hxxps://getmyfilenow[.]com/lp?id=Vega%20X%20Windows_05586724

Analysis

max time kernel
1816s
max time network
1811s
platform
android_x64
resource
android-x64-arm64-20240603-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240603-enlocale:en-usos:android-11-x64system
submitted
10/06/2024, 21:45 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://getmyfilenow.com/lp?id=Vega%20X%20Windows_05586724

Score

1^/10

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.android.chrome

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.android.chrome

com.android.chrome
1⤵
- Checks CPU information
- Checks memory information
PID:4439

Network

DNS

android.apis.google.com

Remote address:

1.1.1.1:53

Request

android.apis.google.com

IN A

Response

android.apis.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

142.250.187.206
DNS

getmyfilenow.com

Remote address:

1.1.1.1:53

Request

getmyfilenow.com

IN A

Response

getmyfilenow.com

IN A

172.67.204.186

getmyfilenow.com

IN A

104.21.50.104
DNS

accounts.google.com

Remote address:

1.1.1.1:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

66.102.1.84
DNS

getmyfilenow.com

Remote address:

1.1.1.1:53

Request

getmyfilenow.com

IN A

Response

getmyfilenow.com

IN A

104.21.50.104

getmyfilenow.com

IN A

172.67.204.186
DNS

accounts.google.com

Remote address:

1.1.1.1:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

173.194.76.84
GET

https://getmyfilenow.com/lp?id=Vega%20X%20Windows_05586724

Remote address:

104.21.50.104:443

Request

GET /lp?id=Vega%20X%20Windows_05586724 HTTP/2.0
host: getmyfilenow.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 10 Jun 2024 21:45:37 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=awdEVlY1ay8XaffOtVHQhhhDjmWssiunxqX9x6q0Zv5qZhJFCXXFgyeSuaa2ZXRi1V4OXt9am5B3%2FFYKlhEO%2FqvkEkoWYDH5lTkgRkaci0Ri8yd9Q0h5d4%2BDGpD313HfUqx7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 891c8ca6bfe571c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://getmyfilenow.com/lp?id=Vega%20X%20Windows_05586724

Remote address:

104.21.50.104:443

Request

GET /lp?id=Vega%20X%20Windows_05586724 HTTP/2.0
host: getmyfilenow.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 10 Jun 2024 21:45:37 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z7IBUZMFOY2g0LB0EVHdb3OBUUJtkQy7G2Ns42cbCBZZOi9W8kS8knqiX9%2BAMNeqximGh%2B7WcQ5zA65%2BaYNx6%2BHrpZVxHqPwsDmYiClA8ET%2BRSr4jRUBRh75C7WeJXVEeFkV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 891c8caa7c0271c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://getmyfilenow.com/favicon.ico

Remote address:

104.21.50.104:443

Request

GET /favicon.ico HTTP/2.0
host: getmyfilenow.com
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://getmyfilenow.com/lp?id=Vega%20X%20Windows_05586724
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

date: Mon, 10 Jun 2024 21:45:38 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: no-store
content-security-policy: default-src 'none'
x-content-type-options: nosniff
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FvdpbCB6Rqt1nuCbBwlJfb5KZkS6kkKj2gNqEGpf%2FqtRYYMmvHiIsdD57aoE%2Fhzb0HpG7vOjZ5lBLkc3EgQ7B66A3E297AuMxewbdPj1ZWep8X5YmktIlwnpc0OizaYCu38"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 891c8cacfe9971c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST

https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard

Remote address:

173.194.76.84:443

Request

POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/2.0
host: accounts.google.com
content-length: 1
origin: https://www.google.com
content-type: application/x-www-form-urlencoded
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

ssl.google-analytics.com

Remote address:

1.1.1.1:53

Request

ssl.google-analytics.com

IN A

Response

ssl.google-analytics.com

IN A

142.250.179.232
DNS

a.nel.cloudflare.com

Remote address:

1.1.1.1:53

Request

a.nel.cloudflare.com

IN A

Response

a.nel.cloudflare.com

IN A

35.190.80.1
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=I%2FvdpbCB6Rqt1nuCbBwlJfb5KZkS6kkKj2gNqEGpf%2FqtRYYMmvHiIsdD57aoE%2Fhzb0HpG7vOjZ5lBLkc3EgQ7B66A3E297AuMxewbdPj1ZWep8X5YmktIlwnpc0OizaYCu38

