Malware Analysis Report

2025-01-19 05:01

Sample ID 240606-bctx5sdc3x
Target 99abbda11ec5969113bbe95637096f8e_JaffaCakes118
SHA256 da685282a15b8481cc7a8e8924f350830f3f197d208acfeed67dc0c4c7c5f708
Tags
collection discovery evasion persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

da685282a15b8481cc7a8e8924f350830f3f197d208acfeed67dc0c4c7c5f708

Threat Level: Likely malicious

The file 99abbda11ec5969113bbe95637096f8e_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

collection discovery evasion persistence

Checks if the Android device is rooted.

Loads dropped Dex/Jar

Queries information about the current nearby Wi-Fi networks

Requests cell location

Queries information about running processes on the device

Requests dangerous framework permissions

Queries information about active data network

Queries information about the current Wi-Fi connection

Listens for changes in the sensor environment (might be used to detect emulation)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-06 01:00

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to collect component usage statistics. android.permission.PACKAGE_USAGE_STATS N/A N/A
Allows an instant app to create foreground services. android.permission.INSTANT_APP_FOREGROUND_SERVICE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-06 01:00

Reported

2024-06-06 01:03

Platform

android-x86-arm-20240603-en

Max time kernel

11s

Max time network

168s

Command Line

com.lushi.zhuanbao

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A
N/A /system/xbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/data/com.lushi.zhuanbao/.jiagu/classes.dex N/A N/A
N/A /data/data/com.lushi.zhuanbao/.jiagu/classes.dex!classes2.dex N/A N/A
N/A /data/data/com.lushi.zhuanbao/.jiagu/classes.dex!classes3.dex N/A N/A
N/A /data/data/com.lushi.zhuanbao/.jiagu/tmp.dex N/A N/A
N/A /data/data/com.lushi.zhuanbao/.jiagu/tmp.dex N/A N/A
N/A Anonymous-DexFile@0xd576e000-0xd577a338 N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Requests cell location

collection discovery evasion
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Listens for changes in the sensor environment (might be used to detect emulation)

evasion
Description Indicator Process Target
Framework API call android.hardware.SensorManager.registerListener N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Processes

com.lushi.zhuanbao

getprop ro.build.version.emui

ls /sys/class/thermal

ls /

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 dig.bdurl.net udp
US 1.1.1.1:53 sf3-ttcdn-tos.pstatp.com udp
CN 139.224.56.191:443 dig.bdurl.net tcp
US 1.1.1.1:53 is.snssdk.com udp
US 163.181.154.235:443 sf3-ttcdn-tos.pstatp.com tcp
US 1.1.1.1:53 mhtj.baomihua.com udp
SG 103.136.221.67:443 is.snssdk.com tcp
US 1.1.1.1:53 mhtj.baomihua.com udp
US 1.1.1.1:53 mhtj.baomihua.com udp
US 1.1.1.1:53 game.lushihudong.com udp
US 1.1.1.1:53 a.tn990.com udp
US 1.1.1.1:53 mhtj.baomihua.com udp
US 1.1.1.1:53 sf3-fe-tos.pglstatp-toutiao.com udp
CN 139.196.208.61:443 dig.bdurl.net tcp
CN 119.23.61.87:80 game.lushihudong.com tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 163.181.154.237:443 sf3-fe-tos.pglstatp-toutiao.com tcp
CN 119.23.61.87:80 game.lushihudong.com tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
CN 119.23.61.87:80 game.lushihudong.com tcp
US 1.1.1.1:53 dm.toutiao.com udp
US 1.1.1.1:53 plbslog.umeng.com udp
GB 79.133.176.222:443 dm.toutiao.com tcp
CN 36.156.202.78:443 plbslog.umeng.com tcp
CN 101.132.170.46:443 dig.bdurl.net tcp
US 1.1.1.1:53 dm.bytedance.com udp
US 163.181.154.231:443 dm.bytedance.com tcp
US 1.1.1.1:53 dm.pstatp.com udp
US 163.181.154.237:443 dm.pstatp.com tcp
US 163.181.154.237:443 dm.pstatp.com tcp
US 163.181.154.237:443 dm.pstatp.com tcp
GB 172.217.169.74:443 semanticlocation-pa.googleapis.com tcp

Files

/data/data/com.lushi.zhuanbao/.jiagu/libjiagu.so

MD5 98736de515958ae37ae93a0a0e997098
SHA1 72d0f9d43f7c9bdc9f19d13834c0872f5652c0f9
SHA256 335091dfc73a9f792cb720389c5d94eb6642764a38d70d4b6b7a8afd34038421
SHA512 cc4974ce398bf7f4a20160ad30e4c4b5821ff0d7f2cc9fa0aead73ddc036585266edf429add276b53d6db8dd24a344d709469b9c839451deead6b621e70c92cf

/data/data/com.lushi.zhuanbao/.jiagu/classes.dex

MD5 9c033bd10b44e5d5131977e80ecafc1b
SHA1 77a150c14bb65f172c5df57b4b303524a9d4ffe8
SHA256 b0d84fc74b15d0726030b79fe0b72c02515c3f4098d4947ef6aa86cbc4c324da
SHA512 e0dd9ea7c661f965e641085d90b88f0548e4751161740d60f212ac57745088eb09b19c45255b517a3436308632605ed5dcf9553f658189e304f88eb272404b49

/data/data/com.lushi.zhuanbao/.jiagu/classes.dex!classes2.dex

MD5 7a640e93fe289fda6a4b087a1924de12
SHA1 440183491f1f3f644c755cd38ca7f1e04e00462b
SHA256 1589c969ba5be207938c9483fcbccc27a660f29a56d904753a05f0a134158a4d
SHA512 315d58dc78ceee663f64ac7f312cf505d3b318c197aa190061d6b7cf067a39cd820ce921b91f257504f7407b649808e29106005cadfbe6a513a30ca4674bea4b

/data/data/com.lushi.zhuanbao/.jiagu/classes.dex!classes3.dex

MD5 e3cca5affb2b13e55b7bb73c397b11d3
SHA1 25110f9caf2ad6bc62bdafdb4e3b70cd93396d23
SHA256 10dc27451938c6a4ff8874099824dee1ed9dc23c74cae0924da7f39ccc8c554f
SHA512 917425ed6e8ac57037867b98f93d786b1162806ed18765b20673103471d6eae331840ff5e81f5d3ff166fd488b57947e345f5cafca16b4f63b5694d23e5efcfc

/data/data/com.lushi.zhuanbao/.jiagu/tmp.dex

MD5 f1771b68f5f9b168b79ff59ae2daabe4
SHA1 0df6a835559f5c99670214a12700e7d8c28e5a42
SHA256 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939
SHA512 dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ri

MD5 977618bbab25ba4d306e84ad7d27ff38
SHA1 7d829827b9bdc68bd397ae04d289af7c10d2a6ad
SHA256 7dfd35c2b1dca04d7df9b2a616b13f256b378e673998aaf4aa14208a7d0e7aed
SHA512 fc2d72eea5ab72a731ebca308f052ae3c4dfe66dd13241611af72a7632f4cf4283a96a755a945c1f9def64c5309609fbbfda2aaae3f8726705c22d0ba09a59a3

/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ri

MD5 82d871d7a78c67f431d78f17ea1bfc55
SHA1 d8879c4900b86ff9ec63d82925f625a7eb9dd266
SHA256 e8e4af5843005c876db22518d188220f67090c187d6b9ab5b0fc57317c654cb8
SHA512 e20f92d4724464582559f80bc8c9180d4371d3cce5764637d9991cfe97e882c12bae8296d5d6eb373e332f5551ef7759380b9781242e5a86477d7fbcd49f7b1a

