Malware Analysis Report

2025-01-19 05:01

Sample ID 240605-1b834sag66
Target 994da87c4a7b6e309da1cd7dbb23106d_JaffaCakes118
SHA256 084ae4bd9bb3f61ef085275751820553d0f3c56b3898bbdb9c30aac908657570
Tags
collection discovery evasion impact persistence trojan
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

084ae4bd9bb3f61ef085275751820553d0f3c56b3898bbdb9c30aac908657570

Threat Level: Shows suspicious behavior

The file 994da87c4a7b6e309da1cd7dbb23106d_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary

collection discovery evasion impact persistence trojan

Reads the content of the SMS messages.

Loads dropped Dex/Jar

Queries information about running processes on the device

Reads the content of SMS inbox messages.

Queries information about active data network

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Queries information about the current Wi-Fi connection

Requests dangerous framework permissions

Aborts a broadcast (usually for hiding system events from other apps)

Uses Crypto APIs (Might try to encrypt user data)

Checks CPU information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-05 21:33

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-05 21:29

Reported

2024-06-05 21:36

Platform

android-x86-arm-20240603-en

Max time kernel

179s

Max time network

149s

Command Line

net.mobileprince.cc

Signatures

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/net.mobileprince.cc/app_push_lib/plugin-deploy.jar N/A N/A
N/A /data/user/0/net.mobileprince.cc/app_push_lib/plugin-deploy.jar N/A N/A
N/A /data/user/0/net.mobileprince.cc/app_push_lib/plugin-deploy.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Reads the content of SMS inbox messages.

collection
Description Indicator Process Target
URI accessed for read content://sms/inbox N/A N/A

Reads the content of the SMS messages.

collection
Description Indicator Process Target
URI accessed for read content://sms/ N/A N/A

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A alog.umeng.com N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Aborts a broadcast (usually for hiding system events from other apps)

trojan persistence
Description Indicator Process Target
Framework API call android.content.BroadcastReceiver.abortBroadcast N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Processes

net.mobileprince.cc

net.mobileprince.cc:sms

net.mobileprince.cc:bdservice_v1

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 oc.umeng.com udp
US 1.1.1.1:53 adwin.sinaapp.com udp
CN 59.82.23.79:80 oc.umeng.com tcp
US 1.1.1.1:53 alog.umeng.com udp
SG 47.246.109.109:80 alog.umeng.com tcp
US 1.1.1.1:53 kakalicai.sinaapp.com udp
US 1.1.1.1:53 wap.boc.cn udp
CN 124.74.250.50:80 wap.boc.cn tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
US 1.1.1.1:53 oc.umeng.co udp
US 1.1.1.1:53 kakacpa.sinaapp.com udp
US 1.1.1.1:53 taotaotao.sinaapp.com udp
CN 124.74.250.50:80 wap.boc.cn tcp
US 1.1.1.1:53 feedback.umeng.com udp
SG 47.246.109.109:80 alog.umeng.com tcp
SG 47.246.109.109:80 alog.umeng.com tcp
GB 216.58.201.110:443 tcp
GB 142.250.187.194:443 tcp

Files

/data/data/net.mobileprince.cc/app_push_lib/plugin-deploy.jar

MD5 9f4bbcd28bcd69e8bc4ce666a14ab362
SHA1 0919eb3d9a4cc4dc494a9ba983120d50caee373a
SHA256 9936759227ab2008f8fc16cc08b04b3a8e394260dbb6f75f176457d2b0539c1c
SHA512 2c40138dc94f1b0483f0c7203c9e7c29118f21b475bfea875a1214feb2b9e79e75243a45dfcfe431065c9e9a9cfaaa43b152c68cd8e372b31e6a31eb3bc77487

/data/data/net.mobileprince.cc/app_push_lib/plugin-deploy.key

MD5 d3001a1b8da0dc42f94a45c39ae4f021
SHA1 0141d205796dabed7dcfe324bdfc6722d4e5f241
SHA256 619b965749636de45a445c92f7dfcf6f656dc9de5980e208a29eeef0ba5f2429
SHA512 70eb4c49b0518b09c7c10130c87cc8a14ff6674edca7d292d87158580d9cbd22afb7d8afc7d43217ab4c5e2e3c6a29fe6447d936f102192db726de0ea5e4247d

