Malware Analysis Report

2024-09-09 16:20

Sample ID 240706-nvn6tsxhpk
Target HWF.apk
SHA256 9916a032b206aee7efb050687e9cdf44db68c0701909d5f464737abfece9a395
Tags
discovery impact persistence antidot
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral18

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral21

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral16

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral14

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral17

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral22

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral23

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral15

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral19

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral20

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral24

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

9916a032b206aee7efb050687e9cdf44db68c0701909d5f464737abfece9a395

Threat Level: Known bad

The file HWF.apk was found to be: Known bad.

Malicious Activity Summary

discovery impact persistence antidot

Antidot family

Antidot payload

Declares services with permission to bind to the system

Requests dangerous framework permissions

Reads information about phone network operator.

Registers a broadcast receiver at runtime (usually for listening for system events)

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-07-06 11:44

Signatures

Antidot family

antidot

Antidot payload

Description Indicator Process Target
N/A N/A N/A N/A

Declares services with permission to bind to the system

Description Indicator Process Target
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. android.permission.BIND_NOTIFICATION_LISTENER_SERVICE N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an app to access location in the background. android.permission.ACCESS_BACKGROUND_LOCATION N/A N/A
Allows an application to read the user's calendar data. android.permission.READ_CALENDAR N/A N/A
Allows an application to write the user's calendar data. android.permission.WRITE_CALENDAR N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows the app to answer an incoming phone call. android.permission.ANSWER_PHONE_CALLS N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows read access to the device's phone number(s). android.permission.READ_PHONE_NUMBERS N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS N/A N/A
Allows an application to recognize physical activity. android.permission.ACTIVITY_RECOGNITION N/A N/A
Allows an application to read image files from external storage. android.permission.READ_MEDIA_IMAGES N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:46

Platform

android-x64-arm64-20240624-en

Max time network

13s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:46

Platform

android-x64-20240624-en

Max time network

12s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral18

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:45

Platform

android-x86-arm-20240624-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral21

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:45

Platform

android-x64-arm64-20240624-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:46

Platform

android-x86-arm-20240624-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral16

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:45

Platform

android-x64-20240624-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:46

Platform

android-x64-arm64-20240624-en

Max time network

13s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:46

Platform

android-x86-arm-20240624-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:46

Platform

android-x64-20240624-en

Max time network

11s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral13

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:49

Platform

android-33-x64-arm64-20240624-en

Max time network

132s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.200.36:443 udp
GB 142.250.200.36:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 rcs-acs-tmo-us.jibe.google.com udp
US 216.239.36.155:443 rcs-acs-tmo-us.jibe.google.com tcp
US 1.1.1.1:53 remoteprovisioning.googleapis.com udp
GB 142.250.178.10:443 remoteprovisioning.googleapis.com tcp
US 172.64.41.3:443 tcp
US 172.64.41.3:443 tcp
GB 216.58.201.99:443 tcp
US 172.64.41.3:443 udp
GB 216.58.201.99:443 udp
GB 142.250.200.36:443 udp
GB 216.58.204.68:443 udp
GB 216.58.204.68:443 tcp
GB 216.58.204.68:443 tcp

Files

N/A

Analysis: behavioral14

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:49

Platform

android-x86-arm-20240624-en

Max time kernel

33s

Max time network

204s

Command Line

com.huawei.health

Signatures

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.huawei.health

com.huawei.health:DaemonService

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp

Files

/data/data/com.huawei.health/files/mmkv/preference_save_module

MD5 ceb500e27c46243ff9b5b258ec352a93
SHA1 1ce1520337254ef259b532e9f795c287ccaaa9e0
SHA256 d8cd8b017dc8b1004170ed87fade9b548dac2c346f7d2abba74644bd6b81be5c
SHA512 91ba82a397cafe25024ec4b7d8ad1d0e8a0c0e2237e3a63a4f5e99b0a793f5c0ab6a852cbe79a307b7580c12802e4f0f643b2663609dcf885805be0047de5317

/data/data/com.huawei.health/files/mmkv/preference_save_module.crc

MD5 620f0b67a91f7f74151bc5be745b7110
SHA1 1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d
SHA256 ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7
SHA512 2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

/data/data/com.huawei.health/databases/HwCPDatas.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.huawei.health/databases/HwCPDatas.db-shm

