Malware Analysis Report

2024-07-28 09:12

Sample ID 240617-kczcaswfpq
Target https://digidauthuser29334343329320.com/
Tags
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://digidauthuser29334343329320.com/ was found to be: Known bad.

Malicious Activity Summary


Checks CPU information

Checks memory information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-17 08:28

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-17 08:28

Reported

2024-06-17 08:31

Platform

android-x64-20240611.1-en

Max time kernel

117s

Max time network

147s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 accounts.google.com udp
BE 66.102.1.84:443 accounts.google.com tcp
US 1.1.1.1:53 digidauthuser29334343329320.com udp
US 104.21.81.148:443 digidauthuser29334343329320.com tcp
US 104.21.81.148:443 digidauthuser29334343329320.com tcp
US 1.1.1.1:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.201.104:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 216.58.212.195:443 update.googleapis.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
GB 142.250.200.46:443 tcp
GB 142.250.200.46:443 tcp
GB 142.250.179.226:443 tcp
GB 142.250.179.228:443 tcp
GB 142.250.179.228:443 tcp

Files

files/dom-0.html

MD5 5e62b2b47a6ec2dec05f05989fdd7914
SHA1 289e9c6ac9fa295790bd2da44526377d9259fb26
SHA256 6a3bdcf74e480f41b974e4f4aab59d2a93e7816950deffcaecb78f9777b4f621
SHA512 696b635d269a417aabc68bfd2a88ed7f1e4c3fa7f3d0c5bcbea29a009d10451c582a0fdeb8f74166f0dee4277d079669e91afb823a1724e9205b6ba1f1e75716