Analysis Overview
score
7/10
Threat Level: Shows suspicious behavior
The file http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip was found to be: Shows suspicious behavior.
Malicious Activity Summary
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-18 03:19
Signatures
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-18 03:19
Reported
2024-04-18 03:21
Platform
android-x86-arm-20240221-en
Max time kernel
64s
Max time network
66s
Command Line
com.android.chrome
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| US | 1.1.1.1:53 | safebrowsing.googleapis.com | udp |
| GB | 142.250.187.202:443 | safebrowsing.googleapis.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| US | 1.1.1.1:53 | llqzuvw | udp |
| US | 1.1.1.1:53 | dmpiclavujpah | udp |
| US | 1.1.1.1:53 | qqhqtsqckae | udp |
| GB | 172.217.169.10:443 | tcp | |
| GB | 172.217.16.238:443 | tcp |
Files
/storage/emulated/0/Download/.com.google.Chrome.O0vpfN
| MD5 | 7f2d8a3052844a682f8906428517d2ee |
| SHA1 | c28dc9610e4ec4cc5a4db57193f624c51f866dde |
| SHA256 | b3dc31310c3e2160244f57cf60c73569ea902ba0fe69ade89e087ca4c2bd9372 |
| SHA512 | 9d336095a34e2e521b0eb66e5257c54c3ecf5db35f18909ffd64a2ce9a35014dbe627d6531c83c7d53fbc1f4f2aa4cd7bc0e208ea68b642a9c03f922c52a47c8 |
/storage/emulated/0/Download/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip.crdownload
| MD5 | aff35a4be47debbf829b12fee4ecafdb |
| SHA1 | 8521fe782423da691865f9c24d54c8d8e0d7c44c |
| SHA256 | 8afdefa7409b0aa7101eddc7d6380c66cfa4003ced8df778bda8d397a30de5b3 |
| SHA512 | 023d816db56dcffb18202aa1475bf903fe907f2cdaedc3f08543fa0a9ea75c8729a338294559aa72e53ab3745a3b75cfefe629b0fad96fe4b6fcc8d4b8010e01 |
files/dom-0.html
| MD5 | cecb649cb1fb79c3736936fcbef3bbf2 |
| SHA1 | 2c95183d7d2b0cd68d15b3c4115189351fc08720 |
| SHA256 | 09bda72e7c32a69e3268e0ebd8caa33684cbc954dd00c7d93a38830e348ef324 |
| SHA512 | b8aca3cf0ea838093bd29b70ead608597260b0e35886d491d17c304878f99510fd885d96a191080acb5b706a642253bd9cbe5065ff234472b048fcce282061de |