/data/data/com.lushi.zhuanbao/files/.jiagu.lock

MD5 4580857b58fc139f1391f1009170133d
SHA1 bb8ad40af33b3151c6154cac2331ff11953ca441
SHA256 202016a119f12a7809be623c747a0063a1dcbfd8c06d695f9e3f6ba4e34683bd
SHA512 e4f47857cddcc6b0f4af228209c0381f19852e7b02531084e9082676e242217b6d49fd7e697dd3c920c7a8c76ba8745b98cbfb108c4be798de7e80ea8e3d2991

/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.rd

MD5 1d2ea4b5d937561a94a9a3a39976081a
SHA1 6e745905dd297b4ac6b2d423777e84cba406bfa9
SHA256 472d7e167a6f26d7223a7ff84053df9b1d083484ba1299223551bccb31ad7537
SHA512 109deed33298ff01e28dc7d44c04eca3dfbc94c1a7ed034920c60be4ab543f501485f65e9a963857b3480cb85191ca6714a8c94c5f7a619733f9e1e1e99fb224

/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.store.report_cf

MD5 5007307710aa02ef54e9c52620567eff
SHA1 e2c9146571581a3cd686689818e1b00a14d61c32
SHA256 8f7bb88998b3e94f74ee7e3b2fcb85b218fc76dae157dbdf351c0f6345a10c88
SHA512 6f456322312bf236786b003fba4c2580aaf93569f17d985b57a1486f90cff86ebba708f8c8edabaca82b48425ae07a5dc702d2859af7dcd6921fbe577c2f0d6e

/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.store.report_pid

MD5 ef5deb235397f07548506e64c37f7677
SHA1 00b24a7cb177ba9db01d6636058c72477f0bd7b9
SHA256 af7b021d73886155de7f474f254874043c81cbe14983c6340dee71714ac23cba
SHA512 76ea307987f6e0c8c9a03bdea8a32c9b93f44f6a8de6891aa6ffb3e3a4590d6ded4ebffdc98c3fae2edca7e1ababd44d5dba5996a19d7e60125fd6c28f673be9

/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ri

MD5 2761c6bf49eac0c9c610b440b3536de6
SHA1 cf2b8f1b4cf4b18ff7d0893186315d030fa6af39
SHA256 ec600305deffe07d086eb66eb4984ae681f0b1e84366cbda3f3cd075c4008d32
SHA512 cfc63564b5f2f5708cad9472b0ee24d63a7a3f24b4a40385d9a4e74b9cfe5e074171c3d155ab8c36b433eee1c1705c61cc8ab67aadf4f5ec4796df5294cba0ca

/data/data/com.lushi.zhuanbao/.00000000000/37CF018B.dex

MD5 75d46252620a12dd7343e91c8ba209bb
SHA1 6615b67e21963e5689685f8494f442dcd729d4d1
SHA256 c433c8e3f847da2b98ee8b704ea3b7d0f38d6249626dfe26a22bef0c08e5fa71
SHA512 9ae5f0ae0a77bc8c9a27a43252ba01d4bbb69a326eb028d2e887d701b202b66a7065765f2f0214d2b0701493634ff33c2104becdb80bf7e8c2657175857b7af8

/data/data/com.lushi.zhuanbao/.00000000000/37CF018B.dex

MD5 4e93a7a07efedcc6e3c741526d2d89a7
SHA1 e25833d7a51783c17978a7c5e7953d7cf1df80f5
SHA256 26fd97dcb56a0ae4ffee7b9514cb697de101ad39e3b2af2933b1eadf409b740e
SHA512 94a5e0b50c0efc69b79fe9b46513537b798a45d00234a7fe1c529e7d5eb153704ec9966a0e0819983f726260579707d7b82e7b31f845fa7602e06c078b98319f

/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.pk.h

MD5 678d244849ea46b0e5e7ad988a147ef6
SHA1 38f14e5f8f54898430708498a61f83d137626e75
SHA256 8384b8c5a2aa1a042b8bc6dc8fa6da78260ecefda622c520bdcfc765142e6314
SHA512 11f8772a9f83d34789dcc45b27f021b57be73ad58daa92257a131979d9df7cd95303aff24292b6b8a469a50483d0973691228271a57b6c1d31b03fda162f68b5

