Malware Analysis Report

2024-10-19 11:56

Sample ID 231009-2hkvjaah72
Target 43f7de64b8026fa16a4e0b74a9a3d1c879db3098c9780ac202fc2113a5577c48.bin
SHA256 43f7de64b8026fa16a4e0b74a9a3d1c879db3098c9780ac202fc2113a5577c48
Tags
alienbot banker evasion infostealer stealth trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral28

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral19

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral24

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral29

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral15

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral23

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral16

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral17

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral14

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral20

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral30

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral31

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral32

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral25

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral18

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral27

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral22

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral26

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral21

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

43f7de64b8026fa16a4e0b74a9a3d1c879db3098c9780ac202fc2113a5577c48

Threat Level: Known bad

The file 43f7de64b8026fa16a4e0b74a9a3d1c879db3098c9780ac202fc2113a5577c48.bin was found to be: Known bad.

Malicious Activity Summary

alienbot banker evasion infostealer stealth trojan

Alienbot

Makes use of the framework's Accessibility service.

Removes its main activity from the application launcher

Acquires the wake lock.

Loads dropped Dex/Jar

Requests dangerous framework permissions

Requests disabling of battery optimizations (often used to enable hiding in the background).

Removes a system notification.

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-10-09 22:34

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows read access to the device's phone number(s). android.permission.READ_PHONE_NUMBERS N/A N/A

Analysis: behavioral28

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral13

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral19

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

3s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral24

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral29

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

3s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral15

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral23

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral16

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral17

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

3s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral14

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral20

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral30

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral31

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral32

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

3s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral25

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:42

Platform

android-x86-arm-20230831-en

Max time kernel

379241s

Max time network

306s

Command Line

fr.associated.string

Signatures

Alienbot

banker trojan infostealer alienbot

Makes use of the framework's Accessibility service.

Description Indicator Process Target
Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId N/A N/A
Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText N/A N/A
Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId N/A N/A

Removes its main activity from the application launcher

stealth trojan
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Acquires the wake lock.

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Loads dropped Dex/Jar

Description Indicator Process Target
N/A /data/user/0/fr.associated.string/app_DynamicOptDex/aZiccBex.json N/A N/A
N/A /data/user/0/fr.associated.string/app_DynamicOptDex/aZiccBex.json N/A N/A

Requests disabling of battery optimizations (often used to enable hiding in the background).

evasion
Description Indicator Process Target
Intent action android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS N/A N/A

Removes a system notification.

evasion
Description Indicator Process Target
Framework service call android.app.INotificationManager.cancelNotificationWithTag N/A N/A

Processes

fr.associated.string

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/fr.associated.string/app_DynamicOptDex/aZiccBex.json --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/fr.associated.string/app_DynamicOptDex/oat/x86/aZiccBex.odex --compiler-filter=quicken --class-loader-context=&

Network

Country Destination Domain Proto
NL 142.251.36.42:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
NL 142.251.39.106:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 jsonplaceholder.typicode.com udp
US 1.1.1.1:53 jsonplaceholder.typicode.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
NL 142.250.179.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
NL 142.251.39.106:443 tcp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 android.apis.google.com udp
NL 172.217.168.227:80 tcp
NL 142.250.179.196:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
NL 142.250.179.162:443 tcp
NL 142.251.39.106:443 tcp
NL 142.251.36.10:443 tcp
NL 142.251.39.106:443 tcp
NL 142.251.39.106:443 tcp
NL 142.251.39.106:443 tcp
NL 142.250.179.174:443 tcp
NL 142.250.179.163:443 tcp
NL 142.250.179.163:443 tcp
NL 142.250.179.174:443 tcp
NL 142.250.179.163:443 tcp
NL 142.250.179.163:443 tcp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 wf4sctx9cksg94528o7o.xyz udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp
US 1.1.1.1:53 infinitedata-pa.googleapis.com udp

Files

/data/data/fr.associated.string/app_DynamicOptDex/aZiccBex.json

MD5 71ddacd8a2cb40df18134c90a1bb4be2
SHA1 293b301ee8eb182182214f1a23c9d50c9dcec727
SHA256 7b9a551a5ed085cd9c0d9423e763ff7a51d01fee25b078be7c6e85aefd6c6836
SHA512 f12ea753b2066e1d195969efb56cb226476ce7d86d28cf452ec6b087fc6f1786fff4c20282c1a242063dbf7bb52de74d60cafa8d6f9edccfe89d6bb623492aaf

/data/data/fr.associated.string/app_DynamicOptDex/aZiccBex.json

MD5 c79398dd96dad9fa31b8da95334ef0b9
SHA1 98b969ccd2423bd76402fc96baf24704a8a35406
SHA256 83c8b8636a889d87c90671c1172dbdef67030bdbd62829a8db1c6372001e72b3
SHA512 fe628d0079582bc7ae6f536af76da3d1038fdd715a62a58e254e801b91f7928135b14701bb5960bfe582ea7e88a7f1ec77319f55ed46c0bbc4f2936eaa91d574

/data/user/0/fr.associated.string/app_DynamicOptDex/aZiccBex.json

MD5 0930ec69d81f4b96649d36d7b6f24b90
SHA1 349be2cb09fd8974250fe3aa03b54a43ab1da09c
SHA256 5d30844dfc43fa7dba25603cde401697fd5c3f857e4f59fded3c41db719ad3de
SHA512 0771ec5c54d5c68be8301d5ddbb7ad5904e24f32fc8d1ce6a085410e9985a71653a0e69a3f892868369dbab3c85ebdd5345bb25244f29665f021551f694b3045

/data/user/0/fr.associated.string/app_DynamicOptDex/aZiccBex.json

MD5 9d7303454701903d24bf29a1e8a24408
SHA1 4df0979ebc2064ceaab58a10ebd93a193a8c3b30
SHA256 ae24eef251004b4c48e4c7a7d2d9744120f6acc2f274bf7d605bd80278b4c880
SHA512 64ddf3f379bb36487d501b697822f5015285a5e724816a6fdcbfe83fe25d21d22bc621d9c7b9a597a2828d630f4635b045adff86e59600a17a481aa5b81ed019

/data/data/fr.associated.string/app_DynamicOptDex/oat/aZiccBex.json.cur.prof

MD5 74b3604313bff37cc2795a8e5641bd94
SHA1 fe67e5198b82c48b8f7f8fd6b06c6d5576bd2b7e
SHA256 cfe143277e8f83d7fc2ff0a639611a3a2848f3a4969145e491daee15bfc4a6c8
SHA512 a245884a1471acfa4135369bba10b066a65f16268a4154b859218861308e21ac72f16f365bce04f5e302a3b4002550854d9f01b2a774b5b4a7e7befcf9fa3ed9

Analysis: behavioral7

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral18

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral27

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral22

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral26

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral21

Detonation Overview

Submitted

2023-10-09 22:34

Reported

2023-10-09 22:37

Platform

android-x86-arm-20230831-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A