Analysis Overview
score
5/10
Threat Level: Likely benign
The file https://chromewebstore.google.com/detail/robux-gratis-generador-ro/jbdlcghcledhmmgdjlnoeapmmpkdgdke was found to be: Likely benign.
Malicious Activity Summary
Detected potential entity reuse from brand google.
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2024-02-05 01:58
Signatures
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-05 01:58
Reported
2024-02-05 02:00
Platform
android-x64-arm64-20231215-en
Max time kernel
149s
Max time network
156s
Command Line
com.android.chrome
Signatures
Detected potential entity reuse from brand google.
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.201.110:443 | udp | |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | chromewebstore.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 173.194.76.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.14:443 | chromewebstore.google.com | tcp |
| GB | 142.250.200.14:443 | chromewebstore.google.com | tcp |
| GB | 142.250.200.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | chromewebstore.google.com | udp |
| BE | 64.233.167.84:443 | accounts.google.com | tcp |
| GB | 216.58.204.78:443 | chromewebstore.google.com | tcp |
| US | 1.1.1.1:53 | chrome.google.com | udp |
| GB | 142.250.200.14:443 | chrome.google.com | tcp |
| US | 1.1.1.1:53 | safebrowsing.googleapis.com | udp |
| US | 1.1.1.1:53 | lh3.googleusercontent.com | udp |
| GB | 216.58.201.97:443 | lh3.googleusercontent.com | tcp |
| US | 1.1.1.1:53 | ssl.gstatic.com | udp |
| GB | 216.58.213.3:443 | ssl.gstatic.com | tcp |
| US | 1.1.1.1:53 | clients1.google.com | udp |
| GB | 172.217.169.14:443 | clients1.google.com | tcp |
| US | 1.1.1.1:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| BE | 66.102.1.154:443 | stats.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| US | 1.1.1.1:53 | usigzdrwm | udp |
| US | 1.1.1.1:53 | yltdhofedhqm | udp |
| US | 1.1.1.1:53 | fcpwyqujfbc | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 172.217.16.238:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 1.1.1.1:53 | consent.google.com | udp |
| GB | 142.250.179.238:443 | consent.google.com | tcp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| US | 1.1.1.1:53 | consent.youtube.com | udp |
| GB | 216.58.201.110:443 | consent.youtube.com | tcp |
| GB | 142.250.200.4:443 | tcp | |
| GB | 142.250.200.4:443 | tcp | |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.16.227:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 1.1.1.1:53 | id.google.com | udp |
| PH | 142.251.221.35:443 | id.google.com | tcp |
| PH | 142.251.221.35:443 | id.google.com | tcp |
| US | 1.1.1.1:53 | i.ytimg.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| US | 1.1.1.1:53 | cdn.ampproject.org | udp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| US | 1.1.1.1:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 216.58.212.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.212.238:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | static.doubleclick.net | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.230:443 | static.doubleclick.net | tcp |
| US | 1.1.1.1:53 | jnn-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | lh5.googleusercontent.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 1.1.1.1:53 | deltaexploits.net | udp |
| US | 172.67.211.218:443 | deltaexploits.net | tcp |
| US | 172.67.211.218:443 | deltaexploits.net | tcp |
| US | 1.1.1.1:53 | du0pud0sdlmzf.cloudfront.net | udp |
| GB | 18.154.80.214:443 | du0pud0sdlmzf.cloudfront.net | tcp |
| US | 1.1.1.1:53 | angelsaidthe.info | udp |
| GB | 18.165.227.43:443 | angelsaidthe.info | tcp |
| US | 1.1.1.1:53 | hoatebilaterdea.info | udp |
| US | 1.1.1.1:53 | ghabovethec.info | udp |
| US | 104.21.31.182:443 | hoatebilaterdea.info | tcp |
| GB | 18.244.140.100:443 | ghabovethec.info | tcp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| GB | 157.240.214.35:443 | www.facebook.com | tcp |
| US | 1.1.1.1:53 | rkqwe.pohsoneche.info | udp |
| US | 34.195.224.242:443 | rkqwe.pohsoneche.info | tcp |
| US | 1.1.1.1:53 | ittontrinevengre.info | udp |
| GB | 216.137.44.100:443 | ittontrinevengre.info | tcp |
| US | 34.195.224.242:443 | rkqwe.pohsoneche.info | tcp |
| US | 1.1.1.1:53 | trk.building-youth-spread-loss.run | udp |
| US | 104.21.20.223:443 | trk.building-youth-spread-loss.run | tcp |
| US | 1.1.1.1:53 | www.luckyofficialonlinesuper.skin | udp |
