Analysis Overview

score

1^/10

Threat Level: No (potentially) malicious behavior was detected

The file https://tria.ge/dashboard was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary

Checks CPU information

Checks memory information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-13 22:34

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 22:34

Reported

2024-06-13 22:40

Platform

android-x64-arm64-20240611.1-en

Max time kernel

338s

Max time network

344s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description	Indicator	Process	Target
File opened for read	/proc/cpuinfo	N/A	N/A

Checks memory information

Description	Indicator	Process	Target
File opened for read	/proc/meminfo	N/A	N/A

Processes

com.android.chrome

Network

Country	Destination	Domain	Proto
N/A	224.0.0.251:5353		udp
US	1.1.1.1:53	tria.ge	udp
US	1.1.1.1:53	accounts.google.com	udp
BE	64.233.167.84:443	accounts.google.com	tcp
US	1.1.1.1:53	accounts.google.com	udp
US	1.1.1.1:53	tria.ge	udp
BE	142.251.173.84:443	accounts.google.com	tcp
NL	154.61.71.12:443	tria.ge	tcp
US	1.1.1.1:53	clients1.google.com	udp
GB	142.250.187.206:443	clients1.google.com	tcp
US	1.1.1.1:53	ssl.google-analytics.com	udp
GB	142.250.187.232:443	ssl.google-analytics.com	tcp
US	1.1.1.1:53	update.googleapis.com	udp
US	1.1.1.1:53	static.xx.fbcdn.net	udp
GB	157.240.214.11:443	static.xx.fbcdn.net	tcp
US	1.1.1.1:53	www.google.com	udp
GB	142.250.187.228:443	www.google.com	tcp
GB	142.250.187.228:443	www.google.com	tcp
GB	142.250.187.238:443		tcp
GB	142.250.187.228:443	www.google.com	tcp
US	1.1.1.1:53	android.apis.google.com	udp
GB	142.250.187.206:443	android.apis.google.com	tcp
US	1.1.1.1:53	encrypted-tbn0.gstatic.com	udp
GB	142.250.200.46:443	encrypted-tbn0.gstatic.com	tcp
GB	172.217.169.3:443	update.googleapis.com	tcp
US	1.1.1.1:53	lh5.googleusercontent.com	udp
GB	142.250.179.225:443	lh5.googleusercontent.com	tcp
US	1.1.1.1:53	lh5.googleusercontent.com	udp
GB	142.250.200.1:443	lh5.googleusercontent.com	tcp
GB	142.250.200.1:443	lh5.googleusercontent.com	tcp
GB	142.250.200.1:443	lh5.googleusercontent.com	tcp
US	1.1.1.1:53	play.google.com	udp
GB	142.250.179.238:443	play.google.com	tcp
US	1.1.1.1:53	policies.google.com	udp
GB	142.250.178.14:443	policies.google.com	tcp
GB	142.250.178.14:443	policies.google.com	tcp
US	1.1.1.1:53	apis.google.com	udp
US	1.1.1.1:53	www.google.com	udp
GB	216.58.204.68:443	www.google.com	tcp
US	1.1.1.1:53	region1.google-analytics.com	udp
US	1.1.1.1:53	ssl.gstatic.com	udp
US	216.239.34.36:443	region1.google-analytics.com	tcp
GB	142.250.187.227:443	ssl.gstatic.com	tcp
GB	142.250.179.228:443		tcp
GB	142.250.179.228:443		tcp
US	1.1.1.1:53	consent.google.com	udp
GB	216.58.201.110:443	consent.google.com	tcp
US	1.1.1.1:53	cdn.ampproject.org	udp
GB	142.250.180.1:443	cdn.ampproject.org	tcp
GB	142.250.180.1:443	cdn.ampproject.org	tcp
US	1.1.1.1:53	update.googleapis.com	udp
US	1.1.1.1:53	id.google.com	udp
US	1.1.1.1:53	encrypted-tbn0.gstatic.com	udp
GB	172.217.169.78:443	encrypted-tbn0.gstatic.com	tcp
GB	172.217.169.78:443	encrypted-tbn0.gstatic.com	tcp
US	1.1.1.1:53	casinobetzone.com	udp
US	1.1.1.1:53	casinobetzone.com	udp
