Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file http://roblox.com was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-09 07:36
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-09 07:36
Reported
2024-06-09 07:46
Platform
android-x64-20240603-en
Max time kernel
129s
Max time network
151s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.201.106:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 74.125.71.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| US | 1.1.1.1:53 | roblox.com | udp |
| GB | 142.250.187.232:443 | ssl.google-analytics.com | tcp |
| NL | 128.116.21.3:80 | roblox.com | tcp |
| NL | 128.116.21.3:80 | roblox.com | tcp |
| NL | 128.116.21.3:443 | roblox.com | tcp |
| US | 1.1.1.1:53 | www.roblox.com | udp |
| PL | 128.116.124.3:443 | www.roblox.com | tcp |
| US | 1.1.1.1:53 | css.rbxcdn.com | udp |
| GB | 216.137.44.2:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.2:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.2:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.2:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.2:443 | css.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | static.rbxcdn.com | udp |
| GB | 216.137.44.2:443 | css.rbxcdn.com | tcp |
| GB | 108.138.217.67:443 | static.rbxcdn.com | tcp |
| GB | 108.138.217.67:443 | static.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | js.rbxcdn.com | udp |
| US | 1.1.1.1:53 | images.rbxcdn.com | udp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 23.200.147.42:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.2:443 | css.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | metrics.roblox.com | udp |
| PL | 128.116.124.4:443 | metrics.roblox.com | tcp |
| US | 1.1.1.1:53 | apis.roblox.com | udp |
| PL | 128.116.124.4:443 | apis.roblox.com | tcp |
| US | 1.1.1.1:53 | ecsv2.roblox.com | udp |
| US | 1.1.1.1:53 | apis.rbxcdn.com | udp |
| GB | 88.221.134.235:443 | apis.rbxcdn.com | tcp |
| GB | 142.250.178.4:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 172.217.169.46:443 | tcp | |
| GB | 172.217.169.14:443 | tcp | |
| GB | 142.250.200.34:443 | tcp |
Files
files/dom-0.html
| MD5 | c7370ad7e81dbae8e622eadcac186ad7 |
| SHA1 | 84614ca614f626c93afbce5063ba0f8bbccece31 |
| SHA256 | a5682b306d943be0481656f128cafe52d98cd4ba122f69bc0a522f226954d2fb |
| SHA512 | a1361cabf6e758aee00dd9a771f695be6b0206f96e8077814955b6b20c9a604ae8a3c5cc13e0cc6440472ea029b5409083096ee8b0c6356394affb8bf3a4c05b |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-09 07:36
Reported
2024-06-09 07:46
Platform
android-x64-arm64-20240603-en
Max time kernel
131s
Max time network
150s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.238:443 | tcp | |
| GB | 172.217.16.238:443 | tcp | |
| GB | 216.58.201.106:443 | tcp | |
| GB | 216.58.201.106:443 | tcp | |
| US | 1.1.1.1:53 | roblox.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 108.177.15.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | roblox.com | udp |
| BE | 64.233.166.84:443 | accounts.google.com | tcp |
| NL | 128.116.21.3:80 | roblox.com | tcp |
| NL | 128.116.21.3:443 | roblox.com | tcp |
| US | 1.1.1.1:53 | www.roblox.com | udp |
| PL | 128.116.124.4:443 | www.roblox.com | tcp |
| US | 1.1.1.1:53 | css.rbxcdn.com | udp |
| US | 1.1.1.1:53 | static.rbxcdn.com | udp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 108.138.217.67:443 | static.rbxcdn.com | tcp |
| GB | 108.138.217.67:443 | static.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | js.rbxcdn.com | udp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | images.rbxcdn.com | udp |
| GB | 216.137.44.24:443 | images.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | metrics.roblox.com | udp |
| GB | 216.137.44.24:443 | images.rbxcdn.com | tcp |
| PL | 128.116.124.3:443 | apis.roblox.com | tcp |
| US | 1.1.1.1:53 | apis.rbxcdn.com | udp |
| GB | 88.221.134.235:443 | apis.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| PL | 128.116.124.3:443 | apis.roblox.com | tcp |
| US | 1.1.1.1:53 | ecsv2.roblox.com | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| GB | 172.217.169.68:443 | tcp | |
| GB | 172.217.169.68:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.16.227:443 | update.googleapis.com | tcp |
| PL | 128.116.124.4:443 | metrics.roblox.com | tcp |
Files
files/dom-0.html
| MD5 | 4875a5191b2a596a8fcca7c71da9f0a0 |
| SHA1 | fb15288d7239e4773e4d9176bc09b908c840a893 |
| SHA256 | a3b8e726a23ab281d5255a0c460ae989be2029f92f7c5782112909ad3c9b46b1 |
| SHA512 | 1daf81b5c1dcc2a954885035f6310b91a78d1de928cc0266e882cf54d07b5848612769d5fe1bb4f9e9539d9fd7252319b91f65e1f5b55d58b6cfb1cf40e0d839 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-09 07:36
Reported
2024-06-09 07:46
Platform
android-x86-arm-20240603-en
Max time kernel
128s
Max time network
137s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | roblox.com | udp |
| US | 1.1.1.1:53 | roblox.com | udp |
| NL | 128.116.21.3:80 | roblox.com | tcp |
| NL | 128.116.21.3:80 | roblox.com | tcp |
| NL | 128.116.21.3:443 | roblox.com | tcp |
| US | 1.1.1.1:53 | www.roblox.com | udp |
| PL | 128.116.124.3:443 | www.roblox.com | tcp |
| US | 1.1.1.1:53 | css.rbxcdn.com | udp |
| US | 1.1.1.1:53 | static.rbxcdn.com | udp |
| GB | 23.200.147.35:443 | css.rbxcdn.com | tcp |
| GB | 23.200.147.35:443 | css.rbxcdn.com | tcp |
| GB | 23.200.147.35:443 | css.rbxcdn.com | tcp |
| GB | 23.200.147.35:443 | css.rbxcdn.com | tcp |
| GB | 23.200.147.35:443 | css.rbxcdn.com | tcp |
| GB | 23.200.147.35:443 | css.rbxcdn.com | tcp |
| GB | 108.138.217.65:443 | static.rbxcdn.com | tcp |
| GB | 108.138.217.65:443 | static.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | js.rbxcdn.com | udp |
| US | 1.1.1.1:53 | images.rbxcdn.com | udp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 216.137.44.44:443 | images.rbxcdn.com | tcp |
| GB | 23.200.147.35:443 | css.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | metrics.roblox.com | udp |
| PL | 128.116.124.4:443 | metrics.roblox.com | tcp |
| US | 1.1.1.1:53 | apis.roblox.com | udp |
| PL | 128.116.124.4:443 | apis.roblox.com | tcp |
| US | 1.1.1.1:53 | apis.rbxcdn.com | udp |
| GB | 88.221.134.235:443 | apis.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | ecsv2.roblox.com | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.16.227:443 | update.googleapis.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
Files
files/dom-0.html
| MD5 | 4cb2de80158ab21137700e7d76a0b3d2 |
| SHA1 | 371e9c83b85ec1b3b2543116200a05dac287b362 |
| SHA256 | 93ef328b1ea8c2d02fb2e3bc0e1a8603f647bdf852f2159cdc633cebc0dcddb4 |
| SHA512 | 6b99243b94b48f3f3d5acd1a09635efa6cfa91b441c2f773fa9e15ccb32ac05e5c2b0e95503f54ea3955c8b7dc68820d924fdadcd5f3d3a74bb6ea74de67a81b |