Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file https://www.mediafire.com/file/nxmlwhc2ekzga3y/MonikaAfterStoryv0.12.5.1.apk/file was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-14 23:23
Signatures
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-14 23:23
Reported
2024-06-14 23:55
Platform
android-x86-arm-20240611.1-en
Max time kernel
1824s
Max time network
1828s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.169.74:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 1.1.1.1:53 | the.gatekeeperconsent.com | udp |
| US | 1.1.1.1:53 | btloader.com | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | tcp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 1.1.1.1:53 | privacy.gatekeeperconsent.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 1.1.1.1:53 | www.ezojs.com | udp |
| US | 1.1.1.1:53 | translate.google.com | udp |
| US | 1.1.1.1:53 | static.cloudflareinsights.com | udp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| US | 1.1.1.1:53 | static.mediafire.com | udp |
| US | 172.67.170.144:443 | www.ezojs.com | tcp |
| GB | 142.250.178.14:443 | translate.google.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| GB | 18.154.84.20:443 | cdn.amplitude.com | tcp |
| US | 1.1.1.1:53 | www.mediafiredls.com | udp |
| US | 172.67.73.78:443 | www.mediafiredls.com | tcp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| IE | 52.211.212.103:443 | g.ezoic.net | tcp |
| US | 1.1.1.1:53 | go.ezodn.com | udp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 1.1.1.1:53 | translate.googleapis.com | udp |
| GB | 216.58.212.202:443 | translate.googleapis.com | tcp |
| US | 1.1.1.1:53 | api.amplitude.com | udp |
| US | 35.83.191.32:443 | api.amplitude.com | tcp |
| US | 1.1.1.1:53 | g.ezodn.com | udp |
| US | 1.1.1.1:53 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.187.194:443 | securepubads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | bshr.ezodn.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | tcp |
| US | 1.1.1.1:53 | clients1.google.com | udp |
| GB | 142.250.200.46:443 | clients1.google.com | tcp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| BE | 64.233.184.154:443 | stats.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | fundingchoicesmessages.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.co.uk | udp |
| GB | 216.58.212.206:443 | fundingchoicesmessages.google.com | tcp |
| GB | 172.217.169.68:443 | www.google.com | tcp |
| GB | 172.217.16.227:443 | www.google.co.uk | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.187.195:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | region1.analytics.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 172.217.169.74:443 | tcp | |
| GB | 172.217.169.74:443 | tcp | |
| GB | 142.250.187.227:80 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 172.217.169.74:443 | tcp | |
| GB | 172.217.169.74:443 | tcp | |
| GB | 172.217.169.74:443 | tcp | |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 172.217.169.74:443 | tcp | |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 216.58.204.78:443 | tcp |
Files
files/dom-0.html
| MD5 | 679598bb81cb569d22bcbc2c7a5eb705 |
| SHA1 | 71a4f2a9347f4e9353c8761cb229b48351c248fe |
| SHA256 | 7847b0a17709614c8e2ddb3e3ee5c082a7d55564b3d160776a6560f9099670c9 |
| SHA512 | b1232a86a0be6572ee1f571a03cd4a6a2d5fee25f144a26a7c7001dd8fb75bfcbc6a78e0710c37bfe47e660013cc12b49e1f8a3230038371bb6bd49ca557b2eb |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 23:23
Reported
2024-06-15 00:05
Platform
android-x64-20240611.1-en
Max time kernel
2129s
Max time network
2226s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 74.125.133.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | the.gatekeeperconsent.com | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | tcp |
| US | 1.1.1.1:53 | btloader.com | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 1.1.1.1:53 | privacy.gatekeeperconsent.com | udp |
| US | 1.1.1.1:53 | www.ezojs.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 1.1.1.1:53 | translate.google.com | udp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| US | 1.1.1.1:53 | static.cloudflareinsights.com | udp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| GB | 216.58.204.78:443 | translate.google.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| GB | 18.154.84.20:443 | cdn.amplitude.com | tcp |
| US | 1.1.1.1:53 | static.mediafire.com | udp |
| US | 1.1.1.1:53 | clients1.google.com | udp |
| GB | 142.250.187.206:443 | clients1.google.com | tcp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| IE | 34.242.249.162:443 | g.ezoic.net | tcp |
| US | 1.1.1.1:53 | go.ezodn.com | udp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 1.1.1.1:53 | securepubads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | api.amplitude.com | udp |
| US | 1.1.1.1:53 | www.mediafiredls.com | udp |
| US | 54.70.33.70:443 | api.amplitude.com | tcp |
| US | 172.67.73.78:443 | www.mediafiredls.com | tcp |
| US | 1.1.1.1:53 | translate.googleapis.com | udp |
| GB | 142.250.178.10:443 | translate.googleapis.com | tcp |
