Malware Analysis Report

2025-08-10 23:58

Sample ID 240518-kadmtabf3s
Target 53d24598e0ff806d09301fc132464e4f_JaffaCakes118
SHA256 9cf7218fc92e4f01efb27444a28ba124efa6ad45891b8bcb46c2cddbb4b7eb41
Tags
impact persistence discovery evasion
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

9cf7218fc92e4f01efb27444a28ba124efa6ad45891b8bcb46c2cddbb4b7eb41

Threat Level: Shows suspicious behavior

The file 53d24598e0ff806d09301fc132464e4f_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary

impact persistence discovery evasion

Loads dropped Dex/Jar

Registers a broadcast receiver at runtime (usually for listening for system events)

Queries the unique device ID (IMEI, MEID, IMSI)

Requests dangerous framework permissions

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-18 08:23

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-05-18 08:23

Reported

2024-05-18 08:24

Platform

android-x64-arm64-20240514-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-18 08:23

Reported

2024-05-18 08:27

Platform

android-x86-arm-20240514-en

Max time kernel

3s

Max time network

131s

Command Line

com.qingshu520.chat

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.qingshu520.chat

Network

Country Destination Domain Proto
GB 172.217.169.42:443 tcp
N/A 224.0.0.251:5353 udp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 216.58.212.228:443 www.google.com tcp
US 1.1.1.1:53 oth.update.mdt.qq.com udp
CN 116.128.134.253:8080 oth.update.mdt.qq.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.179.238:443 android.apis.google.com tcp
GB 172.217.169.42:443 tcp

Files

/data/data/com.qingshu520.chat/files/beacon/comp/1.jar

MD5 fbc9ad99563091d07cfdfaed823bcf3b
SHA1 906f5b3e984ddec5208bd01468901cd0262cc1e9
SHA256 d320347a935fb3a98ac3858cb55a9193965cd5f9b04ad97838fb493c612d1010
SHA512 ea259833bf55b9174f55b84ab62aa9a586287e0c1375f266668519d8ee273c7fb5c7419cdaaedcf1ea40c758531a65353d5c2a3083858d7c65f553b1f80149c0

/data/data/com.qingshu520.chat/files/beacon/comp/9.jar

MD5 07e7f8974d3ebde93b2d85aca8d96470
SHA1 72afb51e234cb6f6b99c50739b2b73d0182d78e9
SHA256 15c5291d63d9425aad8a2374804589ae6a0d377af59319715f35e09bd7fd1674
SHA512 cab58123d458d3b37880569b5e6b40dfd711a4ce259a17292a02935c885866e440704f8075cc2485108c425b79ff7fd032fd7bae6f09264fa5ec9de204a61a54

/data/data/com.qingshu520.chat/files/beacon/comp/21.jar

MD5 81b45de6a47986d607e660539f02e21f
SHA1 d2f1961e00bc48dfcbbf76a3d5648544e5812afb
SHA256 43919275b8694ddc0de13559603d2b8fefaf80aaab7a596d0617e324dac130af
SHA512 7e99792b4d6e6f0f35b4966a934942a1658c6eb27341905cda65adfc5d8aa496c33229f3bfdfeb7fb8a047e603bcf5463efa34c233800df723b26943f7c28466

/storage/emulated/0/Android/data/com.qingshu520.chat/cache/uil-images/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/data/com.qingshu520.chat/lib-main/dso_state

MD5 93b885adfe0da089cdf634904fd59f71
SHA1 5ba93c9db0cff93f52b521d7420e43f6eda2784f
SHA256 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
SHA512 b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

/data/data/com.qingshu520.chat/lib-main/libBugly.so

MD5 1c70f8fafd4617a603b00eac5233dd3c
SHA1 b30e472514367b91518b3304971a6c9b87c289c5
SHA256 64d4362d15c363d281f5569a40c1a8e746b20a5aee08b1d3f6c8618e00252969
SHA512 75c7438e8d7464b9cde1dc6b79c62f40ec8b906875adc8321ced86447eba698ff38aef62c7cf225efa89d01639cee7a9475c2b3f97c8ace6dd091ac65950a96b

/data/data/com.qingshu520.chat/lib-main/libQPlayer.so

MD5 f4f71cd6092b94b28965d82b13bf702d
SHA1 5310fb9ad98c7a960ff45f2fff1d6a5e05bdee2e
SHA256 d5c8628d8466cc8856689f498e13465585df90344497fc4462fb7831f47dc2df
SHA512 a9b485c05e6a424d0e25f73be4bb7627961468f224b3c1b4c86243918ce6fdd43b8d72788d039fb1639ba6b778d97162a0ae79cf0bb7c76ab63a2e09f0e82610