/data/user/0/net.mobileprince.cc/app_push_lib/plugin-deploy.jar

MD5 0ac692d8374b33035bbe13c7836a9936
SHA1 2f584aaf1d5f9626c3da791df7f047ad4eb3fcda
SHA256 efdefd62731539b11dbdf7a091ef8fbc642a807a09845960b14796d5b083586a
SHA512 3cd99d42a6dcc0ae3ed47308f71801a8665a373adc1ff51ff67fe290ea2afdf78753476b4bd4679328ee4daebe2525fb1f43a5184b01f49ec90de81eb761c2b4

/data/data/net.mobileprince.cc/databases/CCM_test_db

MD5 102397da1dd2eb2d99ff596659193a69
SHA1 9dcc326d99554ad27de749a3b6d3f0e109e7e97f
SHA256 c4a704170ae9463e170c1745ecee91c16894103cf426d0e77755d1e20975e4cc
SHA512 12b4856bdc3a5d4cb8eff460c5cdf2b4d6b1d5e4b2048379906aa7b1412ad36ad20d6931be000f349673cde7b6faf11c55bf1d054b64c69e9723c801a712b5fd

/data/data/net.mobileprince.cc/databases/CCM_test_db-journal

MD5 ad7f1fc5f520b17a700da3dc79935331
SHA1 193c1b8bc8bec81fcd298368848aa5f807c1d312
SHA256 fd52f0435e1f3fc44d0d8f0fc100a3fc99037c56a896d53a15c4f9ccc5eb5ea5
SHA512 041229565bc988a02f350ee62e781dadcadcbe6be8a5edfb8f6c44c40eb4a168d203352620b4cb4ece84002b5e5376a0cfb07b21a8cc472b11f3dc3259fbc810

/data/data/net.mobileprince.cc/databases/CCM_test_db

MD5 5ff23d546b4eb1dc4fa254ef23e51949
SHA1 4e119018cb5b2025db905bda14503d1ccbb3e2fd
SHA256 143fbf701744d121adbc7e0d1a4ad79c674925a11aa002f0383dec222b3ada62
SHA512 f5423925e4907623436b2661b50237b13576ed2ace58ed1dab427e5fa5418259940f4e4d7988f1cd882a1157eb857695024aed84aaeeb4da0769508d18288efe

/data/data/net.mobileprince.cc/databases/CCM_test_db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/storage/emulated/0/baidu/.cuid

MD5 881afdeb18f7c99a648570c85be48d6b
SHA1 f74eeaed34e157d04c5ea3d69141d45b05e2be5c
SHA256 ed50cc61e65270b0eff53e22591ba984c023481dd12c8d4ae451b54e74204057
SHA512 84ae13dd49cd5015bfa61d2d245b412d087dc15b96e38749259c10d719e35faca077d423bb4b7ef860b1af1dda9f3faa232725307d13765715dc7ae16c51839a

/storage/emulated/0/baidu/pushservice/database/storage/emulated/0/baidu/pushservice/database/pushstat.db-journal

MD5 b6780883eb305bfb4e138ed417d6f18b
SHA1 dcda9b0459cb871069e15404a13f550a958e3efd
SHA256 d70c30586c7b744a7fb99fa39724abf5079b5448eb8a27b426c6ee9baca492e3
SHA512 725f2cdc7d02874cc309951116ae8a2755104a47b56edb8bd20811fe1f27c7d8beed0c9cccc754444714271ec5dda6a6c87add05800341ff089363e3cbbb92f0

/storage/emulated/0/baidu/pushservice/database/storage/emulated/0/baidu/pushservice/database/pushstat.db

