Malware Analysis Report

2025-01-19 07:50

Sample ID 240609-s2dqwsca4x
Target https://tria.ge/submit
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

Threat Level: No (potentially) malicious behavior was detected

The file https://tria.ge/submit was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Checks CPU information

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-09 15:36

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-09 15:36

Reported

2024-06-09 15:40

Platform

android-x86-arm-20240603-en

Max time kernel

118s

Max time network

163s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 clients3.google.com udp
GB 142.250.179.238:443 clients3.google.com tcp
GB 142.250.179.238:443 clients3.google.com tcp
GB 142.250.179.238:443 clients3.google.com tcp
GB 142.250.179.238:443 clients3.google.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
NL 154.61.71.12:443 tcp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 216.58.201.99:443 update.googleapis.com tcp

Files

files/dom-0.html

MD5 16d974b5af63a652c6af88e806c5c1ba
SHA1 d4dab450fac504bea2aed6da30c4ea56c4c10406
SHA256 d3fc6d9dfa7d2086354f4b5e3dd27bddc73a43f8d378c76175ac6641e143927b
SHA512 d7e4ebf7b8dd6fb8eebb74ce52f304baf71f08bd4047094b346f107ada7362d05cdc3b0afabfd21679cc022065fd323aa5927fc60cd4ea2be80fffcf28d62e7b

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-09 15:36

Reported

2024-06-09 15:40

Platform

android-x64-20240603-en

Max time kernel

117s

Max time network

151s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 accounts.google.com udp
BE 74.125.71.84:443 accounts.google.com tcp
US 1.1.1.1:53 tria.ge udp
NL 154.61.71.12:443 tria.ge tcp
NL 154.61.71.12:443 tria.ge tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
GB 142.250.180.10:443 tcp
US 1.1.1.1:53 clients1.google.com udp
GB 216.58.204.78:443 clients1.google.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 172.217.16.228:443 tcp
GB 172.217.16.228:443 tcp
GB 216.58.204.78:443 clients1.google.com tcp
GB 142.250.200.2:443 tcp
GB 172.217.169.78:443 tcp

Files

files/dom-0.html

MD5 135d7281b96c5db2075461b78547e6ec
SHA1 27dbcb9436fa2d3bad06ebb3ca3a3bd3070530f3
SHA256 428aabac2dd45e96519eea54eda3c2fa67dec6e52591d24abb25a87a51571184
SHA512 996298720d37ecd34ed3ff0ddf2a3c1533dacfce0f2435194bab35c251db4e3a06efd19f65565be55fff413db4443863be0a53ce0ff93fa9bf9fa4e98d044d69

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-09 15:36

Reported

2024-06-09 15:40

Platform

android-x64-arm64-20240603-en

Max time kernel

125s

Max time network

132s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.42:443 tcp
GB 142.250.200.42:443 tcp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.178.14:443 android.apis.google.com tcp
US 1.1.1.1:53 tria.ge udp
US 1.1.1.1:53 accounts.google.com udp
BE 64.233.167.84:443 accounts.google.com tcp
US 1.1.1.1:53 accounts.google.com udp
BE 64.233.166.84:443 accounts.google.com tcp
US 1.1.1.1:53 tria.ge udp
NL 154.61.71.12:443 tria.ge tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.178.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 clients1.google.com udp
GB 216.58.201.110:443 clients1.google.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.187.227:443 update.googleapis.com tcp
GB 172.217.169.68:443 tcp
GB 172.217.169.68:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.187.195:443 update.googleapis.com tcp

Files

files/dom-0.html

MD5 91db390f5e8cde78560bd2552e992d96
SHA1 d2dfd82a9afae1f04cdc4603e269044a21f9f20a
SHA256 ae0ba444c2626db3f4214a17517e49671ec60a1121735457ec9284a174067123
SHA512 f4327e1b7a2b4dd350e104c55cd6203c4ee8d6c0865163c2ad518ba3a2d94a42fb6f75baafd10185295dc14cdf2c72d4f334f203ebad25382e5e98730e216882