Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file http://spotifydownloader.com was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-14 14:59
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-14 14:59
Reported
2024-06-14 15:03
Platform
android-x64-20240611.1-en
Max time kernel
117s
Max time network
151s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 66.102.1.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | spotifydownloader.com | udp |
| US | 50.28.32.8:80 | spotifydownloader.com | tcp |
| US | 50.28.32.8:80 | spotifydownloader.com | tcp |
| US | 50.28.32.8:80 | spotifydownloader.com | tcp |
| US | 1.1.1.1:53 | ww1.spotifydownloader.com | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.40:443 | ssl.google-analytics.com | tcp |
| DE | 64.190.63.136:80 | ww1.spotifydownloader.com | tcp |
| DE | 64.190.63.136:80 | ww1.spotifydownloader.com | tcp |
| GB | 142.250.200.10:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.200.3:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| GB | 172.217.169.68:443 | tcp | |
| GB | 172.217.169.68:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| GB | 216.58.212.238:443 | tcp | |
| GB | 142.250.200.2:443 | tcp |
Files
files/dom-0.html
| MD5 | 27801ed820dc43290da0dbd5a8f9f40a |
| SHA1 | 477077731d28a8da2ba797bab14e930d2f5f8b01 |
| SHA256 | e8ca24fa4c9fbd5810c8a1b0524b01136a39504562d1a1bfb80ea6a886b905da |
| SHA512 | 5e808ebf3d74845e0b58f6a696c9689723474e3a3a756dd8a86954c82967c0d290ca54e60d1839d5ba48d256765e1b735d745dff7993c214c00bedd4d9a824ec |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-14 14:59
Reported
2024-06-14 15:03
Platform
android-x64-arm64-20240611.1-en
Max time kernel
124s
Max time network
140s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.206:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.212.234:443 | tcp | |
| GB | 216.58.212.234:443 | tcp | |
| US | 1.1.1.1:53 | spotifydownloader.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 66.102.1.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | spotifydownloader.com | udp |
| BE | 142.250.110.84:443 | accounts.google.com | tcp |
| US | 50.28.32.8:80 | spotifydownloader.com | tcp |
| US | 50.28.32.8:80 | spotifydownloader.com | tcp |
| US | 50.28.32.8:80 | spotifydownloader.com | tcp |
| US | 1.1.1.1:53 | ww1.spotifydownloader.com | udp |
| DE | 64.190.63.136:80 | ww1.spotifydownloader.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| DE | 64.190.63.136:80 | ww1.spotifydownloader.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.179.227:443 | update.googleapis.com | tcp |
| GB | 216.58.212.196:443 | tcp | |
| GB | 216.58.212.196:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| DE | 64.190.63.136:80 | ww1.spotifydownloader.com | tcp |
| DE | 64.190.63.136:80 | ww1.spotifydownloader.com | tcp |
| DE | 64.190.63.136:80 | ww1.spotifydownloader.com | tcp |
Files
files/dom-0.html
| MD5 | 27801ed820dc43290da0dbd5a8f9f40a |
| SHA1 | 477077731d28a8da2ba797bab14e930d2f5f8b01 |
| SHA256 | e8ca24fa4c9fbd5810c8a1b0524b01136a39504562d1a1bfb80ea6a886b905da |
| SHA512 | 5e808ebf3d74845e0b58f6a696c9689723474e3a3a756dd8a86954c82967c0d290ca54e60d1839d5ba48d256765e1b735d745dff7993c214c00bedd4d9a824ec |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 14:59
Reported
2024-06-14 15:01
Platform
android-x86-arm-20240611.1-en
Max time kernel
45s
Max time network
42s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | spotifydownloader.com | udp |
| US | 50.28.32.8:80 | spotifydownloader.com | tcp |
| US | 50.28.32.8:80 | spotifydownloader.com | tcp |
| US | 50.28.32.8:80 | spotifydownloader.com | tcp |
| US | 1.1.1.1:53 | ww1.spotifydownloader.com | udp |
| DE | 64.190.63.136:80 | ww1.spotifydownloader.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.200.3:443 | update.googleapis.com | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |