1:53
      Request
      pyenpwirbfcnh
      IN A
    • flag-us
      DNS
      pyenpwirbfcnh
      Remote address:
      1.1.1.1:53
      Request
      pyenpwirbfcnh
      IN A
    • flag-us
      DNS
      cptxgwpttrqzqx
      Remote address:
      1.1.1.1:53
      Request
      cptxgwpttrqzqx
      IN A
      Response
    • flag-us
      DNS
      pyenpwirbfcnh
      Remote address:
      1.1.1.1:53
      Request
      pyenpwirbfcnh
      IN A
    • flag-us
      DNS
      pyenpwirbfcnh
      Remote address:
      1.1.1.1:53
      Request
      pyenpwirbfcnh
      IN A
    • flag-us
      DNS
      owthklaoig
      Remote address:
      1.1.1.1:53
      Request
      owthklaoig
      IN A
      Response
    • flag-us
      DNS
      update.googleapis.com
      Remote address:
      1.1.1.1:53
      Request
      update.googleapis.com
      IN A
    • flag-us
      DNS
      update.googleapis.com
      Remote address:
      1.1.1.1:53
      Request
      update.googleapis.com
      IN A
    • flag-us
      DNS
      update.googleapis.com
      Remote address:
      1.1.1.1:53
      Request
      update.googleapis.com
      IN A
    • flag-us
      DNS
      update.googleapis.com
      Remote address:
      1.1.1.1:53
      Request
      update.googleapis.com
      IN A
    • flag-us
      DNS
      update.googleapis.com
      Remote address:
      1.1.1.1:53
      Request
      update.googleapis.com
      IN A
      Response
      update.googleapis.com
      IN A
      142.251.36.35
    • flag-us
      DNS
      update.googleapis.com
      Remote address:
      1.1.1.1:53
      Request
      update.googleapis.com
      IN A
    • flag-us
      DNS
      update.googleapis.com
      Remote address:
      1.1.1.1:53
      Request
      update.googleapis.com
      IN A
    • flag-nl
      POST
      http://update.googleapis.com/service/update2/json?cup2key=10:4251839629&cup2hreq=9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5
      Remote address:
      142.251.36.35:80
      Request
      POST /service/update2/json?cup2key=10:4251839629&cup2hreq=9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5 HTTP/1.1
      Host: update.googleapis.com
      Connection: keep-alive
      Content-Length: 1314
      X-Goog-Update-AppId: gcmjkmgdlgnkkcocmoeiminaijmmjnii,hfnkpimlhhgieaddgfemjhofmfblmnib,llkgjffcdpffmhiakmfcdcblohccpfmo,khaoiebndkojlmppeemjhbpbandiljpe,giekcmmlnklenlaomppkphknjmnnpneh,jflookgnkcckhobaglndicnbbgbonegd,ggkkehgbnfjpeggfpleeakpidbkibbmn,bklopemakmnopmghhmccadeonafabnal
      X-Goog-Update-Interactivity: bg
      X-Goog-Update-Updater: chrome-83.0.4103.106
      Content-Type: application/json
      User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
      Accept-Encoding: gzip, deflate
      Response
      HTTP/1.1 200 OK
      Content-Security-Policy: script-src 'report-sample' 'nonce-PGux-VjQPGl-_Xn6YOTgdg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
      Cache-Control: no-cache, no-store, max-age=0, must-revalidate
      Pragma: no-cache
      Expires: Mon, 01 Jan 1990 00:00:00 GMT
      Date: Wed, 19 Jul 2023 01:24:00 GMT
      X-Cup-Server-Proof: 304502201ffd601e77c399029240ed84d497b6d45dc12091b34ce9e27a0dce1f87032a67022100cb774b00df3a63f0d937d705ab3003384acb6f9dbc59c721f2cb5d41cc160319:9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5
      ETag: W/"304502201ffd601e77c399029240ed84d497b6d45dc12091b34ce9e27a0dce1f87032a67022100cb774b00df3a63f0d937d705ab3003384acb6f9dbc59c721f2cb5d41cc160319:9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5"
      Content-Type: application/json; charset=utf-8
      X-Daynum: 6042
      X-Daystart: 66240
      Content-Encoding: gzip
      X-Content-Type-Options: nosniff
      X-Frame-Options: SAMEORIGIN
      X-XSS-Protection: 1; mode=block
      Content-Length: 1932
      Server: GSE
    • flag-us
      DNS
      edgedl.me.gvt1.com
      Remote address:
      1.1.1.1:53
      Request
      edgedl.me.gvt1.com
      IN A
    • flag-us
      DNS
      edgedl.me.gvt1.com
      Remote address:
      1.1.1.1:53
      Request
      edgedl.me.gvt1.com
      IN A
      Response
      edgedl.me.gvt1.com
      IN A
      34.104.35.123
    • flag-us
      GET
      http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/fessmlfzcgvxcvvlvzjb5y3pia_9.46.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.46.0_all_j3wc2ia5cvmxcar5vj37bzshkm.crx3
      Remote address:
      34.104.35.123:80
      Request
      GET /edgedl/release2/chrome_component/fessmlfzcgvxcvvlvzjb5y3pia_9.46.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.46.0_all_j3wc2ia5cvmxcar5vj37bzshkm.crx3 HTTP/1.1
      Host: edgedl.me.gvt1.com
      Connection: keep-alive
      User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
      Accept-Encoding: gzip, deflate
      Response
      HTTP/1.1 200 OK
      accept-ranges: bytes
      content-disposition: attachment
      content-security-policy: default-src 'none'
      server: Google-Edge-Cache
      x-content-type-options: nosniff
      x-frame-options: SAMEORIGIN
      x-xss-protection: 0
      content-length: 35135
      x-request-id: 0d64b155-b7cb-4942-840a-7eae87be637a
      date: Tue, 18 Jul 2023 06:27:22 GMT
      age: 68199
      last-modified: Mon, 10 Jul 2023 21:00:47 GMT
      etag: "180aa2e"
      content-type: application/octet-stream
      alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
      cache-control: public,max-age=86400
      coprocessor-response: download-server
    • 172.217.23.206:443
      tls, https
      695 B
      40 B
      1
      1
    • 172.217.23.206:443
      tls, https
      695 B
      40 B
      1
      1
    • 172.217.23.206:443
      android.apis.google.com
      tls
      5.3kB
      8.7kB
      21
      21
    • 172.217.23.206:443
      android.apis.google.com
      tls
      1.7kB
      5.9kB
      9
      8
    • 216.58.208.104:443
      ssl.google-analytics.com
      tls
      1.2kB
      5.6kB
      7
      5
    • 142.250.179.138:443
      infinitedata-pa.googleapis.com
      tls
      897 B
      5.4kB
      10
      7
    • 142.251.39.109:443
      accounts.google.com
      tls
      2.0kB
      7.2kB
      17
      13
    • 142.251.36.35:80
      http://update.googleapis.com/service/update2/json?cup2key=10:4251839629&cup2hreq=9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5
      http
      2.4kB
      3.3kB
      6
      5