/data/data/com.qingshu520.chat/lib-main/libavcodec.so

MD5 9f1223502338f1680c1b9f887de91ae2
SHA1 cd928cfc805ae47e510e641b3d342b9b632fde63
SHA256 8b1de1ae8ef2268340ef3c83e9b488247eb29a5314c702e3f5471e7629bf158f
SHA512 58305b78cbf813db3de601ed87b68383fc7ae6c61d91440eb200612fdb6d2c1be9c680ac516dab310a8fbc714ba8e3aa436a23bcbdffe8288d10cd945ccd7888

/data/data/com.qingshu520.chat/lib-main/libavformat.so

MD5 95858ce09859ded9b9d77665e25d1b49
SHA1 1e9f87e50c902d7b37fcd4e5457f9efcd7608899
SHA256 49919cb937caf9a9af67b977eb1c1e893ccf145b4bd4878bfc16fbc495314d33
SHA512 509b469ff86d21fefa579008e4a73cd295956060a22f07b5991440d8ab2d43db9667a61065d81ebeb1f96ef3c100231604568802bd625124d7c981f512558450

/data/data/com.qingshu520.chat/lib-main/libavutil.so

MD5 6d89546b9b4f21907169272d34301ddb
SHA1 3bece0f6d4ed1340a0204a66b4c7ac7340c62206
SHA256 7df0e3dce972509f75dc569885cb9dae13af1a5f57b5889cdd5782fa8383d33b
SHA512 82d8341a10f65c69d0f00ae057a7787d929fafb3ee8e9c73d5e4e4e4ba2535faab82d9d0aad1f3ab74ecb6a89f8e12a2f87dd1feb19fe8741873ca2e55cad315

/data/data/com.qingshu520.chat/lib-main/libffmpeg_mediametadataretriever_jni.so

MD5 1cd16ba815473fa7a3f3b0dd7739ce1e
SHA1 7d511f9d6860e519ae3b7cc6d471925394f3c088
SHA256 e539e7b86e7f22700d73055f5df0a96df7094a77a21684f7806eb6d7eb3c789c
SHA512 daf8aaba8e2277d269b257b0b7980aa7e3286425aed5c6cfe5b9b0a8a7dff694f98955a5a38aa469066a55e036f06790414ef755c18a132919840bc63f11cc67

/data/data/com.qingshu520.chat/lib-main/liblocSDK7a.so

MD5 3a334bd0ee8562fe5ea137979c3da025
SHA1 3ed0d42733657f26a39ef39cc9f653b3ba448e10
SHA256 c1864e9f029d477609487e27c36a862f306a1077ba1ebbbebb8e88c882616d5e
SHA512 feae0f3633d84bffa6ba21214de2cdb2d9b0c0b41943625171e40c06883926df01c68655e0b2495f863d8e65a4dd383b82f506d0de0f0ba4ea4a87193c27747b

/data/data/com.qingshu520.chat/lib-main/libonlywechat_plugin.so

MD5 3d7b0b2ac561f3d9f2e8b3658ef00a47
SHA1 726c6e3fe35c75596cca114499d0300267f5dc1e
SHA256 82999caf761218fc97717c8d7521381f47fae9028b1f3a7d2204d8e423440388
SHA512 bd79c5c11e65ce6c59021e216cb22e84cd1960c442b42089564eaa0579ca3e7f499d31def43993436bb2d17a4ce010f1420ce5051cacc92fcdfec9f0af9e2bd9

/data/data/com.qingshu520.chat/lib-main/libqcCodec.so

MD5 78fb6510a4efbdfe4941c4460b26258f
SHA1 5a2f409bde21dd5296ceb698019521b81286be44
SHA256 8e9f366f4fc61837c3ab4fc26d0e4bf6e572a75f2db517bf284a77e094c732d4
SHA512 5b36a4d3a2cc3012c81131a137d3c7685be3045485be806ba8253de8372ace113f61c353ba184e5979126c0b636ebfdc7e3a7a783815fc0b855b772e4d72b048

/data/data/com.qingshu520.chat/lib-main/libqcOpenSSL.so

MD5 965a504dada68cd8fb606841c6e3b4e6
SHA1 9c1594233c1f56d54b891649d6df54f3873e45f9
SHA256 b769f67db02f5267c373679add48fb6bffea346a549b5d3e846ec012e00a8842
SHA512 b65e7e8a91347542a8e25db3b1aba3eec7ec5f55cb18175725556bb9c4311f1af101af96c7f5c92d72292b6a9a1a3a04f8bdce34858d500307c59d7c93b12285