/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.pk

MD5 7185cffb69741d6fc9101133221a287c
SHA1 c1f4fbde37dd4ae43c7f8b50c5cc079f4bc51f0f
SHA256 a7dda74b143acfce1a566911a709d137d0118dfca53b03375cad84ed90d3631a
SHA512 eea9e239065ae3965f8e4c531f189934563ee06692fd2ac8c82dc348069be784961b33bb7432c75715814ed92e04202cbd8b7194497b9f7ed6d2ef35ca0c9ae2

/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ac

MD5 b9c64f04129ffc89111b5e5d879dc0d3
SHA1 7fd48d28f8720e82108283d95d14b277731825a1
SHA256 9261dcf52bcb9f2c8cbeebdb93f6f6d1ccecf1da6a5600d06afd3c78003ad89f
SHA512 1c3c28f3939fdfb3a06729c5d9d77f1c7a58b8850abbdbf89ac2eaedebcccbef5db1804ac07ad56224f9e060b2f2eb7e90bf7b450b89bd4bfa939646237ec9e4

/data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ic

MD5 c45c23630cfcf468ad03b4e9877aa5f2
SHA1 cf30d569f48cdca48b50e4081915ea9fb9afe1a5
SHA256 db2142b77a6511c1f110f2e65c5b13e8456309d106e33b99ad7a7e3eb2f9fdc6
SHA512 a17cb02f69eb27f0ff3215380b398f8f16c8f3ea9fb787a5004ab6fcd0263fcf819f8e8fb19e8d529fcadc57b190f0191ff1c3ae4da5ed03316c29a5bc63dee2

/storage/emulated/0/com.lushi.zhuanbao/config/5ac714da7be6d534dd74c84a097f98e0

MD5 a376113c0d0b9abff1dab8a18ffcc64f
SHA1 8d2ae39484ed87ab9bc1da73a0b301d4ccbb312f
SHA256 097d02f9eb6d41e9de17c5afd81b20cb6ce1308243bff6e99bd3668bbfe30e86
SHA512 7cad3278f53dc7dfe23408544f655c5ad59bf2c93c0b023ac4348818115b984ba26a8e975792d90ac64da9385fc5af31c8495be3c4738c9018e0766abeb14465

/data/data/com.lushi.zhuanbao/databases/npth_log.db-journal

MD5 cf4139bc4f17701ab1d6c65e8cd3d482
SHA1 2c0e9c210ff7bf587b2ecb3fbed32f079e59a633
SHA256 57e930bde1ee50df00f027a609c527411749548aa3bc71b25183eb65779cea76
SHA512 93aa11911fb57fbaaa0d135a88b58915f48c30bd954e56a51c1cb01acba6e27703cd2f197fff2611de2aac2b6b709977b4b293b576fb4fa21385b15af16f4f5b

/data/data/com.lushi.zhuanbao/databases/npth_log.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.lushi.zhuanbao/databases/npth_log.db-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/data/data/com.lushi.zhuanbao/databases/npth_log.db-wal

MD5 5d0c6f958673773cad3395ea2a4d996f
SHA1 fdb02c74808e295c5fec3cc6fd4ce02bf1e3c6f7
SHA256 94f16ac6f30c82a09824bdc7e7bd6b53dc10380519ba150cd0cfc8ea7754a232
SHA512 25840e587bf75bf0b08cb61c066932a88b50d44f5ed52159597775175dc3f8d6d69f930796e0944b9a184ff0382e961b207b347b2e942a3d59df8e9c8a8744c0