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=I%2FvdpbCB6Rqt1nuCbBwlJfb5KZkS6kkKj2gNqEGpf%2FqtRYYMmvHiIsdD57aoE%2Fhzb0HpG7vOjZ5lBLkc3EgQ7B66A3E297AuMxewbdPj1ZWep8X5YmktIlwnpc0OizaYCu38 HTTP/2.0
host: a.nel.cloudflare.com
origin: https://getmyfilenow.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://a.nel.cloudflare.com/report/v4?s=I%2FvdpbCB6Rqt1nuCbBwlJfb5KZkS6kkKj2gNqEGpf%2FqtRYYMmvHiIsdD57aoE%2Fhzb0HpG7vOjZ5lBLkc3EgQ7B66A3E297AuMxewbdPj1ZWep8X5YmktIlwnpc0OizaYCu38

Remote address:

35.190.80.1:443

Request

POST /report/v4?s=I%2FvdpbCB6Rqt1nuCbBwlJfb5KZkS6kkKj2gNqEGpf%2FqtRYYMmvHiIsdD57aoE%2Fhzb0HpG7vOjZ5lBLkc3EgQ7B66A3E297AuMxewbdPj1ZWep8X5YmktIlwnpc0OizaYCu38 HTTP/2.0
host: a.nel.cloudflare.com
content-length: 476
content-type: application/reports+json
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

update.googleapis.com

Remote address:

1.1.1.1:53

Request

update.googleapis.com

IN A

Response

update.googleapis.com

IN A

142.250.187.195
POST

https://update.googleapis.com/service/update2

Remote address:

142.250.187.195:443

Request

POST /service/update2 HTTP/1.1
Content-Length: 687
Content-Type: application/x-www-form-urlencoded
User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; Pixel 2 Build/RSR1.210722.013)
Host: update.googleapis.com
Connection: Keep-Alive
Accept-Encoding: gzip

Response

HTTP/1.1 200 OK

Content-Security-Policy: script-src 'report-sample' 'nonce-r0zMXp2djeSeLULf0Y86Mg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 21:45:42 GMT
Content-Type: text/xml; charset=UTF-8
X-Daynum: 6370
X-Daystart: 53142
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
DNS

update.googleapis.com

Remote address:

1.1.1.1:53

Request

update.googleapis.com

IN A

Response

update.googleapis.com

IN A

172.217.16.227
POST

https://update.googleapis.com/service/update2/json?cup2key=10:1768889082&cup2hreq=0dca423d6c0768d5ce7d2cf660c755c9442dafb8442afcb9a5bb71eb0318a3ab

Remote address:

172.217.16.227:443

Request

POST /service/update2/json?cup2key=10:1768889082&cup2hreq=0dca423d6c0768d5ce7d2cf660c755c9442dafb8442afcb9a5bb71eb0318a3ab HTTP/2.0
host: update.googleapis.com
content-length: 1314
x-goog-update-appid: llkgjffcdpffmhiakmfcdcblohccpfmo,khaoiebndkojlmppeemjhbpbandiljpe,hfnkpimlhhgieaddgfemjhofmfblmnib,jflookgnkcckhobaglndicnbbgbonegd,gcmjkmgdlgnkkcocmoeiminaijmmjnii,giekcmmlnklenlaomppkphknjmnnpneh,ggkkehgbnfjpeggfpleeakpidbkibbmn,bklopemakmnopmghhmccadeonafabnal
x-goog-update-interactivity: bg
x-goog-update-updater: chrome-83.0.4103.106
content-type: application/json
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept-encoding: gzip, deflate, br
POST

https://update.googleapis.com/service/update2/json

Remote address:

172.217.16.227:443

Request

POST /service/update2/json HTTP/2.0
host: update.googleapis.com
content-length: 979
content-type: application/json
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept-encoding: gzip, deflate, br
POST

https://update.googleapis.com/service/update2/json

Remote address:

172.217.16.227:443

Request

POST /service/update2/json HTTP/2.0
host: update.googleapis.com
content-length: 965
content-type: application/json
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept-encoding: gzip, deflate, br
POST

https://update.googleapis.com/service/update2/json

Remote address:

172.217.16.227:443

Request

POST /service/update2/json HTTP/2.0
host: update.googleapis.com
content-length: 975
content-type: application/json
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept-encoding: gzip, deflate, br
POST

https://update.googleapis.com/service/update2/json

Remote address:

172.217.16.227:443

Request

POST /service/update2/json HTTP/2.0
host: update.googleapis.com
content-length: 973
content-type: application/json
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept-encoding: gzip, deflate, br
POST

https://update.googleapis.com/service/update2/json

Remote address:

172.217.16.227:443

Request

POST /service/update2/json HTTP/2.0
host: update.googleapis.com
content-length: 985
content-type: application/json
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept-encoding: gzip, deflate, br
POST

https://update.googleapis.com/service/update2/json

Remote address:

172.217.16.227:443

Request

POST /service/update2/json HTTP/2.0
host: update.googleapis.com
content-length: 899
content-type: application/json
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept-encoding: gzip, deflate, br
POST

https://update.googleapis.com/service/update2/json

Remote address:

172.217.16.227:443

Request

POST /service/update2/json HTTP/2.0
host: update.googleapis.com
content-length: 1032
content-type: application/json
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept-encoding: gzip, deflate, br
POST

https://update.googleapis.com/service/update2/json

Remote address:

172.217.16.227:443

Request

POST /service/update2/json HTTP/2.0
host: update.googleapis.com
content-length: 904
content-type: application/json
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept-encoding: gzip, deflate, br
DNS

android.apis.google.com

Remote address:

1.1.1.1:53

Request

android.apis.google.com

IN A

Response

android.apis.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

142.250.187.238
DNS

android.apis.google.com

Remote address:

1.1.1.1:53

Request

android.apis.google.com

IN A

Response

android.apis.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

142.250.187.238
DNS

www.google.com

Remote address:

1.1.1.1:53

Request

www.google.com

IN A

Response

www.google.com

IN A

216.58.201.100

172.217.16.238:443

tls, https

1.5kB
40 B
1
1
142.250.187.206:443

android.apis.google.com

tls

8.8kB
11.7kB
39
38
104.21.50.104:443

https://getmyfilenow.com/favicon.ico

tls, http2

2.6kB
9.5kB
24
21

HTTP Request

GET https://getmyfilenow.com/lp?id=Vega%20X%20Windows_05586724

HTTP Response

200

HTTP Request

GET https://getmyfilenow.com/lp?id=Vega%20X%20Windows_05586724

HTTP Response

200

HTTP Request

GET https://getmyfilenow.com/favicon.ico

HTTP Response

404
173.194.76.84:443

https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard

tls, http2

2.2kB
7.8kB
21
17

HTTP Request

POST https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
142.250.179.232:443

ssl.google-analytics.com

tls

1.5kB
6.2kB
12
11
35.190.80.1:443

https://a.nel.cloudflare.com/report/v4?s=I%2FvdpbCB6Rqt1nuCbBwlJfb5KZkS6kkKj2gNqEGpf%2FqtRYYMmvHiIsdD57aoE%2Fhzb0HpG7vOjZ5lBLkc3EgQ7B66A3E297AuMxewbdPj1ZWep8X5YmktIlwnpc0OizaYCu38

tls, http2

3.1kB
5.1kB
21
18

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=I%2FvdpbCB6Rqt1nuCbBwlJfb5KZkS6kkKj2gNqEGpf%2FqtRYYMmvHiIsdD57aoE%2Fhzb0HpG7vOjZ5lBLkc3EgQ7B66A3E297AuMxewbdPj1ZWep8X5YmktIlwnpc0OizaYCu38