/data/data/com.qingshu520.chat/lib-main/libswscale.so

MD5 b6482b64907448b8959ddfa4191de569
SHA1 4fb7ea8ffdef2cfe056b855786be94e303462c23
SHA256 38ca644a9d568438b5ae4780077d06701873e9f1005f6bf17900fbb7bf1cb80d
SHA512 3c256a9d25963b97c481170f9ec4e32c3fd05419bde3a83aa86180a402377877821c1137033ccf580c65f6f0e9fc2a481a8750d53b1ead3f2ef51f8056365cd5

/data/data/com.qingshu520.chat/lib-main/libzegoliveroom.so

MD5 c2b9ec0df36e4a5ac08fc343702b6248
SHA1 f822d2da3b3efb57449b0f14c3f3432a1e5de1b3
SHA256 c087b4999b26cfa420dd5f51d35dcbb1044bd0399e5b8e5b43f01a8efe17b21c
SHA512 da2a5cb50a4101bc951b8658ce07a4e7aba4556fecb90456061b481f891da1fcfcbe5f30037f111369bb9a604fa92604c9ae451d015ebe630248319ac5e75be7

/data/data/com.qingshu520.chat/lib-main/dso_deps

MD5 3352748f5cf617ba2271c106aa48c8f9
SHA1 81ae8b3840cf0169e3e5ef527bd368186ea69add
SHA256 a46b594509fc650f18ef1b5be36103c9e11642f524a87e01ca51a1c072b7872f
SHA512 6b0f01323dc922e978d5eb22136cfcedcb78458ef9a671bf0c878fc28a3aff67ac795af8cbcbb0593550d6121843e50a22d4262d78ea2e83dc6a9a82ccc0783f

/data/data/com.qingshu520.chat/lib-main/dso_manifest

MD5 12980c4898237bf638eaf88bbe42897d
SHA1 4516f24b776224da2160ecd8ae5addd25b633721
SHA256 81464bf4635272200d2736e0dce3894b25904df22f5a520b0991de20d1884cc9
SHA512 f40958ca7abe6ffab1a71fc2dac2b77dcee1773408e5080cc0de848804218d5a90a690a2b4528356190e612e34fd06482e5a8eba81a74a1a47515bb0e54deb2f

/data/data/com.qingshu520.chat/lib-main/dso_state

MD5 55a54008ad1ba589aa210d2629c1df41
SHA1 bf8b4530d8d246dd74ac53a13471bba17941dff7
SHA256 4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a
SHA512 7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-18 08:23

Reported

2024-05-18 08:27

Platform

android-x64-20240514-en

Max time kernel

3s

Max time network

151s

Command Line

com.qingshu520.chat

Signatures

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.qingshu520.chat/files/beacon/comp/1.jar N/A N/A
N/A /data/user/0/com.qingshu520.chat/files/beacon/comp/9.jar N/A N/A
N/A /data/user/0/com.qingshu520.chat/files/beacon/comp/21.jar N/A N/A
N/A /data/user/0/com.qingshu520.chat/files/beacon/comp/1.jar N/A N/A
N/A /data/user/0/com.qingshu520.chat/files/beacon/comp/9.jar N/A N/A
N/A /data/user/0/com.qingshu520.chat/files/beacon/comp/21.jar N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Queries the unique device ID (IMEI, MEID, IMSI)

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.qingshu520.chat

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.178.10:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.213.14:443 android.apis.google.com tcp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 oth.update.mdt.qq.com udp
GB 172.217.16.228:443 tcp
GB 172.217.16.228:443 tcp
GB 142.250.200.46:443 tcp
GB 142.250.187.194:443 tcp

Files

/data/data/com.qingshu520.chat/files/beacon/comp/1.jar

MD5 fbc9ad99563091d07cfdfaed823bcf3b
SHA1 906f5b3e984ddec5208bd01468901cd0262cc1e9
SHA256 d320347a935fb3a98ac3858cb55a9193965cd5f9b04ad97838fb493c612d1010
SHA512 ea259833bf55b9174f55b84ab62aa9a586287e0c1375f266668519d8ee273c7fb5c7419cdaaedcf1ea40c758531a65353d5c2a3083858d7c65f553b1f80149c0

/storage/emulated/0/Android/data/com.qingshu520.chat/cache/uil-images/journal.tmp

MD5 8c92de9ce46d41a22f3b20f77404cc1d
SHA1 8671a6dca00edb72be47363a7071be65cf270373
SHA256 68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA512 30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

/data/data/com.qingshu520.chat/files/beacon/comp/9.jar

MD5 07e7f8974d3ebde93b2d85aca8d96470
SHA1 72afb51e234cb6f6b99c50739b2b73d0182d78e9
SHA256 15c5291d63d9425aad8a2374804589ae6a0d377af59319715f35e09bd7fd1674
SHA512 cab58123d458d3b37880569b5e6b40dfd711a4ce259a17292a02935c885866e440704f8075cc2485108c425b79ff7fd032fd7bae6f09264fa5ec9de204a61a54

