Analysis Overview
score
8/10
SHA256
47228c89912ed8f23d684381f780005e20a12597513eb51bd5c4997a5823eb76
Threat Level: Likely malicious
The file TIKTOK 18-tiktok18apps.com.apk was found to be: Likely malicious.
Malicious Activity Summary
Removes its main activity from the application launcher
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-18 04:59
Signatures
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-18 04:59
Reported
2024-08-18 05:05
Platform
android-x86-arm-20240624-en
Max time kernel
2s
Max time network
320s
Command Line
org.chromium.webapk.a0bd754b328f127e7_v2
Signatures
N/A
Processes
org.chromium.webapk.a0bd754b328f127e7_v2
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | digitalassetlinks.googleapis.com | udp |
| US | 1.1.1.1:53 | fikfap.com | udp |
| US | 104.26.12.205:443 | fikfap.com | tcp |
| US | 104.26.12.205:443 | fikfap.com | tcp |
| US | 1.1.1.1:53 | api.fikfap.com | udp |
| US | 1.1.1.1:53 | www.clarity.ms | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 1.1.1.1:53 | analytics.google.com | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| GB | 142.250.178.14:443 | analytics.google.com | tcp |
| GB | 64.233.166.155:443 | stats.g.doubleclick.net | tcp |
| US | 104.26.12.205:443 | api.fikfap.com | tcp |
| US | 1.1.1.1:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 104.26.12.205:443 | api.fikfap.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.179.227:443 | update.googleapis.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 1.1.1.1:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 1.1.1.1:53 | digitalassetlinks.googleapis.com | udp |
| US | 1.1.1.1:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| GB | 172.217.16.227:80 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 142.250.178.10:443 | digitalassetlinks.googleapis.com | tcp |
| GB | 142.250.200.2:443 | tcp | |
| GB | 216.58.213.10:443 | digitalassetlinks.googleapis.com | tcp |
| GB | 142.250.178.10:443 | digitalassetlinks.googleapis.com | tcp |
| GB | 142.250.178.10:443 | digitalassetlinks.googleapis.com | tcp |
| GB | 142.250.187.227:443 | tcp | |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| GB | 216.58.213.10:443 | digitalassetlinks.googleapis.com | tcp |
| GB | 142.250.179.238:443 | tcp | |
| GB | 142.250.178.10:443 | digitalassetlinks.googleapis.com | tcp |
| GB | 142.250.187.227:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| US | 1.1.1.1:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
Files
N/A
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-18 04:59
Reported
2024-08-18 05:05
Platform
android-x64-20240624-en
Max time kernel
2s
Max time network
316s
Command Line
org.chromium.webapk.a0bd754b328f127e7_v2
Signatures
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Processes
org.chromium.webapk.a0bd754b328f127e7_v2
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | digitalassetlinks.googleapis.com | udp |
| GB | 216.58.213.10:443 | digitalassetlinks.googleapis.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 142.251.173.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| GB | 64.233.167.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | fikfap.com | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.40:443 | ssl.google-analytics.com | tcp |
| US | 104.26.12.205:443 | fikfap.com | tcp |
| US | 104.26.12.205:443 | fikfap.com | tcp |
| US | 1.1.1.1:53 | api.fikfap.com | udp |
| US | 1.1.1.1:53 | www.clarity.ms | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 1.1.1.1:53 | analytics.google.com | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| US | 216.239.34.181:443 | analytics.google.com | tcp |
| GB | 173.194.76.155:443 | stats.g.doubleclick.net | tcp |
| US | 104.26.12.205:443 | api.fikfap.com | tcp |
| US | 1.1.1.1:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.200.3:443 | update.googleapis.com | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 1.1.1.1:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 1.1.1.1:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 1.1.1.1:53 | digitalassetlinks.googleapis.com | udp |
| GB | 142.250.179.226:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| GB | 142.250.187.227:443 | tcp | |
| US | 1.1.1.1:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| GB | 142.250.187.227:443 | tcp |
Files
N/A