MD5 d823c6b85e8e56352e6422fea5b8dd6a
SHA1 ca54c48e496360ee30e059f55f5c4ad78a79c69e
SHA256 08e828545972832ec3a2ef8e7bee2cea1c93989073c366307e31a3f5b5258ef8
SHA512 3711df5d30f66f2faae3061c100318cdb28dfc7cfd8123690d33223f6534426f0f97e3aa10105128f9b1abfa15703660fb20a49e27962b79a61a64f688ee2b7d

/storage/emulated/0/baidu/pushservice/database/storage/emulated/0/baidu/pushservice/database/pushstat.db-wal

MD5 7c7779a3ad8a73d8cfee04a71cb76529
SHA1 8bafae1dfa4f7f75a92c3e45b1e89cb328b1b733
SHA256 7c7f5103421a19bef32820c40a3cac5e4b09556c645f1d23f63c34df53468617
SHA512 b9200b8a75301fadacb14aabf2808af467407087ffa71b206d09fb029a279f5b4e5ea0795332e48c7145347cb830aaa019a508ed865c4b9c1e84507421635f20

/data/data/net.mobileprince.cc/files/INSTALLATION

MD5 1a50bcad14eab8f38b3e6a4fa5c8f291
SHA1 c510a453c8196427353a2f778960617cbf29062b
SHA256 00634bcdd7c3ffd4efc52d6ab32f2703af7b76588a4c056517199efcb1ef0d7b
SHA512 f7aeb3b60e86c315f914c2afa1d3de2c8063ab7c8fc8bccd298f94eeae99d7e2248aa06609203e30927a5282d2aaf8b2ba06645714c35b5a40aa54c7a0317e52

/data/data/net.mobileprince.cc/databases/CCM_test_db-wal

MD5 b6a88a9f73720bce60e07f871bf9bd70
SHA1 4ec1c1e2d41c6ed80a4010fd3ac2e9f664f446d9
SHA256 096899270b522ca668a47db1ba0a9d36445c83b9abdb7f573d180dff48e2f589
SHA512 d0fb260753e850713457ccf52f87fc21458495a79201fd1946b7bcd3108e63747f9542f1fa1e99e0d6614fc3df7d426b722673e3bac9b0483fd9118b4e1a7725

/data/data/net.mobileprince.cc/app_push_lib/oat/plugin-deploy.jar.cur.prof

MD5 82b7619608c6a285cc943cad1a489bc3
SHA1 4d9a1767c3fe83a45a137c4ea076746f22f9b7f9
SHA256 7eeb95602dd6519b4a79d7a1e0411f1b95172f5e67dd4ba24d322756848191cf
SHA512 5e8296baa44f19894d39638d3efc368f7afe493df6559f67956424f6ce666406e4768a5bbca83a27053afe80e25e8cab43d49466933ed08938a1ead1958b3805

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-05 21:29

Reported

2024-06-05 21:36

Platform

android-x64-arm64-20240603-en

Max time kernel

179s

Max time network

187s

Command Line

net.mobileprince.cc

Signatures

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/net.mobileprince.cc/app_push_lib/plugin-deploy.jar N/A N/A
N/A /data/user/0/net.mobileprince.cc/app_push_lib/plugin-deploy.jar N/A N/A
N/A /data/user/0/net.mobileprince.cc/app_push_lib/plugin-deploy.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Reads the content of SMS inbox messages.

collection
Description Indicator Process Target
URI accessed for read content://sms/inbox N/A N/A

Reads the content of the SMS messages.

collection
Description Indicator Process Target
URI accessed for read content://sms/ N/A N/A

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A alog.umeng.com N/A N/A
N/A alog.umeng.com N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Aborts a broadcast (usually for hiding system events from other apps)

trojan persistence
Description Indicator Process Target
Framework API call android.content.BroadcastReceiver.abortBroadcast N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Processes