HTTP Request

POST https://a.nel.cloudflare.com/report/v4?s=I%2FvdpbCB6Rqt1nuCbBwlJfb5KZkS6kkKj2gNqEGpf%2FqtRYYMmvHiIsdD57aoE%2Fhzb0HpG7vOjZ5lBLkc3EgQ7B66A3E297AuMxewbdPj1ZWep8X5YmktIlwnpc0OizaYCu38
142.250.187.195:443

https://update.googleapis.com/service/update2

tls, http

2.4kB
7.1kB
15
14

HTTP Request

POST https://update.googleapis.com/service/update2

HTTP Response

200
216.58.212.196:443

tls, https

436 B
40 B
2
1
216.58.212.196:443

www.google.com

tls

11.4kB
11.7kB
34
42
172.217.16.227:443

https://update.googleapis.com/service/update2/json

tls, http2

14.4kB
18.4kB
55
74

HTTP Request

POST https://update.googleapis.com/service/update2/json?cup2key=10:1768889082&cup2hreq=0dca423d6c0768d5ce7d2cf660c755c9442dafb8442afcb9a5bb71eb0318a3ab

HTTP Request

POST https://update.googleapis.com/service/update2/json

HTTP Request

POST https://update.googleapis.com/service/update2/json

HTTP Request

POST https://update.googleapis.com/service/update2/json

HTTP Request

POST https://update.googleapis.com/service/update2/json

HTTP Request

POST https://update.googleapis.com/service/update2/json

HTTP Request

POST https://update.googleapis.com/service/update2/json

HTTP Request

POST https://update.googleapis.com/service/update2/json

HTTP Request

POST https://update.googleapis.com/service/update2/json
142.250.200.1:443

tls

135 B
40 B
2
1
172.217.16.225:443

tls

135 B
40 B
2
1
216.58.212.194:443

tls

135 B
40 B
2
1
142.250.187.238:443

android.apis.google.com

tls

2.2kB
6.2kB
14
14
142.250.187.238:443

android.apis.google.com

tls

2.2kB
6.3kB
14
13
142.251.168.188:5228

tls

80 B
40 B
1
1
216.58.201.100:443

www.google.com

tls

1.4kB
5.6kB
10
11

224.0.0.251:5353

3.7kB
11
1.1.1.1:53

android.apis.google.com

dns

69 B
109 B
1
1

DNS Request

android.apis.google.com

DNS Response

142.250.187.206
1.1.1.1:53

getmyfilenow.com

dns

62 B
94 B
1
1

DNS Request

getmyfilenow.com

DNS Response

172.67.204.186

104.21.50.104
1.1.1.1:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

66.102.1.84
1.1.1.1:53

getmyfilenow.com

dns

62 B
94 B
1
1

DNS Request

getmyfilenow.com

DNS Response

104.21.50.104

172.67.204.186
1.1.1.1:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

173.194.76.84
1.1.1.1:53

ssl.google-analytics.com

dns

70 B
86 B
1
1

DNS Request

ssl.google-analytics.com

DNS Response

142.250.179.232
1.1.1.1:53

a.nel.cloudflare.com

dns

66 B
82 B
1
1

DNS Request

a.nel.cloudflare.com

DNS Response

35.190.80.1
1.1.1.1:53

update.googleapis.com

dns

67 B
83 B
1
1

DNS Request

update.googleapis.com

DNS Response

142.250.187.195
1.1.1.1:53

update.googleapis.com

dns

67 B
83 B
1
1

DNS Request

update.googleapis.com

DNS Response

172.217.16.227
1.1.1.1:53

android.apis.google.com

dns

69 B
109 B
1
1

DNS Request

android.apis.google.com

DNS Response

142.250.187.238
1.1.1.1:53

android.apis.google.com

dns

69 B
109 B
1
1

DNS Request

android.apis.google.com

DNS Response

142.250.187.238
1.1.1.1:53

www.google.com

dns

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

216.58.201.100

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

files/dom-0.html

Filesize
3KB

MD5
4ff15d3b9da603bba8c5c85aa972076f

SHA1
2e5f71b9d3be7cceac5905f0c73774d7e5a37e79

SHA256
05fd9991b8af316ae2e8d6e0f476eab0b3d1f2abd975bf88abf05f79e0f726f3

SHA512
069b894d4ac7dcb5882234ce53e624e4b412e66a516108d9ca4b4632830c7f6dce5b6fc226b4f4de7d9d7d5640a8f7d3344ac2217be9d9e77dc36e7401022072

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.