Malware Analysis Report

2024-10-16 06:44

Sample ID 241008-zdbpystflr
Target https://google.com/bebra.dod
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

Threat Level: No (potentially) malicious behavior was detected

The file https://google.com/bebra.dod was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Checks CPU information

Checks memory information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-08 20:35

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-08 20:35

Reported

2024-10-08 20:52

Platform

android-x86-arm-20240624-en

Max time kernel

982s

Max time network

998s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 google.com udp
GB 142.250.200.14:443 google.com tcp
GB 142.250.200.14:443 google.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.187.228:443 www.google.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 216.58.212.227:443 update.googleapis.com tcp
GB 142.250.187.228:443 www.google.com tcp
US 1.1.1.1:53 t.me udp
NL 149.154.167.99:80 t.me tcp
NL 149.154.167.99:80 t.me tcp
NL 149.154.167.99:443 t.me tcp
US 1.1.1.1:53 telegram.org udp
NL 149.154.167.99:443 telegram.org tcp
US 1.1.1.1:53 telegram.org udp
NL 149.154.167.99:443 telegram.org tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
GB 216.58.213.10:443 tcp
NL 149.154.167.99:443 telegram.org tcp
US 1.1.1.1:53 cdn4.cdn-telegram.org udp
US 34.111.35.152:443 cdn4.cdn-telegram.org tcp
NL 149.154.167.51:443 tcp
NL 149.154.167.51:443 tcp
NL 149.154.167.51:443 tcp
NL 149.154.167.51:443 tcp
US 149.154.175.59:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 216.58.212.202:443 semanticlocation-pa.googleapis.com tcp
US 149.154.175.59:443 tcp
NL 149.154.167.41:443 tcp
US 1.1.1.1:53 start.duckduckgo.com udp
IE 52.142.124.215:80 start.duckduckgo.com tcp
IE 52.142.124.215:80 start.duckduckgo.com tcp
IE 52.142.124.215:443 start.duckduckgo.com tcp
US 1.1.1.1:53 improving.duckduckgo.com udp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
US 1.1.1.1:53 duckduckgo.com udp
US 1.1.1.1:53 duckduckgo.com udp
US 1.1.1.1:53 duckduckgo.com udp
US 1.1.1.1:53 links.duckduckgo.com udp
IE 52.142.124.215:443 duckduckgo.com tcp
IE 52.142.124.215:443 duckduckgo.com tcp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 1.1.1.1:53 external-content.duckduckgo.com udp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 1.1.1.1:53 apkcombo.com udp
US 104.18.13.249:443 apkcombo.com tcp
US 104.18.13.249:443 apkcombo.com tcp
US 1.1.1.1:53 developers.cloudflare.com udp
US 104.16.2.189:443 developers.cloudflare.com tcp
US 104.16.2.189:443 developers.cloudflare.com tcp
US 104.16.2.189:443 developers.cloudflare.com tcp
US 1.1.1.1:53 ot.www.cloudflare.com udp
US 1.1.1.1:53 static.cloudflareinsights.com udp
US 104.16.123.96:443 ot.www.cloudflare.com tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 104.16.123.96:443 ot.www.cloudflare.com tcp
US 1.1.1.1:53 geolocation.onetrust.com udp
US 172.64.155.119:443 geolocation.onetrust.com tcp
IE 52.142.124.215:443 duckduckgo.com tcp
IE 20.223.54.233:443 links.duckduckgo.com tcp
US 1.1.1.1:53 temporary-phone-number.en.softonic.com udp
