Analysis Overview
score
5/10
Threat Level: Likely benign
The file https://ewasmash.com was found to be: Likely benign.
Malicious Activity Summary
Removes a system notification.
MITRE ATT&CK Matrix
N/A
Analysis: static1
Detonation Overview
Reported
2023-10-29 18:06
Signatures
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2023-10-29 18:06
Reported
2023-10-29 18:07
Platform
android-x64-20231023.1-en
Max time kernel
2090764s
Max time network
71s
Command Line
com.android.chrome
Signatures
Removes a system notification.
| Description | Indicator | Process | Target |
| Framework service call | android.app.INotificationManager.cancelNotificationWithTag | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| NL | 142.250.179.205:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | ewasmash.com | udp |
| US | 1.1.1.1:53 | safebrowsing.googleapis.com | udp |
| US | 1.1.1.1:53 | ewasmash.com | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| US | 1.1.1.1:53 | ewasmash.com | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| US | 1.1.1.1:53 | djkuroar | udp |
| US | 1.1.1.1:53 | oqhqonsxrvl | udp |
| US | 1.1.1.1:53 | ihfeymeomxy | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| NL | 172.217.168.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | ewasmash.com | udp |
| US | 216.239.32.21:443 | ewasmash.com | tcp |
| US | 216.239.32.21:443 | ewasmash.com | tcp |
| US | 1.1.1.1:53 | www.ewasmash.com | udp |
| NL | 142.250.179.147:443 | www.ewasmash.com | tcp |
| US | 1.1.1.1:53 | apis.google.com | udp |
| US | 1.1.1.1:53 | lh5.googleusercontent.com | udp |
| US | 1.1.1.1:53 | lh3.googleusercontent.com | udp |
| NL | 142.251.39.97:443 | lh5.googleusercontent.com | tcp |
| US | 1.1.1.1:53 | apis.google.com | udp |
| US | 1.1.1.1:53 | lh3.googleusercontent.com | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| US | 1.1.1.1:53 | ihfeymeomxy | udp |
| US | 1.1.1.1:53 | apis.google.com | udp |
| US | 1.1.1.1:53 | lh3.googleusercontent.com | udp |
| US | 1.1.1.1:53 | apis.google.com | udp |
| NL | 142.251.36.14:443 | apis.google.com | tcp |
| US | 1.1.1.1:53 | lh3.googleusercontent.com | udp |
| US | 1.1.1.1:53 | lh6.googleusercontent.com | udp |
| NL | 142.251.36.33:443 | lh6.googleusercontent.com | tcp |
| US | 1.1.1.1:53 | lh4.googleusercontent.com | udp |
| US | 1.1.1.1:53 | clients1.google.com | udp |
| DE | 172.217.23.206:443 | clients1.google.com | tcp |
| US | 1.1.1.1:53 | play.google.com | udp |
| US | 1.1.1.1:53 | lh4.googleusercontent.com | udp |
| US | 1.1.1.1:53 | lh4.googleusercontent.com | udp |
| US | 1.1.1.1:53 | calendar.google.com | udp |
| NL | 142.251.36.46:443 | calendar.google.com | tcp |
| US | 1.1.1.1:53 | clients6.google.com | udp |
| NL | 142.251.36.14:443 | clients6.google.com | tcp |
| US | 1.1.1.1:53 | lh3.googleusercontent.com | udp |
| US | 1.1.1.1:53 | lh3.googleusercontent.com | udp |
| US | 1.1.1.1:53 | ssl.gstatic.com | udp |
| US | 1.1.1.1:53 | lh4.googleusercontent.com | udp |
| US | 1.1.1.1:53 | docs.google.com | udp |
| DE | 172.217.23.206:443 | play.google.com | tcp |
| US | 1.1.1.1:53 | lh3.googleusercontent.com | udp |
| US | 1.1.1.1:53 | lh3.googleusercontent.com | udp |
Files
files/dom-0.html
files/dom-1.html