US	8.8.8.8:53	google.com	udp
US	1.1.1.1:53	google.com	udp
US	1.1.1.1:53	casinobetzone.com	udp
US	8.8.4.4:53	google.com	udp
US	1.1.1.1:53	casinobetzone.com	udp
US	1.1.1.1:53	google.com	udp
US	8.8.4.4:53	google.com	udp
US	1.1.1.1:53	encrypted-tbn1.gstatic.com	udp
GB	142.250.200.14:443	encrypted-tbn1.gstatic.com	tcp
GB	142.250.200.14:443	encrypted-tbn1.gstatic.com	tcp
US	1.1.1.1:53	www.bet365.com	udp
GB	5.226.179.10:443	www.bet365.com	tcp
GB	5.226.179.10:443	www.bet365.com	tcp
US	1.1.1.1:53	premws-pt3.365lpodds.com	udp
US	1.1.1.1:53	pshudws.365lpodds.com	udp
GB	5.226.179.25:443	pshudws.365lpodds.com	tcp
GB	5.226.179.25:443	pshudws.365lpodds.com	tcp
US	1.1.1.1:53	find-and-update.company-information.service.gov.uk	udp
GB	13.43.24.66:443	find-and-update.company-information.service.gov.uk	tcp
GB	13.43.24.66:443	find-and-update.company-information.service.gov.uk	tcp
US	1.1.1.1:53	d3g3zt9unvz37o.cloudfront.net	udp
US	1.1.1.1:53	d3g3zt9unvz37o.cloudfront.net	udp
GB	18.245.150.165:443	d3g3zt9unvz37o.cloudfront.net	tcp
GB	18.245.150.165:443	d3g3zt9unvz37o.cloudfront.net	tcp
GB	18.245.150.165:443	d3g3zt9unvz37o.cloudfront.net	tcp
GB	18.245.150.165:443	d3g3zt9unvz37o.cloudfront.net	tcp
GB	18.245.150.165:443	d3g3zt9unvz37o.cloudfront.net	tcp
GB	18.245.150.165:443	d3g3zt9unvz37o.cloudfront.net	tcp
GB	18.245.150.165:443	d3g3zt9unvz37o.cloudfront.net	tcp
US	1.1.1.1:53	matomo.companieshouse.gov.uk	udp
US	1.1.1.1:53	matomo.companieshouse.gov.uk	udp
US	1.1.1.1:53	matomo.companieshouse.gov.uk	udp
GB	35.177.227.228:443	matomo.companieshouse.gov.uk	tcp
US	1.1.1.1:53	static.xx.fbcdn.net	udp
GB	163.70.151.21:443	static.xx.fbcdn.net	tcp
US	1.1.1.1:53	www.google.com	udp
US	1.1.1.1:53	www.google.com	udp
US	1.1.1.1:53	www.google.com	udp
US	1.1.1.1:53	twitter.com	udp
US	104.244.42.129:443	twitter.com	tcp
US	104.244.42.129:443	twitter.com	tcp
US	1.1.1.1:53	x.com	udp
US	1.1.1.1:53	abs.twimg.com	udp
US	1.1.1.1:53	api.twitter.com	udp
US	1.1.1.1:53	api.x.com	udp
GB	199.232.56.159:443	abs.twimg.com	tcp
US	104.244.42.2:443	api.twitter.com	tcp
US	104.244.42.194:443	api.x.com	tcp
US	1.1.1.1:53	pbs.twimg.com	udp
US	1.1.1.1:53	t.co	udp
PL	93.184.221.165:443	t.co	tcp
GB	199.232.56.159:443	abs.twimg.com	tcp
US	1.1.1.1:53	abs-0.twimg.com	udp
US	1.1.1.1:53	video.twimg.com	udp
US	104.244.43.131:443	abs-0.twimg.com	tcp
BE	151.101.8.158:443	video.twimg.com	tcp
US	1.1.1.1:53	pbs.twimg.com	udp
GB	199.232.56.159:443	pbs.twimg.com	tcp
US	104.244.42.194:443	api.x.com	tcp
BE	142.251.173.84:443	accounts.google.com	tcp
US	1.1.1.1:53	static.ads-twitter.com	udp
BE	151.101.8.157:443	static.ads-twitter.com	tcp
US	1.1.1.1:53	analytics.x.com	udp
US	104.244.42.195:443	analytics.x.com	tcp
US	104.244.42.195:443	analytics.x.com	tcp
US	1.1.1.1:53	www.casinobetzone380.com	udp
DE	185.162.229.2:80	www.casinobetzone380.com	tcp
DE	185.162.229.2:80	www.casinobetzone380.com	tcp
US	1.1.1.1:53	performance.radar.cloudflare.com	udp
US	104.18.31.78:443	performance.radar.cloudflare.com	tcp
US	1.1.1.1:53	www.cloudflare.com	udp
US	1.1.1.1:53	sparrow.cloudflare.com	udp
US	104.18.2.57:443	sparrow.cloudflare.com	tcp
US	1.1.1.1:53	i.ytimg.com	udp
GB	142.250.187.214:443	i.ytimg.com	tcp