      HTTP Request

      POST http://update.googleapis.com/service/update2/json?cup2key=10:4251839629&cup2hreq=9d22ccd22a3a4cd4385c014ac15a1ec002a874921a7b314fcda00893ae78b3a5

      HTTP Response

      200
    • 34.104.35.123:80
      http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/fessmlfzcgvxcvvlvzjb5y3pia_9.46.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.46.0_all_j3wc2ia5cvmxcar5vj37bzshkm.crx3
      http
      869 B
      36.1kB
      9
      8

      HTTP Request

      GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/fessmlfzcgvxcvvlvzjb5y3pia_9.46.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.46.0_all_j3wc2ia5cvmxcar5vj37bzshkm.crx3

      HTTP Response

      200
    • 224.0.0.251:5353
      4.1kB
      12
    • 1.1.1.1:53
      infinitedata-pa.googleapis.com
      dns
      152 B
      2

      DNS Request

      infinitedata-pa.googleapis.com

      DNS Request

      infinitedata-pa.googleapis.com

    • 1.1.1.1:53
      ssl.google-analytics.com
      dns
      70 B
      86 B
      1
      1

      DNS Request

      ssl.google-analytics.com

      DNS Response

      216.58.208.104

    • 1.1.1.1:53
      infinitedata-pa.googleapis.com
      dns
      152 B
      2

      DNS Request

      infinitedata-pa.googleapis.com

      DNS Request

      infinitedata-pa.googleapis.com

    • 1.1.1.1:53
      infinitedata-pa.googleapis.com
      dns
      76 B
      252 B
      1
      1

      DNS Request

      infinitedata-pa.googleapis.com

      DNS Response

      142.250.179.138
      142.251.39.106
      142.250.179.202
      216.58.214.10
      142.251.36.42
      142.251.36.10
      216.58.208.106
      172.217.168.202
      142.250.179.170
      172.217.23.202
      172.217.168.234

    • 1.1.1.1:53
      accounts.google.com
      dns
      65 B
      1

      DNS Request

      accounts.google.com

    • 1.1.1.1:53
      accounts.google.com
      dns
      65 B
      1

      DNS Request

      accounts.google.com

    • 1.1.1.1:53
      accounts.google.com
      dns
      65 B
      81 B
      1
      1

      DNS Request

      accounts.google.com

      DNS Response

      142.251.39.109

    • 1.1.1.1:53
      owthklaoig
      dns
      112 B
      2

      DNS Request

      owthklaoig

      DNS Request

      owthklaoig

    • 1.1.1.1:53
      pyenpwirbfcnh
      dns
      118 B
      2

      DNS Request

      pyenpwirbfcnh

      DNS Request

      pyenpwirbfcnh

    • 1.1.1.1:53
      cptxgwpttrqzqx
      dns
      60 B
      135 B
      1
      1

      DNS Request

      cptxgwpttrqzqx

    • 1.1.1.1:53
      pyenpwirbfcnh
      dns
      118 B
      2

      DNS Request

      pyenpwirbfcnh

      DNS Request

      pyenpwirbfcnh

    • 1.1.1.1:53
      owthklaoig
      dns
      56 B
      131 B
      1
      1

      DNS Request

      owthklaoig

    • 1.1.1.1:53
      update.googleapis.com
      dns
      67 B
      1

      DNS Request

      update.googleapis.com

    • 1.1.1.1:53
      update.googleapis.com
      dns
      67 B
      1

      DNS Request

      update.googleapis.com

    • 1.1.1.1:53
      update.googleapis.com
      dns
      134 B
      2

      DNS Request

      update.googleapis.com

      DNS Request

      update.googleapis.com

    • 1.1.1.1:53
      update.googleapis.com
      dns
      67 B
      83 B
      1
      1

      DNS Request

      update.googleapis.com

      DNS Response

      142.251.36.35

    • 1.1.1.1:53
      update.googleapis.com
      dns
      67 B
      1

      DNS Request

      update.googleapis.com

    • 1.1.1.1:53
      update.googleapis.com
      dns
      67 B
      1

      DNS Request

      update.googleapis.com

    • 1.1.1.1:53
      edgedl.me.gvt1.com
      dns
      64 B
      1

      DNS Request

      edgedl.me.gvt1.com

    • 1.1.1.1:53
      edgedl.me.gvt1.com
      dns
      64 B
      80 B
      1
      1

      DNS Request

      edgedl.me.gvt1.com

      DNS Response

      34.104.35.123

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.