US 151.101.1.91:443 temporary-phone-number.en.softonic.com tcp
US 151.101.1.91:443 temporary-phone-number.en.softonic.com tcp
US 1.1.1.1:53 images.sftcdn.net udp
US 1.1.1.1:53 sc.sftcdn.net udp
US 1.1.1.1:53 rv-assets.softonic.com udp
US 151.101.1.91:443 rv-assets.softonic.com tcp
US 1.1.1.1:53 sdk.privacy-center.org udp
US 151.101.1.91:443 rv-assets.softonic.com tcp
US 151.101.1.91:443 rv-assets.softonic.com tcp
US 1.1.1.1:53 c.amazon-adsystem.com udp
US 151.101.1.91:443 rv-assets.softonic.com tcp
US 151.101.1.91:443 rv-assets.softonic.com tcp
US 151.101.1.91:443 rv-assets.softonic.com tcp
US 151.101.1.91:443 rv-assets.softonic.com tcp
US 1.1.1.1:53 securepubads.g.doubleclick.net udp
US 1.1.1.1:53 www.google.com udp
US 151.101.1.91:443 rv-assets.softonic.com tcp
US 1.1.1.1:53 bat.bing.com udp
US 151.101.1.91:443 rv-assets.softonic.com tcp
US 151.101.1.91:443 rv-assets.softonic.com tcp
US 1.1.1.1:53 www.clarity.ms udp
GB 13.224.222.64:443 sdk.privacy-center.org tcp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
GB 172.217.169.66:443 securepubads.g.doubleclick.net tcp
GB 142.250.200.36:443 www.google.com tcp
US 150.171.28.10:443 bat.bing.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 151.101.1.91:443 rv-assets.softonic.com tcp
US 1.1.1.1:53 syndicatedsearch.goog udp
US 1.1.1.1:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
US 1.1.1.1:53 btloader.com udp
US 104.22.75.216:443 btloader.com tcp
US 1.1.1.1:53 api.privacy-center.org udp
GB 108.138.233.123:443 api.privacy-center.org tcp
US 1.1.1.1:53 storage.googleapis.com udp
US 1.1.1.1:53 di-images.sftcdn.net udp
GB 216.58.204.91:443 storage.googleapis.com tcp
US 1.1.1.1:53 config.aps.amazon-adsystem.com udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
GB 52.84.90.86:443 config.aps.amazon-adsystem.com tcp
US 1.1.1.1:53 cdn.id5-sync.com udp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 1.1.1.1:53 c.clarity.ms udp
IE 13.74.129.1:443 c.clarity.ms tcp
US 1.1.1.1:53 c.bing.com udp
US 13.107.21.237:443 c.bing.com tcp
US 1.1.1.1:53 notix.io udp
NL 139.45.197.227:443 notix.io tcp
US 1.1.1.1:53 aax.amazon-adsystem.com udp
US 1.1.1.1:53 partner.googleadservices.com udp
GB 108.156.35.6:443 aax.amazon-adsystem.com tcp
US 1.1.1.1:53 id5-sync.com udp
US 1.1.1.1:53 lb.eu-1-id5-sync.com udp
US 1.1.1.1:53 cdn-ima.33across.com udp
US 1.1.1.1:53 tags.crwdcntrl.net udp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
GB 18.245.143.58:443 tags.crwdcntrl.net tcp
US 1.1.1.1:53 64861d0d99d3063b59c1a94ff7232949.safeframe.googlesyndication.com udp
GB 142.250.180.1:443 64861d0d99d3063b59c1a94ff7232949.safeframe.googlesyndication.com tcp
US 1.1.1.1:53 tpc.googlesyndication.com udp
GB 216.58.201.97:443 tpc.googlesyndication.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
US 1.1.1.1:53 match.adsrvr.org udp
US 1.1.1.1:53 www.google.co.uk udp
US 3.33.220.150:443 match.adsrvr.org tcp
US 1.1.1.1:53 ampcid.google.com udp
GB 142.250.179.238:443 ampcid.google.com tcp
US 1.1.1.1:53 region1.analytics.google.com udp
US 1.1.1.1:53 stats.g.doubleclick.net udp
US 216.239.32.36:443 region1.analytics.google.com tcp
BE 108.177.15.156:443 stats.g.doubleclick.net tcp