net.mobileprince.cc

net.mobileprince.cc:sms

net.mobileprince.cc:bdservice_v1

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp
GB 142.250.200.10:443 tcp
GB 142.250.200.10:443 tcp
US 1.1.1.1:53 adwin.sinaapp.com udp
US 1.1.1.1:53 oc.umeng.com udp
CN 59.82.23.79:80 oc.umeng.com tcp
US 1.1.1.1:53 alog.umeng.com udp
US 1.1.1.1:53 kakalicai.sinaapp.com udp
CN 223.109.148.177:80 alog.umeng.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.40:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 wap.boc.cn udp
CN 124.74.250.50:80 wap.boc.cn tcp
US 1.1.1.1:53 oc.umeng.co udp
CN 223.109.148.130:80 alog.umeng.com tcp
US 1.1.1.1:53 kakacpa.sinaapp.com udp
US 1.1.1.1:53 taotaotao.sinaapp.com udp
CN 124.74.250.50:80 wap.boc.cn tcp
US 1.1.1.1:53 feedback.umeng.com udp
CN 223.109.148.178:80 alog.umeng.com tcp
CN 223.109.148.141:80 alog.umeng.com tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp
CN 223.109.148.179:80 alog.umeng.com tcp
CN 223.109.148.176:80 alog.umeng.com tcp
US 1.1.1.1:53 alog.umeng.co udp
CN 223.109.148.177:80 alog.umeng.com tcp
CN 223.109.148.130:80 alog.umeng.com tcp
CN 223.109.148.178:80 alog.umeng.com tcp
CN 223.109.148.141:80 alog.umeng.com tcp
CN 223.109.148.179:80 alog.umeng.com tcp
CN 223.109.148.176:80 alog.umeng.com tcp
US 1.1.1.1:53 alog.umeng.com udp
CN 223.109.148.177:80 alog.umeng.com tcp
CN 223.109.148.141:80 alog.umeng.com tcp
CN 223.109.148.179:80 alog.umeng.com tcp
CN 223.109.148.176:80 alog.umeng.com tcp
CN 223.109.148.130:80 alog.umeng.com tcp
CN 223.109.148.178:80 alog.umeng.com tcp

Files

/data/user/0/net.mobileprince.cc/app_push_lib/plugin-deploy.jar

MD5 234b115a65612023cc97a860df69f40f
SHA1 15114f01560976ff5aee4db7ac63f833671cba91
SHA256 6c692ead0ce36c10d644002d5120abe7267eb8ef4ec4f3cb43162d473515b3da
SHA512 18ffbe87987298cf8a9f3b063829daafeb3164ba3f707b32cc136ea0d0574a01366969ca8c25d98c3f33bf6567907357b2b0724b96f2f91dc8c8c94e741c9fad

/data/user/0/net.mobileprince.cc/app_push_lib/plugin-deploy.key

MD5 414e131e976cba8481b4af76952d5903
SHA1 34d3d67193bf013e69e3d72df25a2fe9f214e55f
SHA256 cdc7dc7282f95ca4ea10838ba68088218c96bf61f4057cc121c9ff8bde5f0ff0
SHA512 163b88ebf21073ef8133959a8bb648eadf2fa688876bcebf7057d7cfd7b51ac7ffa9c2f053b37ec2a51e9894d26965c50f1f60f21a4e878855ccde6cc49a2c21

/data/user/0/net.mobileprince.cc/app_push_lib/plugin-deploy.jar

MD5 0ac692d8374b33035bbe13c7836a9936
SHA1 2f584aaf1d5f9626c3da791df7f047ad4eb3fcda
SHA256 efdefd62731539b11dbdf7a091ef8fbc642a807a09845960b14796d5b083586a
SHA512 3cd99d42a6dcc0ae3ed47308f71801a8665a373adc1ff51ff67fe290ea2afdf78753476b4bd4679328ee4daebe2525fb1f43a5184b01f49ec90de81eb761c2b4

/data/data/net.mobileprince.cc/databases/CCM_test_db

MD5 f8e08ff27d5b8d1797e06e8d29a6667c
SHA1 53ee3954b8707dafd9bdd2af5c4ceafa38687975
SHA256 1194df16477fdb2172934db6d7477476e16a1dbafdca4ac57d5c3e1dcd44b38e
SHA512 87367c8c8d4213ba6d773f780ee0d9d1d4a02dc2950ddb0ef806bd43247aa27b1ca6fe21ca35f3fbd49fe829bc29cad7685b8bfec45f5e86926b64b0271f377e