GB	142.250.187.214:443	i.ytimg.com	tcp
GB	142.250.187.214:443	i.ytimg.com	tcp
US	1.1.1.1:53	www.youtube.com	udp
US	1.1.1.1:53	googleads.g.doubleclick.net	udp
US	1.1.1.1:53	static.doubleclick.net	udp
GB	216.58.204.66:443	googleads.g.doubleclick.net	tcp
GB	142.250.179.230:443	static.doubleclick.net	tcp
US	1.1.1.1:53	jnn-pa.googleapis.com	udp
GB	142.250.178.10:443	jnn-pa.googleapis.com	tcp
GB	142.250.179.238:443	www.youtube.com	tcp
US	1.1.1.1:53	www.google.com	udp
US	1.1.1.1:53	casinobetzone380.com	udp
DE	185.162.229.2:443	casinobetzone380.com	tcp
DE	185.162.229.2:443	casinobetzone380.com	tcp
US	1.1.1.1:53	a.nel.cloudflare.com	udp
US	35.190.80.1:443	a.nel.cloudflare.com	tcp
GB	142.250.187.202:443	jnn-pa.googleapis.com	tcp
GB	142.250.187.202:443	jnn-pa.googleapis.com	tcp
GB	142.250.200.2:443		tcp
US	1.1.1.1:53	static.xx.fbcdn.net	udp
US	1.1.1.1:53	static.xx.fbcdn.net	udp
GB	163.70.151.21:443	static.xx.fbcdn.net	tcp
GB	163.70.151.21:443	static.xx.fbcdn.net	tcp
GB	216.58.212.227:443		tcp
US	1.1.1.1:53	betzone.com	udp
US	1.1.1.1:53	betzone.com	udp
US	1.1.1.1:53	betzone.com	udp
US	1.1.1.1:53	betzone.com	udp
US	1.1.1.1:53	google.com	udp
US	8.8.4.4:53	google.com	udp
US	1.1.1.1:53	betzone.com	udp
NL	185.24.220.37:80	betzone.com	tcp
NL	185.24.220.37:80	betzone.com	tcp
NL	185.24.220.37:80	betzone.com	tcp
US	1.1.1.1:53	misli.com	udp
TR	91.93.121.190:80	misli.com	tcp
TR	91.93.121.190:80	misli.com	tcp
TR	91.93.121.190:80	misli.com	tcp
GB	172.217.16.228:443	www.google.com	tcp
GB	172.217.16.228:443	www.google.com	tcp
GB	172.217.16.228:443	www.google.com	tcp
US	1.1.1.1:53	www.misli.com	udp
TR	91.93.121.190:443	www.misli.com	tcp
TR	91.93.121.190:443	www.misli.com	tcp
TR	91.93.121.190:443	www.misli.com	tcp
US	1.1.1.1:53	st.misli.com	udp
GB	138.113.101.21:443	st.misli.com	tcp
GB	138.113.101.21:443	st.misli.com	tcp
GB	138.113.101.21:443	st.misli.com	tcp
GB	138.113.101.21:443	st.misli.com	tcp
US	1.1.1.1:53	wsvx.misli.com	udp
GB	138.113.101.21:443	st.misli.com	tcp
TR	176.236.147.133:443	wsvx.misli.com	tcp
US	1.1.1.1:53	aggr.misli.com	udp
US	1.1.1.1:53	apivx.misli.com	udp
TR	91.93.121.190:443	www.misli.com	tcp
TR	176.236.147.133:443	wsvx.misli.com	tcp
TR	176.236.147.133:443	wsvx.misli.com	tcp
TR	176.236.147.130:443	apivx.misli.com	tcp
TR	176.236.147.133:443	wsvx.misli.com	tcp
TR	176.236.147.142:443	aggr.misli.com	tcp
TR	176.236.147.142:443	aggr.misli.com	tcp
TR	176.236.147.133:443	wsvx.misli.com	tcp
TR	176.236.147.130:443	apivx.misli.com	tcp
TR	176.236.147.142:443	aggr.misli.com	tcp

Files

files/dom-0.html

MD5	a7b733f0c2d93be24a0de1fb7aac01b7
SHA1	fc82d33456127892c3465b3e1f0af4f05d3e1476
SHA256	cb2d8ae800420ea31fcae7192e617236077cbaaac72575a8d2e8f267ea9758f8
SHA512	32308589fa0214c071ee2191f64af25d491b67865d5dddc3b9dfc89764458a7b4c6ecacc66ed7c55aea6d722bb3e1c1933b6cc7882c053b19cadf0b7ff7c30e3

Sample ID	240613-2g8vzatakh
Target	https://tria.ge/dashboard
Tags

Malware Analysis Report

2024-07-28 14:28

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

Threat Level: No (potentially) malicious behavior was detected

Malicious Activity Summary

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files