MD5 05ff1a95d361341cd9755584fd741504
SHA1 97429c30c0ae2cc64383364ccea004d70fc71f11
SHA256 919431935ceef359bf16ea4302d2bb0b998d551156755b113c68a0663733dd9a
SHA512 7e157da12593e491f87519238055e9dd59b7bb6c7e2329892cd5ae5fb202794bda48c68c65ae1bdc98a6ef7a54baefeece9c3179564d5f6ffd30b5bde7cce4d6

/data/data/com.huawei.health/databases/HwCPDatas.db-wal

MD5 01971b76b8122fd3f3dffb42098a9376
SHA1 668d007585b64f2337e09618a031c03058fbdc65
SHA256 4695eadc9ebdb6eb5dd4439cae639345ada878b71665947906070c93047141a4
SHA512 c561f1e8ce9f632432f015f7bfb7e55d8262f59b56a2016a041c564d8ae9fb0b562ab3035fe69ed4ed9eccbf0cb31732544cbb19d7e59ef312ec931e5dc99549

/data/data/com.huawei.health/databases/HwCPBackupDatas.db-shm

MD5 c4ff85997b79045aeeffaecbf25ea533
SHA1 1fb53af745fbfffab40cb210b952ce78ba3922ee
SHA256 8f3aea3c90a568b83f6e16f25c4aa8f54849f2099a95e649cb096d3476da2daf
SHA512 8f5942782bd910f801c7723cd35e2f2c1d106d0e24ef4363ea8f744fb3203ba9d17528956f2fd4534bc43655aaa917e63761cd9ce52184980b0f58b008c695f3

/data/data/com.huawei.health/databases/HwCPBackupDatas.db-wal

MD5 40f479a61600c6a8c3d2ddb90dde36c7
SHA1 3945d7911db5f4c0ee6b25aa39504c9660f11499
SHA256 ed48f40406d9fcf15e75a4d5cb62ff30b8d8b2f8d86650fb44904b2895d05588
SHA512 3a0cd1531bb2bb1ac955838e714079cb76725fd51e698351661d3bcfcd8dbc14c42a2ab75ac888896e456ee191c2f1af9e279aac09b03319adf9fa91535b86db

/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/dfx_log_14.1.4.171-wearBeta/com.huawei.health_processLog_0.txt

MD5 eaec73c105b619dccc164d7275af8c07
SHA1 0ea9b2cf34220f4a2ef98489dcfe2ee19b63b99a
SHA256 264fe25c2ef450f45a3c376fb6be6b2b148a71d6c9cd4a2fb0ce6c309f664cea
SHA512 4aad9f6e77e05c439f6360fadd9f7ce0e9bd654b20f73cd40f4970c0aed36066b95e1a1d9934c62a8e840e50752ca3fb77a7c1ab0f3f9dc54a624117c7e91cb7

/data/data/com.huawei.health/app_proc_status/proc_status/com.huawei.health

MD5 bf83fdb4da9460b0143dc2be00051d41
SHA1 b87fce3876cf05cfa81fe8998cc02cf7a79c866c
SHA256 cbaca7e43157d0958ffdb67866a5131a0886d37ebcfa26fe54828e3cab578551
SHA512 9f7263cde78906902169d6c5ce9f0209a60beb3e10a254fd9fc96f33a077a733465a1d7aa277974eb660ff993c3b53d81ad1c05a7e60bd94b6901b8b7dcba3e2

/data/data/com.huawei.health/databases/HwVersion.db-journal

MD5 6f0fca1dda890af83dbda4cac06759fd
SHA1 dc18c2ead63b8be893ed54c9a1ce94f6b0b680b4
SHA256 d47b7494a01c9f471131176b7877c1c5532200b973f6e42fd2c8e00ed0d52d9c
SHA512 b40e1d1ade3fc7493e1b44b2d30afff288fc6023763b6bcb73ff96bd5a701e3fc75257868b2d136761caa3777014651a9cb92f771c4220dcabc4c7724d684536

/data/data/com.huawei.health/databases/HwVersion.db

MD5 61ff198a1f3e0d04cf60b0acc8ca3363
SHA1 f8fa4472ef5d91654552f614866f799fa17b3b6d
SHA256 f54b0b81d993a51b78fe5279142485cbc53ce453c8435aef66d0492b1a1099a0
SHA512 ef3ec13db5b63e987254ea282b473d93fa8c783bd14e7b2d56442386619d3187d3297a4c3cb8e103c34dbad10d16eb79b28f5e932d5bf9ed99c224b89aba3409

/data/data/com.huawei.health/databases/HwVersion.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.huawei.health/databases/HwVersion.db-wal