/data/data/com.qingshu520.chat/files/beacon/comp/21.jar

MD5 81b45de6a47986d607e660539f02e21f
SHA1 d2f1961e00bc48dfcbbf76a3d5648544e5812afb
SHA256 43919275b8694ddc0de13559603d2b8fefaf80aaab7a596d0617e324dac130af
SHA512 7e99792b4d6e6f0f35b4966a934942a1658c6eb27341905cda65adfc5d8aa496c33229f3bfdfeb7fb8a047e603bcf5463efa34c233800df723b26943f7c28466

/data/data/com.qingshu520.chat/lib-main/dso_state

MD5 93b885adfe0da089cdf634904fd59f71
SHA1 5ba93c9db0cff93f52b521d7420e43f6eda2784f
SHA256 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
SHA512 b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

/data/data/com.qingshu520.chat/lib-main/dso_deps

MD5 813152cab052283d49c4179ce57a514e
SHA1 885e213e7965a04eeb815a3df06b22bee8bb9ffd
SHA256 d730e93123588663eb31a5ddd45171a151e8ca4273220279b2fed32c8db222f2
SHA512 11b82598c09fc4a789735f997ee638bfcc4793e0aa22ebf18214918e7ebdef701537b5fd2042dd264a6057a95896f7ea1f91b61d9a8a5cb8e8325315e9a96001

/data/data/com.qingshu520.chat/lib-main/dso_manifest

MD5 c06857e9ea338f3f3a24bb78f8fbdf6f
SHA1 c5a0a2529d2deb60fec041b4fbd722a2ebe31702
SHA256 957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027
SHA512 29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

/data/user/0/com.qingshu520.chat/files/beacon/comp/1.jar

MD5 400bed053ad682fd97b6b6c29ca56850
SHA1 6510943291adc21449784053910d1c6b3b6ac25c
SHA256 2d6b9d05d52ac688020ab87693a919766d3bf297206c73414e265e9fec20bde0
SHA512 0aefd2f3364f92c69e9421c0c072c61e5d3eb786cec7ac4bb6229af24374153f73fec537bc61ad16c838f489179c1d217ff40518832f9ffe5d9ce5c62ae31dde

/data/data/com.qingshu520.chat/lib-main/dso_state

MD5 55a54008ad1ba589aa210d2629c1df41
SHA1 bf8b4530d8d246dd74ac53a13471bba17941dff7
SHA256 4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a
SHA512 7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

/data/user/0/com.qingshu520.chat/files/beacon/comp/9.jar

MD5 2107c300b3b0233ed34d07baedb7f239
SHA1 0f43487085a81ec035af5f5534f0ba36c7eebc90
SHA256 47a25b67b95adc93403e37577e8f8d366ba935724ceb0aa3c02930f69748a55f
SHA512 d9be4b41b1e1a8e507f3146b44b5e05e1c96a67f79c61083e2736c486f1ba9fa61839216c47de656e65f5f597adb659982239a5d49887ca8dd566542c2a999a5

/data/user/0/com.qingshu520.chat/files/beacon/comp/21.jar

MD5 95fd429692f1c425d2ba645bf8aecfd0
SHA1 9deceeda826681da904e5072354e29f10e2ca0c1
SHA256 f739e9eda14c551de612e4d796bbf66259c46a0fd436ca9cfcd22502c52be3f6
SHA512 51c1bf3723a9f80b607cf9ae67fbc46af4688fd8eb55b679c90a36fcdc54f16c14119fbb54026f59c528f6cfc2fcf13313173591065fbd21042923cdc8631ebd

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-18 08:23

Reported

2024-05-18 08:23

Platform

android-x86-arm-20240514-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.200.14:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-05-18 08:23

Reported

2024-05-18 08:23

Platform

android-x64-arm64-20240514-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-05-18 08:23

Reported

2024-05-18 08:23

Platform

android-x86-arm-20240514-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 216.58.213.3:443 tcp
GB 142.250.200.14:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-05-18 08:23

Reported

2024-05-18 08:23

Platform

android-x64-20240514-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-05-18 08:23

Reported

2024-05-18 08:23

Platform

android-x64-20240514-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-05-18 08:23

Reported

2024-05-18 08:24

Platform

android-x64-20240514-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-05-18 08:23

Reported

2024-05-18 08:23

Platform

android-x64-arm64-20240514-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-05-18 08:23

Reported

2024-05-18 08:23

Platform

android-x86-arm-20240514-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A