Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file https://nodejs.org/en/blog/release/v17.1.0 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-09 14:15
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-09 14:15
Reported
2024-06-09 14:18
Platform
android-x64-arm64-20240603-en
Max time kernel
173s
Max time network
185s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.179.238:443 | tcp | |
| GB | 216.58.212.234:443 | tcp | |
| GB | 216.58.212.234:443 | tcp | |
| US | 1.1.1.1:53 | nodejs.org | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 74.125.71.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | nodejs.org | udp |
| BE | 173.194.76.84:443 | accounts.google.com | tcp |
| US | 104.20.22.46:443 | nodejs.org | tcp |
| US | 104.20.22.46:443 | nodejs.org | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.40:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.200.3:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | cloud.orama.run | udp |
| US | 104.21.75.8:443 | cloud.orama.run | tcp |
| US | 1.1.1.1:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.187.227:443 | update.googleapis.com | tcp |
| US | 34.104.35.123:443 | edgedl.me.gvt1.com | tcp |
| GB | 142.250.178.14:80 | dl.google.com | tcp |
| US | 1.1.1.1:53 | redirector.gvt1.com | udp |
| GB | 216.58.204.78:80 | redirector.gvt1.com | tcp |
| US | 1.1.1.1:53 | r1---sn-5oxmp55u-8pxe.gvt1.com | udp |
| AT | 144.208.213.44:80 | r1---sn-5oxmp55u-8pxe.gvt1.com | tcp |
| US | 1.1.1.1:53 | r2---sn-5oxmp55u-8pxe.gvt1.com | udp |
| AT | 144.208.213.45:80 | r2---sn-5oxmp55u-8pxe.gvt1.com | tcp |
Files
files/dom-0.html
| MD5 | 48494c6a22e9b2b60418ec7062d823d0 |
| SHA1 | 021211644d04b327804a34bd191a11855bf6acb6 |
| SHA256 | 68395f472d13925f06771d17b2cd3c8feb9db348212a6ec3e5f2c237281e3648 |
| SHA512 | 922cb1ef3650723ba90b917d55e6c96fbcf5b70c3bf4621ac7fe32dec7f63b97383f1f96b3cba5e43094f1d7e9732cd454fa72cace22e42357576f652c1629e5 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-09 14:15
Reported
2024-06-09 14:18
Platform
android-x86-arm-20240603-en
Max time kernel
117s
Max time network
184s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | nodejs.org | udp |
| US | 104.20.23.46:443 | nodejs.org | tcp |
| US | 104.20.23.46:443 | nodejs.org | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.187.195:443 | update.googleapis.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
Files
files/dom-0.html
| MD5 | e193e8d0c50ae594b350d1896920a967 |
| SHA1 | efd97446bb40561951e6b2d22c851dac5d3f0707 |
| SHA256 | ef2ed4201c80d861706e29062742f2fa000643322f1470c3d8fd66608a3fa694 |
| SHA512 | b53aa1d89d681aecf9e3b02ef88bb42bbe51ca46f92591941bdcfe115991d6829d80c9c38a2a239980b760789117d2839ca2b7e0f2f565bf5ebe53705e1160c3 |
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-09 14:15
Reported
2024-06-09 14:15
Platform
debian9-mipsbe-20240226-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-09 14:15
Reported
2024-06-09 14:19
Platform
android-x64-20240603-en
Max time kernel
143s
Max time network
243s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 108.177.15.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 74.125.71.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | nodejs.org | udp |
| US | 104.20.22.46:443 | nodejs.org | tcp |
| US | 104.20.22.46:443 | nodejs.org | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.180.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.169.35:443 | update.googleapis.com | tcp |
| GB | 142.250.178.4:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 142.250.178.4:443 | tcp | |
| GB | 172.217.169.46:443 | tcp | |
| GB | 172.217.169.14:443 | tcp | |
| GB | 142.250.200.34:443 | tcp |