MD5 13903bccb531d19631a017a475b16cc9
SHA1 556b6141200db605f8f54098358e38b59f40e0f4
SHA256 315f9c6a0d4292a9a9b942f20d1a71946977e765b89e52d4ec4062818437b956
SHA512 2b4ba8e7ad3a7cfa909c1481037979a6597801b86dc65275f1c46b5dbd81cddd3cce0f3bf8cb00b5433712ddad387d3645de6ba8c272a674059d2dccf6d1fd69

/data/data/com.huawei.health/databases/com_huawei_health101010.db-journal

MD5 2366d5c098f98421d531ac49ca678c7e
SHA1 e6c9b639781ace1c04df1c35888d30652dce160a
SHA256 d5c1710d8e8ac95e2ac9e9d73f259129f8b38ab1783fd85877eef075d4094d28
SHA512 da53ff4a6e4411560c034afb6358ca0863f4c77f061b9c1e5205dc37d2bc14ecb8643eef1a127018505ad35550d0d1b5a102658b73eabdc53cbd35c566a3fa9d

/data/data/com.huawei.health/databases/com_huawei_health20005.db-journal

MD5 73288324aea013da01e771d6a13f2681
SHA1 1c2f1dca69b620bed4326303f2eebc1fa6b180b3
SHA256 6715be0c3417eb3fdcdf7fb667fb28528a7b0e04b245249cd5c29fa475b3570f
SHA512 ed07ef5c2e579e209494976072a067a2931e8a1a41646a339e353534e4421ca7126df7e0ea54e2018c7b512df4473f8174b282d77823c0a3cb77e52d5020b201

/data/data/com.huawei.health/databases/com_huawei_health1020.db-journal

MD5 aa447f2eb68a264f869c8ab94d52a5e6
SHA1 ffdb09ae8bb4d4776b780ddd193064f8280f910b
SHA256 22ff28bcbf14cafb74ae7c871a7d13e457e034673d5b344484db63bb79dd1fbd
SHA512 49fa08a1ae1f464bf4e5849f8232b175c8dfc45aa59f6e87a7fafce94911d0531ff5da83fe4db3e529d357cd97086816479d7ad7c995c8015db6fc34d783820d

/data/data/com.huawei.health/files/mmkv/10100

MD5 0dfbe8aa4c20b52e1b8bf3cb6cbdf193
SHA1 67dfd19f3eb3649d6f3f6631e44d0bd36b8d8d19
SHA256 fa43239bcee7b97ca62f007cc68487560a39e19f74f3dde7486db3f98df8e471
SHA512 4ed83e40c9cf32ac2c59125a01170bc97f20550952c8ca20ffe1b2a59d1b1ed9c8426c515f7629d1bb5e4cdc53dd70ffcf67203d59e70a559492e5ff0e712278

/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/com.huawei.health_DaemonService/log.0

MD5 982211717958877223bdd50546b9f1be
SHA1 5c64d99f8e3c9ecbc34da97dc7998bb3db7e1169
SHA256 1b792487b5802d912d76fac058b61dc395fabadcf70fd05656bc891f6b65c312
SHA512 c44e79a5953b01c5c89ad583ef5f9fb8bacc38b68960b27dde9050509409bb9724877a4a853cad7c3fd5085b103b52c6505c946b520319cd3b0067f41447da13

Analysis: behavioral17

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:45

Platform

android-x64-arm64-20240624-en

Max time network

9s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:46

Platform

android-x86-arm-20240624-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:49

Platform

android-x86-arm-20240624-en

Max time network

137s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral22

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:46

Platform

android-x86-arm-20240624-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral23

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:45

Platform

android-x64-20240624-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:49

Platform

android-x86-arm-20240624-en

Max time kernel

2s

Max time network

131s

Command Line

com.huawei.health

Signatures

N/A

Processes

com.huawei.health

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.42:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:46

Platform

android-x64-20240624-en

Max time network

11s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral15

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:45

Platform

android-x86-arm-20240624-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral19

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:45

Platform

android-x86-arm-20240624-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:46

Platform

android-x86-arm-20240624-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:46

Platform

android-x64-arm64-20240624-en

Max time network

12s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.206:443 tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.206:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral20

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:45

Platform

android-x64-20240624-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral24

Detonation Overview

Submitted

2024-07-06 11:43

Reported

2024-07-06 11:45

Platform

android-x64-arm64-20240624-en

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A