| US | 1.1.1.1:53 | tlx.3lift.com | udp |
| US | 1.1.1.1:53 | prebid.media.net | udp |
| US | 1.1.1.1:53 | btlr.sharethrough.com | udp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| US | 1.1.1.1:53 | hbopenbid.pubmatic.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| DE | 18.197.138.194:443 | btlr.sharethrough.com | tcp |
| DE | 18.197.138.194:443 | btlr.sharethrough.com | tcp |
| DE | 18.197.138.194:443 | btlr.sharethrough.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| BE | 142.251.168.156:443 | stats.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.co.uk | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 216.58.201.99:443 | www.google.co.uk | tcp |
| US | 1.1.1.1:53 | fundingchoicesmessages.google.com | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| US | 1.1.1.1:53 | region1.analytics.google.com | udp |
| GB | 216.58.204.67:443 | update.googleapis.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ads.pubmatic.com | udp |
| US | 1.1.1.1:53 | eb2.3lift.com | udp |
| US | 1.1.1.1:53 | contextual.media.net | udp |
| GB | 23.219.196.188:443 | ads.pubmatic.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| GB | 92.123.240.21:443 | contextual.media.net | tcp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| DE | 18.197.138.194:443 | btlr.sharethrough.com | tcp |
| US | 1.1.1.1:53 | download854.mediafire.com | udp |
| US | 205.196.121.49:443 | download854.mediafire.com | tcp |
| US | 205.196.121.49:443 | download854.mediafire.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| GB | 142.250.179.226:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| GB | 216.58.204.67:443 | update.googleapis.com | tcp |
| GB | 216.58.212.234:443 | tcp | |
| GB | 216.58.204.67:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.16.227:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 64.233.166.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 1.1.1.1:53 | translate.google.com | udp |
| GB | 216.58.213.14:443 | translate.google.com | tcp |
| US | 1.1.1.1:53 | api.amplitude.com | udp |
| US | 54.68.45.63:443 | api.amplitude.com | tcp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| IE | 52.211.212.103:443 | g.ezoic.net | tcp |
| US | 1.1.1.1:53 | www.mediafiredls.com | udp |
| US | 104.26.2.173:443 | www.mediafiredls.com | tcp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| BE | 108.177.15.155:443 | stats.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | tlx.3lift.com | udp |
| US | 1.1.1.1:53 | hbopenbid.pubmatic.com | udp |
| US | 1.1.1.1:53 | prebid.media.net | udp |
| US | 1.1.1.1:53 | btlr.sharethrough.com | udp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| DE | 52.29.6.178:443 | btlr.sharethrough.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.co.uk | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.200.35:443 | www.google.co.uk | tcp |
| US | 1.1.1.1:53 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.169.14:443 | fundingchoicesmessages.google.com | tcp |
| US | 1.1.1.1:53 | region1.analytics.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 1.1.1.1:53 | eb2.3lift.com | udp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 216.58.212.234:443 | semanticlocation-pa.googleapis.com | tcp |
| GB | 216.58.212.234:443 | semanticlocation-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| FR | 35.181.89.222:443 | g.ezoic.net | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.212.195:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| BE | 173.194.76.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
Files
/storage/emulated/0/Android/data/com.android.chrome/files/Download/Unconfirmed 258808.crdownload
| MD5 | d0fbfca3d52fe828c0d41c77b3c66387 |
| SHA1 | 67607cf4e2f21724349812d8e825e99a54e753b8 |
| SHA256 | 253557ee1b4a18a639917aeedd1b54fccda688b6b3bd093b9c165ab0e81d5541 |
| SHA512 | 5790beb091ee403bd00928dcff030664aa1b63813bf4f9dd50d393a320d9d8b62c018a395287666c7182f8ca3e050ddbe21eeabd6c6e54fee3f488d2425051a7 |
files/dom-0.html
| MD5 | 1ac243bd62fbacc4a8771495ec272c14 |
| SHA1 | 5cd787fe1d5946b16a53fea76c1942abb2485ee0 |
| SHA256 | 8279d895d9e2f0880491b34d0a6122ec9fec37eb65f1bd153d756d869deb23d1 |
| SHA512 | fae74a1c8d472157b0e4179e8d11b52d31d1c1c15314799b2b4f672ce087becd73400c3b20f55aa27cfb216d25bbc3d02fd3a0d7577beaa3616170abfb45a7dc |
files/dom-1.html
| MD5 | d50ee7e564cb7a82d7f9cfd93c989787 |
| SHA1 | 6463e4443338d62614aa9e4924db0f12a73fd240 |
| SHA256 | 37f16fb766433edecbed3565d18d96ff8a67db3ea9d77023fb6bd9267b7f4727 |
| SHA512 | dc6b38cbaeb6329910bf580078f9edb6aa653e4ea260e83baf1ea5603705a1154bc8a6d1246fffc73d4d3efb4c9cce5689cb9cf37355cee145723598aef5be19 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-14 23:23
Reported
2024-06-14 23:55
Platform
android-x64-arm64-20240611.1-en
Max time kernel
1827s
Max time network
1824s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.206:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 64.233.166.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| BE | 74.125.71.84:443 | accounts.google.com | tcp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 1.1.1.1:53 | the.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | tcp |
