Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file http://pornhub.com was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-10 12:29
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-10 12:29
Reported
2024-06-10 12:31
Platform
android-x86-arm-20240603-en
Max time kernel
56s
Max time network
51s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | pornhub.com | udp |
| US | 66.254.114.41:80 | pornhub.com | tcp |
| US | 66.254.114.41:80 | pornhub.com | tcp |
| US | 66.254.114.41:443 | pornhub.com | tcp |
| US | 1.1.1.1:53 | www.pornhub.com | udp |
| US | 1.1.1.1:53 | www.pornhub.com | udp |
| US | 1.1.1.1:53 | www.pornhub.com | udp |
| US | 1.1.1.1:53 | ei.phncdn.com | udp |
| US | 1.1.1.1:53 | prvc.io | udp |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ei.phncdn.com | udp |
| US | 1.1.1.1:53 | prvc.io | udp |
| GB | 64.210.156.18:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phncdn.com | tcp |
| US | 1.1.1.1:53 | prvc.io | udp |
| US | 172.67.177.254:443 | prvc.io | tcp |
| US | 1.1.1.1:53 | media.trafficjunky.net | udp |
| US | 1.1.1.1:53 | cdn1-smallimg.phncdn.com | udp |
| US | 1.1.1.1:53 | static.trafficjunky.com | udp |
| GB | 64.210.156.23:443 | static.trafficjunky.com | tcp |
| US | 1.1.1.1:53 | media.trafficjunky.net | udp |
| GB | 64.210.156.23:443 | media.trafficjunky.net | tcp |
| US | 1.1.1.1:53 | analytics.google.com | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | cdn1-smallimg.phncdn.com | udp |
| GB | 64.210.156.18:443 | media.trafficjunky.net | tcp |
| US | 1.1.1.1:53 | ht-cdn.trafficjunky.net | udp |
| US | 1.1.1.1:53 | qckload.com | udp |
| GB | 64.210.156.18:443 | ht-cdn.trafficjunky.net | tcp |
| US | 1.1.1.1:53 | analytics.google.com | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| BE | 66.102.1.156:443 | stats.g.doubleclick.net | tcp |
| BE | 66.102.1.156:443 | stats.g.doubleclick.net | tcp |
| BE | 66.102.1.156:443 | stats.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | ht-cdn2.adtng.com | udp |
| US | 1.1.1.1:53 | ht-cdn2.adtng.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 64.210.156.19:443 | ht-cdn2.adtng.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | qckload.com | udp |
| US | 34.225.210.0:443 | qckload.com | tcp |
| US | 34.225.210.0:443 | qckload.com | tcp |
| US | 1.1.1.1:53 | cdn1-smallimg.phncdn.com | udp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| US | 1.1.1.1:53 | www.securegfm2.com | udp |
| US | 1.1.1.1:53 | dg-videos.b-cdn.net | udp |
| US | 1.1.1.1:53 | ht-cdn2.adtng.com | udp |
| US | 1.1.1.1:53 | dg-videos.b-cdn.net | udp |
| FR | 143.244.56.49:443 | dg-videos.b-cdn.net | tcp |
| GB | 64.210.156.21:443 | ht-cdn2.adtng.com | tcp |
| GB | 64.210.156.21:443 | ht-cdn2.adtng.com | tcp |
| GB | 64.210.156.21:443 | ht-cdn2.adtng.com | tcp |
| FR | 185.93.2.245:443 | dg-videos.b-cdn.net | tcp |
| FR | 143.244.56.49:443 | dg-videos.b-cdn.net | tcp |
| US | 1.1.1.1:53 | analytics.google.com | udp |
| US | 1.1.1.1:53 | www.securegfm2.com | udp |
| US | 1.1.1.1:53 | www.securegfm2.com | udp |
| DE | 18.197.208.17:443 | www.securegfm2.com | tcp |
| GB | 172.217.169.74:443 | tcp | |
| GB | 172.217.169.74:443 | tcp | |
| US | 1.1.1.1:53 | analytics.google.com | udp |
| US | 1.1.1.1:53 | analytics.google.com | udp |
| US | 216.239.32.181:443 | analytics.google.com | tcp |
| US | 216.239.32.181:443 | analytics.google.com | tcp |
| US | 1.1.1.1:53 | storage.googleapis.com | udp |
| GB | 216.58.212.251:443 | storage.googleapis.com | tcp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-10 12:29
Reported
2024-06-10 12:31
Platform
android-x64-20240603-en
Max time kernel
55s
Max time network
66s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.201.106:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 74.125.133.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | pornhub.com | udp |
| US | 66.254.114.41:80 | pornhub.com | tcp |
| US | 66.254.114.41:80 | pornhub.com | tcp |
| BE | 74.125.133.84:443 | accounts.google.com | tcp |
| US | 66.254.114.41:443 | pornhub.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | www.pornhub.com | udp |
| US | 1.1.1.1:53 | ei.phncdn.com | udp |
| GB | 64.210.156.22:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.22:443 | ei.phncdn.com | tcp |
| US | 1.1.1.1:53 | prvc.io | udp |
| US | 172.67.177.254:443 | prvc.io | tcp |
| GB | 216.58.201.106:443 | tcp | |
| US | 1.1.1.1:53 | media.trafficjunky.net | udp |
| US | 1.1.1.1:53 | cdn1-smallimg.phncdn.com | udp |
| GB | 64.210.156.23:443 | media.trafficjunky.net | tcp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| US | 1.1.1.1:53 | static.trafficjunky.com | udp |
| GB | 64.210.156.23:443 | media.trafficjunky.net | tcp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| US | 1.1.1.1:53 | static.trafficjunky.com | udp |
| GB | 64.210.156.20:443 | static.trafficjunky.com | tcp |
| GB | 64.210.156.20:443 | static.trafficjunky.com | tcp |
| US | 1.1.1.1:53 | analytics.google.com | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| GB | 216.58.212.238:443 | analytics.google.com | tcp |
| BE | 64.233.184.157:443 | stats.g.doubleclick.net | tcp |
| GB | 64.210.156.22:443 | static.trafficjunky.com | tcp |
| US | 1.1.1.1:53 | qckload.com | udp |
| US | 34.225.210.0:443 | qckload.com | tcp |
| US | 1.1.1.1:53 | clients1.google.com | udp |
| GB | 142.250.178.14:443 | clients1.google.com | tcp |
| US | 1.1.1.1:53 | hw-cdn2.adtng.com | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| US | 1.1.1.1:53 | www.securegfm2.com | udp |
| US | 1.1.1.1:53 | dg-videos.b-cdn.net | udp |
| DE | 18.197.208.17:443 | www.securegfm2.com | tcp |
| FR | 143.244.56.49:443 | dg-videos.b-cdn.net | tcp |
| US | 1.1.1.1:53 | hw-cdn2.adtng.com | udp |
| GB | 64.210.156.1:443 | hw-cdn2.adtng.com | tcp |
| GB | 64.210.156.1:443 | hw-cdn2.adtng.com | tcp |
| GB | 64.210.156.1:443 | hw-cdn2.adtng.com | tcp |
| GB | 64.210.156.1:443 | hw-cdn2.adtng.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.204.68:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | storage.googleapis.com | udp |
| GB | 172.217.169.59:443 | storage.googleapis.com | tcp |
| GB | 216.58.212.227:443 | update.googleapis.com | tcp |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.200.36:443 | tcp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-10 12:29
Reported
2024-06-10 12:31
Platform
android-x64-arm64-20240603-en
Max time kernel
58s
Max time network
60s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.42:443 | tcp | |
| GB | 142.250.200.42:443 | tcp | |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.40:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | pornhub.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | pornhub.com | udp |
| US | 66.254.114.41:80 | pornhub.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 66.254.114.41:443 | pornhub.com | tcp |
| US | 1.1.1.1:53 | www.pornhub.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | www.pornhub.com | udp |
| US | 1.1.1.1:53 | www.pornhub.com | udp |
| US | 1.1.1.1:53 | ei.phncdn.com | udp |