/storage/emulated/0/Android/data/com.snssdk.api/cache/clientudid.dat

MD5 6a4926be795877132ddda663525daec2
SHA1 021eadacda0f6fd359756b90339a95c49c1f1318
SHA256 63f81a29171c83ad99c2cccbc00b3910252b12ada8daa9f1da6854db2ba54611
SHA512 76e663d69b0b8d5f279c4082d3b5f5c4e7dcd2bce60c73f3e4e917e4e3caf184bfae36c88880df197d121f6c6442dcb22656a0021d534a902151bbae595440c7

/data/data/com.lushi.zhuanbao/databases/bytedance_downloader.db-journal

MD5 2e63f04c03c15efea28d88875f219e09
SHA1 543578e4928b3e7c9be3a93cce5b6afa1506f4e7
SHA256 fb23044592300dc63df84f4ba7fac4d4b99e03c5776f8805f8a6ede0019345c5
SHA512 fa97b8e9f24c462b1a270b8530c32187f540bbf53c99e62fca78dd75bd1b98c47674d3512596a5eef87356e4f3d229fe78bc71aecd5ccf0c2811ffdbdbe76767

/data/data/com.lushi.zhuanbao/databases/ttopensdk.db-journal

MD5 9e20ee865ab19730df372be7a8bb726c
SHA1 8cd15f0dc87ac539000baadb3bcf0041926a27c4
SHA256 7c0c860ffb31f2ed0d0af15c15bb3f1156afc87ecd6d5649b322687f86efd323
SHA512 00ad1570a3941472461222926cf4606de3614ed3be6ecb239532f9250c663439a195fb286c77b393104684f333c3e16ff0ec76497774d320dabbeabcb89ef708

/data/data/com.lushi.zhuanbao/databases/bytedance_downloader.db-wal

MD5 f04a96bc546901590168a2e36f52cd5f
SHA1 7a656c0fe074ef016118618bc97771ced9403b63
SHA256 9c8b67ae31c231846f97dffc79c40c3e75b7c236d40beec7a6caea32ad65508c
SHA512 d3a871c80982fd728d08bdd7868ca79193f261916978c684aea889e818714c7e7163ba48b38f1fac1f4daab4bd706b8fbfe3f2f22a46b0996c513db2ce815d3f

/data/data/com.lushi.zhuanbao/databases/ttopensdk.db-wal

MD5 b664a2e26b546a4efdf4fa3778f8eb3e
SHA1 f37c9ea1bd39bfabbaa8cfe4fc6c70f117307568
SHA256 894019b371b3a48a012e92ad73d90c0ed9613e7170f4eb568c7ffbb7dc3d4fff
SHA512 801e3e30c532f386319679ffb9ee12475f057f9103701a56f8df193ebf3bd56ad915d797df8cd2eebd8e889ba1e3f21daef003eae6dc98f08e89a9998a352147

/data/data/com.lushi.zhuanbao/app_crashrecord/1004

MD5 df010706abdbce9e452947d776d517ed
SHA1 1c0106bafddf5623ba7902e1de95ae1c6193eaf2
SHA256 f8b73716dd1650625df60df5126a1a837a9838f9e6337de8fbae0608bd79a09f
SHA512 389d54888418844784cb63ce3492c7244f804c60ef93c82d60d2728540c232df6ecd0ce616027ee21563e48587a087f6c4174994062ed907bdaa75d184a0d818

/data/data/com.lushi.zhuanbao/databases/bugly_db_-journal

MD5 cb57ed3c4e0b32bcd0310f8fbdcb3261
SHA1 de5d6cdb5f3c20de465f447acad64460706c0572
SHA256 e249f811f9b64df3ac8f96e2370dc86979f41b93e81d4569b3e9f8f630f96635
SHA512 a59c241fc3adf571cc98c173a01c7974b4c8727c3f368408bbec64278c06ed13b83813b086e696fcf5252d9cbf76703843754fb7936f3376ef6f70e5849733e5

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-06 01:00

Reported

2024-06-06 01:00

Platform

android-33-x64-arm64-20240603-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.187.228:443 udp
GB 142.250.187.228:443 udp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-06 01:00

Reported

2024-06-06 01:00

Platform

android-x86-arm-20240603-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A