Analysis Overview
score
10/10
Threat Level: Known bad
The file https://acortarlink%2ecl/f0d4k was found to be: Known bad.
Malicious Activity Summary
Checks CPU information
Checks memory information
Reads the content of photos stored on the user's device.
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-29 23:10
Signatures
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-29 23:10
Reported
2024-05-29 23:13
Platform
android-x64-20240514-en
Max time kernel
179s
Max time network
154s
Command Line
com.android.chrome
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Reads the content of photos stored on the user's device.
| Description | Indicator | Process | Target |
| URI accessed for read | content://media/external/images/media | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | acortarlink.cl | udp |
| US | 104.21.7.231:443 | acortarlink.cl | tcp |
| US | 104.21.7.231:443 | acortarlink.cl | tcp |
| US | 1.1.1.1:53 | safebrowsing.googleapis.com | udp |
| GB | 172.217.169.10:443 | safebrowsing.googleapis.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.169.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | affizer.g2afse.com | udp |
| NL | 34.91.226.152:443 | affizer.g2afse.com | tcp |
| US | 1.1.1.1:53 | jwqade.lmpresslvedate.com | udp |
| IE | 52.19.101.114:443 | jwqade.lmpresslvedate.com | tcp |
| US | 1.1.1.1:53 | cdn-dimi.akamaized.net | udp |
| GB | 104.86.110.153:443 | cdn-dimi.akamaized.net | tcp |
| GB | 104.86.110.153:443 | cdn-dimi.akamaized.net | tcp |
| GB | 104.86.110.153:443 | cdn-dimi.akamaized.net | tcp |
| GB | 104.86.110.153:443 | cdn-dimi.akamaized.net | tcp |
| GB | 104.86.110.153:443 | cdn-dimi.akamaized.net | tcp |
| GB | 104.86.110.153:443 | cdn-dimi.akamaized.net | tcp |
| GB | 104.86.110.153:443 | cdn-dimi.akamaized.net | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.212.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| GB | 172.217.169.14:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | kldxhxjgh | udp |
| US | 1.1.1.1:53 | idxdrsjcxjmpwp | udp |
| US | 1.1.1.1:53 | bsyrqfmnxlzkxxu | udp |
| GB | 142.250.200.46:443 | tcp | |
| GB | 172.217.16.226:443 | tcp | |
| GB | 216.58.204.68:443 | tcp | |
| GB | 216.58.204.68:443 | tcp |
Files
files/dom-0.html
| MD5 | d4c668c2038cfef029a7c2cad71052e7 |
| SHA1 | 76eaea27720929198c954beb4c2345b09f19c34a |
| SHA256 | b0bb9d1004f4b1f5fe7e0805a3fc38dcb48d4da356438c941737eb4979cfd25e |
| SHA512 | 1e17a4d1975816c071908f34540e29735da9b4cacfcea3689d233edc1f0abcc7a2f5780fe2173aea8600deb74587b4dec1232951617d6e912bd804548d516d6c |