| US | 1.1.1.1:53 | btloader.com | udp |
| US | 1.1.1.1:53 | privacy.gatekeeperconsent.com | udp |
| US | 1.1.1.1:53 | www.ezojs.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| US | 1.1.1.1:53 | translate.google.com | udp |
| US | 1.1.1.1:53 | static.cloudflareinsights.com | udp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| US | 1.1.1.1:53 | static.mediafire.com | udp |
| GB | 216.58.212.238:443 | translate.google.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| GB | 18.154.84.60:443 | cdn.amplitude.com | tcp |
| US | 1.1.1.1:53 | cdn.otnolatrnup.com | udp |
| US | 104.16.52.110:443 | cdn.otnolatrnup.com | tcp |
| US | 1.1.1.1:53 | www.mediafiredls.com | udp |
| US | 104.26.3.173:443 | www.mediafiredls.com | tcp |
| US | 1.1.1.1:53 | clients1.google.com | udp |
| GB | 142.250.179.238:443 | clients1.google.com | tcp |
| US | 1.1.1.1:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 1.1.1.1:53 | api.amplitude.com | udp |
| US | 1.1.1.1:53 | api.btloader.com | udp |
| US | 1.1.1.1:53 | ad-delivery.net | udp |
| US | 54.148.47.66:443 | api.amplitude.com | tcp |
| US | 1.1.1.1:53 | translate.googleapis.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 1.1.1.1:53 | otnolatrnup.com | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| IE | 34.242.249.162:443 | g.ezoic.net | tcp |
| US | 1.1.1.1:53 | go.ezodn.com | udp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 1.1.1.1:53 | tags.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | ad.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | bcp.crwdcntrl.net | udp |
| GB | 18.245.143.118:443 | tags.crwdcntrl.net | tcp |
| IE | 52.215.133.162:443 | bcp.crwdcntrl.net | tcp |
| IE | 34.246.197.125:443 | ad.crwdcntrl.net | tcp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| BE | 64.233.184.155:443 | stats.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | g.ezodn.com | udp |
| US | 1.1.1.1:53 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.187.194:443 | securepubads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.co.uk | udp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | region1.analytics.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 1.1.1.1:53 | translate-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | bshr.ezodn.com | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | fundingchoicesmessages.google.com | udp |
| GB | 216.58.204.78:443 | fundingchoicesmessages.google.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.204.67:443 | update.googleapis.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.16.227:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| GB | 216.58.201.99:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| BE | 66.102.1.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 216.58.201.110:443 | tcp |
Files
files/dom-0.html
| MD5 | c14852c80f8d226149b6bf62716000be |
| SHA1 | 3d74d4faa796ec81fd68b3fffa9dc735f55f217d |
| SHA256 | 18c6c768ab290caec09bba359905f332f51058f9682aa39588528ba7bb9ce29c |
| SHA512 | e48b7c165fbe14a0b01535bf0a1e8b29bc79ebffc925c89d2416b87fedbfa3df976fdb1f05d99a1b6ac7530f4aa18e5b433535aa3510dda9bfd019433db5f5a3 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-14 23:23
Reported
2024-06-14 23:54
Platform
android-33-x64-arm64-20240611.1-en
Max time kernel
39s
Max time network
1687s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.16.228:443 | udp | |
| GB | 172.217.16.228:443 | udp | |
| BE | 173.194.76.188:5228 | tcp | |
| GB | 216.58.212.196:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.179.234:443 | tcp | |
| US | 162.159.61.3:443 | tcp | |
| US | 162.159.61.3:443 | tcp | |
| US | 162.159.61.3:443 | tcp | |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 1.1.1.1:53 | gmscompliance-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 104.16.113.74:443 | www.mediafire.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 142.250.110.84:443 | accounts.google.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.16.227:443 | update.googleapis.com | tcp |
| GB | 142.250.179.234:443 | gmscompliance-pa.googleapis.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| GB | 216.58.204.74:443 | gmscompliance-pa.googleapis.com | tcp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | tcp |
| GB | 172.217.16.228:443 | udp | |
| GB | 142.250.179.228:443 | udp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| US | 1.1.1.1:53 | gmscompliance-pa.googleapis.com | udp |
| GB | 142.250.180.8:443 | tcp | |
| GB | 142.250.200.2:443 | tcp | |
| GB | 216.58.204.70:80 | tcp | |
| GB | 216.58.204.70:443 | tcp | |
| GB | 142.250.187.194:443 | tcp | |
| GB | 142.250.200.2:443 | tcp | |
| GB | 216.58.212.206:443 | tcp | |
| US | 216.239.34.36:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| GB | 172.217.169.42:443 | gmscompliance-pa.googleapis.com | tcp |
| GB | 142.250.178.10:443 | gmscompliance-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.169.68:443 | www.google.com | tcp |