| US | 172.67.175.78:443 | www.luckyofficialonlinesuper.skin | tcp |
| US | 172.67.175.78:443 | www.luckyofficialonlinesuper.skin | tcp |
| US | 1.1.1.1:53 | cdn.jsdelivr.net | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 1.1.1.1:53 | cdn.luckyofficialonlinesuper.skin | udp |
| US | 1.1.1.1:53 | redirector.gvt1.com | udp |
| GB | 142.250.180.14:443 | redirector.gvt1.com | tcp |
| US | 1.1.1.1:53 | r3---sn-1gi7znes.gvt1.com | udp |
| CH | 173.194.160.72:443 | r3---sn-1gi7znes.gvt1.com | tcp |
| US | 1.1.1.1:53 | r2---sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.199:443 | r2---sn-1gi7znek.gvt1.com | tcp |
| US | 1.1.1.1:53 | r3---sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.200:443 | r3---sn-1gi7znek.gvt1.com | tcp |
| US | 1.1.1.1:53 | r5---sn-1gi7znes.gvt1.com | udp |
| CH | 173.194.160.74:443 | r5---sn-1gi7znes.gvt1.com | tcp |
| US | 1.1.1.1:53 | r4---sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.201:443 | r4---sn-1gi7znek.gvt1.com | tcp |
| US | 1.1.1.1:53 | r1---sn-1gi7znes.gvt1.com | udp |
| CH | 173.194.160.70:443 | r1---sn-1gi7znes.gvt1.com | tcp |
| US | 1.1.1.1:53 | r5---sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.202:443 | r5---sn-1gi7znek.gvt1.com | tcp |
| CH | 74.125.108.199:443 | r2---sn-1gi7znek.gvt1.com | tcp |
| US | 1.1.1.1:53 | r1---sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.198:443 | r1---sn-1gi7znek.gvt1.com | tcp |
| CH | 173.194.160.72:443 | r3---sn-1gi7znes.gvt1.com | tcp |
| CH | 74.125.108.200:443 | r3---sn-1gi7znek.gvt1.com | tcp |
| CH | 173.194.160.74:443 | r5---sn-1gi7znes.gvt1.com | tcp |
| US | 34.195.224.242:443 | rkqwe.pohsoneche.info | tcp |
| US | 34.195.224.242:443 | rkqwe.pohsoneche.info | tcp |
| US | 1.1.1.1:53 | www.ensignmidshipmannavyfleet.skin | udp |
| US | 172.67.167.9:443 | www.ensignmidshipmannavyfleet.skin | tcp |
| US | 172.67.167.9:443 | www.ensignmidshipmannavyfleet.skin | tcp |
| US | 1.1.1.1:53 | cdn.ensignmidshipmannavyfleet.skin | udp |
| US | 1.1.1.1:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 104.21.20.223:80 | trk.building-youth-spread-loss.run | tcp |
| US | 104.21.20.223:80 | trk.building-youth-spread-loss.run | tcp |
| US | 1.1.1.1:53 | cp.effoulanponta.com | udp |
| US | 54.84.0.215:443 | cp.effoulanponta.com | tcp |
| US | 54.84.0.215:443 | cp.effoulanponta.com | tcp |
| US | 54.84.0.215:443 | cp.effoulanponta.com | tcp |
| US | 1.1.1.1:53 | app.appsflyer.com | udp |
| GB | 104.86.110.56:443 | app.appsflyer.com | tcp |
| US | 1.1.1.1:53 | angelsaidthe.info | udp |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 1.1.1.1:53 | beklefkiom.com | udp |
| NL | 139.45.197.237:443 | beklefkiom.com | tcp |
| US | 1.1.1.1:53 | the.gatekeeperconsent.com | udp |
| US | 1.1.1.1:53 | propeller-tracking.com | udp |
| US | 1.1.1.1:53 | my.rtmark.net | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | tcp |
| NL | 139.45.197.240:443 | propeller-tracking.com | tcp |
| NL | 139.45.195.8:443 | my.rtmark.net | tcp |
| US | 1.1.1.1:53 | datatechone.com | udp |
| US | 1.1.1.1:53 | btloader.com | udp |
| US | 1.1.1.1:53 | www.ezojs.com | udp |
| US | 1.1.1.1:53 | privacy.gatekeeperconsent.com | udp |
| US | 1.1.1.1:53 | translate.google.com | udp |
| NL | 139.45.195.253:443 | datatechone.com | tcp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 172.64.97.6:443 | www.ezojs.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| GB | 172.217.169.14:443 | translate.google.com | tcp |
| US | 1.1.1.1:53 | totalnicenewz.com | udp |
| US | 1.1.1.1:53 | static.cloudflareinsights.com | udp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| US | 1.1.1.1:53 | api.btloader.com | udp |
| US | 104.21.83.214:443 | totalnicenewz.com | tcp |
| US | 104.16.57.101:443 | static.cloudflareinsights.com | tcp |
| GB | 18.172.155.200:443 | cdn.amplitude.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| IE | 52.211.212.103:443 | g.ezoic.net | tcp |
| US | 1.1.1.1:53 | static.mediafire.com | udp |
| US | 1.1.1.1:53 | api.amplitude.com | udp |
| US | 52.39.4.240:443 | api.amplitude.com | tcp |
| US | 1.1.1.1:53 | sr7pv7n5x.com | udp |
| NL | 212.117.190.201:443 | sr7pv7n5x.com | tcp |
Files
files/dom-0.html
| MD5 | c73e018fa225a3b6d7a7e0934785801c |
| SHA1 | b409a69e49b9031801d2c3665d07d650e425271e |
| SHA256 | 36d240203f94efe1a0c24f988c8e25415266ad57667033a5327845b31fae0ee5 |
| SHA512 | 3c7ff0639fe40aa620c9773eccb14642ca4a1bec35cd73969875d769e4d2cdb4c15dbcb18ac61748147e3f4e8c8932c29c50041aa9c568cc3e3497862c13f0f9 |