Analysis Overview
SHA256
a57cd5e6da100b43b807552f98fc2ff97308ca4b777656e7cc3c8146781f8003
Threat Level: No (potentially) malicious behavior was detected
The file fnaf2+aptoide.apk was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-03 04:14
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-03 04:14
Reported
2024-08-03 04:18
Platform
android-x86-arm-20240624-en
Max time kernel
115s
Max time network
131s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.200.3:443 | update.googleapis.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| GB | 216.58.201.106:443 | tcp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-03 04:14
Reported
2024-08-03 04:18
Platform
android-x64-20240624-en
Max time kernel
116s
Max time network
158s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| GB | 173.194.76.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 108.177.15.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.179.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.180.3:443 | update.googleapis.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.212.206:443 | android.apis.google.com | tcp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.204.74:443 | tcp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-08-03 04:14
Reported
2024-08-03 04:16
Platform
android-x64-arm64-20240624-en
Max time kernel
66s
Max time network
74s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.206:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | web-static.archive.org | udp |
| US | 207.241.237.2:443 | web-static.archive.org | tcp |
| US | 207.241.237.2:443 | web-static.archive.org | tcp |
| US | 207.241.237.2:443 | web-static.archive.org | tcp |
| US | 207.241.237.2:443 | web-static.archive.org | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| GB | 64.233.167.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | wayback-api.archive.org | udp |
| US | 1.1.1.1:53 | archive.org | udp |
| US | 1.1.1.1:53 | web.archive.org | udp |
| US | 207.241.237.8:443 | wayback-api.archive.org | tcp |
| US | 207.241.224.2:443 | archive.org | tcp |
| US | 207.241.224.2:443 | archive.org | tcp |
| US | 207.241.224.2:443 | archive.org | tcp |
| US | 207.241.237.3:443 | web.archive.org | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.178.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.180.3:443 | update.googleapis.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.213.3:443 | update.googleapis.com | tcp |
Files
/storage/emulated/0/Download/.pending-1723263313-fnaf2 aptoide.apk (deleted)
| MD5 | 7e244260fba0e0318d182953fd054ecb |
| SHA1 | 819fcd3ea8733e39f8c4c63b65192fc939bbab83 |
| SHA256 | c01b58c23c3b0841a7356406620f2749ecba99b079ce660279286d0833a11484 |
| SHA512 | 953290bb330abf9fd29eea44b9e8a6a45f8fbc3b298c76ed99dd4371561797d96ca067b9486d5b167a635c6dff7cb48ffa696304c7ccc1f85a9a6a2050f7390f |
/storage/emulated/0/Download/.pending-1723263313-fnaf2 aptoide.apk
| MD5 | 154741d5256128ec24b13fb1132ac24e |
| SHA1 | a836264c3bcc90b9977e057c64e0178c4cc55ffd |
| SHA256 | f7bff63427ecc7bd068e35d8d94bcd8912c79f2a53bb7e3ad735e614064c3c13 |
| SHA512 | 43944b6ca61e1697ab12a38209e0e2412bc992b3756a141e150c13317f88acec7c131232cb402f3230dc515b792967f62532282f5537a49bba934c87f035b3da |