| US | 1.1.1.1:53 | ei.phncdn.com | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.204.67:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | ei.phncdn.com | udp |
| GB | 64.210.156.20:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.20:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.20:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.20:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.20:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.20:443 | ei.phncdn.com | tcp |
| US | 1.1.1.1:53 | media.trafficjunky.net | udp |
| US | 1.1.1.1:53 | prvc.io | udp |
| US | 1.1.1.1:53 | cdn1-smallimg.phncdn.com | udp |
| US | 1.1.1.1:53 | static.trafficjunky.com | udp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| GB | 64.210.156.17:443 | static.trafficjunky.com | tcp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| US | 1.1.1.1:53 | media.trafficjunky.net | udp |
| US | 1.1.1.1:53 | prvc.io | udp |
| GB | 64.210.156.23:443 | media.trafficjunky.net | tcp |
| US | 104.21.56.52:443 | prvc.io | tcp |
| GB | 64.210.156.20:443 | media.trafficjunky.net | tcp |
| US | 1.1.1.1:53 | clients1.google.com | udp |
| GB | 216.58.212.238:443 | clients1.google.com | tcp |
| US | 1.1.1.1:53 | ht-cdn.trafficjunky.net | udp |
| US | 1.1.1.1:53 | qckload.com | udp |
| GB | 64.210.156.20:443 | ht-cdn.trafficjunky.net | tcp |
| US | 1.1.1.1:53 | hw-cdn2.adtng.com | udp |
| GB | 64.210.156.0:443 | hw-cdn2.adtng.com | tcp |
| US | 1.1.1.1:53 | qckload.com | udp |
| US | 34.225.210.0:443 | qckload.com | tcp |
| US | 34.225.210.0:443 | qckload.com | tcp |
| US | 1.1.1.1:53 | www.securegfm2.com | udp |
| US | 1.1.1.1:53 | dg-videos.b-cdn.net | udp |
| FR | 143.244.56.51:443 | dg-videos.b-cdn.net | tcp |
| US | 1.1.1.1:53 | www.securegfm2.com | udp |
| DE | 18.197.208.17:443 | www.securegfm2.com | tcp |
| US | 1.1.1.1:53 | storage.googleapis.com | udp |
| US | 1.1.1.1:53 | storage.googleapis.com | udp |
| GB | 142.250.200.59:443 | storage.googleapis.com | tcp |
| GB | 142.250.200.59:443 | storage.googleapis.com | tcp |
| GB | 172.217.169.68:443 | tcp | |
| GB | 172.217.169.68:443 | tcp | |
| US | 1.1.1.1:53 | ew.phncdn.com | udp |
| GB | 64.210.156.17:443 | ew.phncdn.com | tcp |
| US | 1.1.1.1:53 | cdn1d-static-shared.phncdn.com | udp |
| US | 1.1.1.1:53 | ss.phncdn.com | udp |
| US | 1.1.1.1:53 | etahub.com | udp |
| US | 66.254.114.62:443 | etahub.com | tcp |
| US | 66.254.114.62:443 | etahub.com | tcp |
| US | 66.254.114.62:443 | etahub.com | tcp |
| GB | 64.210.156.21:443 | cdn1d-static-shared.phncdn.com | tcp |
| US | 1.1.1.1:53 | go.mnaspm.com | udp |
| US | 172.64.147.206:443 | go.mnaspm.com | tcp |
| US | 1.1.1.1:53 | creative.mnaspm.com | udp |
| US | 1.1.1.1:53 | ss.phncdn.com | udp |
| GB | 64.210.156.0:443 | hw-cdn2.adtng.com | tcp |
| US | 1.1.1.1:53 | creative.mnaspm.com | udp |
| US | 1.1.1.1:53 | img.stripcdn.com | udp |
| US | 1.1.1.1:53 | st.stripcdn.com | udp |
| US | 1.1.1.1:53 | img.stripcdn.com | udp |
| US | 1.1.1.1:53 | st.stripcdn.com | udp |
| US | 1.1.1.1:53 | img.stripcdn.com | udp |
| US | 1.1.1.1:53 | st.stripcdn.com | udp |
| US | 172.64.147.206:443 | creative.mnaspm.com | tcp |
| US | 1.1.1.1:53 | video.ktkjmp.com | udp |
| US | 104.18.53.225:443 | video.ktkjmp.com | tcp |
| US | 1.1.1.1:53 | img.strpst.com | udp |
| US | 1.1.1.1:53 | stripchat.com | udp |
| US | 104.17.11.106:443 | img.strpst.com | tcp |
| US | 104.17.11.106:443 | img.strpst.com | tcp |
| US | 104.17.118.12:443 | stripchat.com | tcp |