/storage/emulated/0/baidu/pushservice/database/storage/emulated/0/baidu/pushservice/database/pushstat.db-journal

MD5 3bb90d9c48bf1088332be25a45f65022
SHA1 89a56fe6f263be5cb578a0e4f45cfa97b760a754
SHA256 1dfd101612670db2b36c7388567eb1d17b1011572cd096ad9fc41c7c51b6b8c8
SHA512 28dd7e97a1f7d973fbea20549dfa1d53348916a7f2c5c9cafc6b753657d0ad49e1835386e4848730f5c5dc6cdbd464871d19d384641d88f1da27fe87dc22be8d

/storage/emulated/0/baidu/pushservice/database/storage/emulated/0/baidu/pushservice/database/pushstat.db-journal

MD5 93dff1d63644a8fa61d8c175f70e0c59
SHA1 6878dd63a26c1f99f3f127da054267d6f486ac9e
SHA256 3118db63e9b6cc1e2c28d980f9ee1c9b0a835ff7b0cbfac68b3d5b555748339b
SHA512 d1de5f24273adeaba3bcd19160295e80c2ec289842807589f1bdc3acb43270c78419252641e9e413613517a866fe059a88f11ddd91c7c05984ef22e59fef963e

/storage/emulated/0/baidu/pushservice/database/storage/emulated/0/baidu/pushservice/database/pushstat.db-journal

MD5 5eec703a1b880313da98acca918a8cae
SHA1 aa44dc16d330f5a01acce79af5b48e12bea3ede3
SHA256 63bd3edf4d129bd361407e00b0915ff85f2c061497e3750e3dce0c98de1b4b2a
SHA512 6fe125c60c8fe4c58f749f0035b4c430b3c10cfe20dc511f9a47a9b194410e052aaa01e052c4badd18f6df15562c570f41a6a76283aad4fbd6341266536c4336

/storage/emulated/0/baidu/pushservice/database/storage/emulated/0/baidu/pushservice/database/pushstat.db-journal

MD5 d0dc00a903ae31973f28da699b8a9562
SHA1 65787b8b02ce6b75d6171457d7643f315d92bb2d
SHA256 15a069e1dc5a7a29184986693559ddc17d6fd4e22781584478c47eb4535070c3
SHA512 ac7a21316b6cb7326003ae1b382de7374f8ca7c42dbcc9c5b61fb60989b74686526287e5e1b29b9474ffdcba6d6879c8370f8e63d578578dd7131fe99eb151db

/data/user/0/net.mobileprince.cc/files/mobclick_agent_cached_net.mobileprince.cc

MD5 a5762d6e8cb01f610756c540140afba2
SHA1 f492d4d1d2cc93ec42702d076d13213616153f45
SHA256 c46dacc9a97e259793f84c1d3937db5ae29fa6f5c951ee3781c342af7efd7713
SHA512 cafd74f737e1cca239fa6336a22d3ae095a268df6259fda594f0b1abc7a21bb3f4be2d3b08b7ea78ecff986690e39dadb87a733b7b816fcad02057452f779bbd

/data/user/0/net.mobileprince.cc/files/mobclick_agent_cached_net.mobileprince.cc

MD5 127ead6ab1222f29e3d237c8e53fe9db
SHA1 518b7399220c89907516820b06dd82dc16f112e5
SHA256 92189192d120c653e86866eda684502b9763c54dc35ca05e0807be4f764aa3ff
SHA512 ee6e87cbc2a09eb11b4c6c70c8c2543fca83745c55cca5aace97adc088db4a4db1ef166d1b020b07de54472138464f34b85cf63adfc172fcf528422c60cada63

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-05 21:29

Reported

2024-06-05 21:33

Platform

android-x86-arm-20240603-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-05 21:29

Reported

2024-06-05 21:33

Platform

android-x64-20240603-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-05 21:29

Reported

2024-06-05 21:33

Platform

android-x64-arm64-20240603-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A