BE 108.177.15.156:443 stats.g.doubleclick.net tcp
US 1.1.1.1:53 rtb.gumgum.com udp
IE 54.171.108.50:443 rtb.gumgum.com tcp
US 1.1.1.1:53 ce.lijit.com udp
IE 52.48.221.57:443 ce.lijit.com tcp
US 1.1.1.1:53 ib.adnxs.com udp
NL 185.89.210.141:443 ib.adnxs.com tcp
US 1.1.1.1:53 ice.360yield.com udp
IE 34.249.121.67:443 ice.360yield.com tcp
US 1.1.1.1:53 dis.eu.criteo.com udp
NL 178.250.1.9:443 dis.eu.criteo.com tcp
GB 142.250.187.227:80 tcp
GB 216.58.204.68:443 tcp
US 1.1.1.1:53 c1.adform.net udp
DK 37.157.6.231:443 c1.adform.net tcp
US 1.1.1.1:53 connect.facebook.net udp
GB 157.240.214.11:443 connect.facebook.net tcp
US 1.1.1.1:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
US 1.1.1.1:53 d0ad99968b01b8a47b458c21d12c3e11.safeframe.googlesyndication.com udp
GB 142.250.200.1:443 d0ad99968b01b8a47b458c21d12c3e11.safeframe.googlesyndication.com tcp
US 1.1.1.1:53 aax-eu.amazon-adsystem.com udp
IE 67.220.226.234:443 aax-eu.amazon-adsystem.com tcp
US 1.1.1.1:53 onetag-sys.com udp
US 1.1.1.1:53 ssum-sec.casalemedia.com udp
US 1.1.1.1:53 ads.pubmatic.com udp
DE 51.89.9.252:443 onetag-sys.com tcp
US 1.1.1.1:53 ssbsync.smartadserver.com udp
US 1.1.1.1:53 ap.lijit.com udp
US 1.1.1.1:53 eb2.3lift.com udp
US 104.18.36.155:443 ssum-sec.casalemedia.com tcp
GB 2.23.160.192:443 ads.pubmatic.com tcp
FR 149.202.238.101:443 ssbsync.smartadserver.com tcp
IE 52.214.241.134:443 ap.lijit.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
US 1.1.1.1:53 secure.adnxs.com udp
US 1.1.1.1:53 x.bidswitch.net udp
US 1.1.1.1:53 us-u.openx.net udp
US 1.1.1.1:53 sync.srv.stackadapt.com udp
US 1.1.1.1:53 pr-bh.ybp.yahoo.com udp
NL 185.89.210.122:443 secure.adnxs.com tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
US 34.98.64.218:443 us-u.openx.net tcp
US 52.72.202.161:443 sync.srv.stackadapt.com tcp
US 1.1.1.1:53 sync.ipredictive.com udp
US 1.1.1.1:53 match.deepintent.com udp
US 1.1.1.1:53 b1sync.zemanta.com udp
US 1.1.1.1:53 bh.contextweb.com udp
IE 52.209.159.106:443 pr-bh.ybp.yahoo.com tcp
US 1.1.1.1:53 cm.g.doubleclick.net udp
US 54.160.189.7:443 sync.ipredictive.com tcp
US 169.197.150.8:443 match.deepintent.com tcp
US 64.74.236.127:443 b1sync.zemanta.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 1.1.1.1:53 tg.socdm.com udp
GB 142.250.179.226:443 cm.g.doubleclick.net tcp
US 1.1.1.1:53 creativecdn.com udp
JP 124.146.153.151:443 tg.socdm.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
US 1.1.1.1:53 secure-assets.rubiconproject.com udp
GB 2.22.101.110:443 secure-assets.rubiconproject.com tcp
US 1.1.1.1:53 usersync.gumgum.com udp
IE 67.220.226.234:443 aax-eu.amazon-adsystem.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
US 1.1.1.1:53 image6.pubmatic.com udp
NL 198.47.127.19:443 image6.pubmatic.com tcp
JP 124.146.153.151:443 tg.socdm.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
IE 67.220.226.234:443 aax-eu.amazon-adsystem.com tcp
US 1.1.1.1:53 eus.rubiconproject.com udp
GB 2.22.5.61:443 eus.rubiconproject.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
US 1.1.1.1:53 ads.betweendigital.com udp
NL 188.42.34.65:443 ads.betweendigital.com tcp
US 1.1.1.1:53 t.adx.opera.com udp
US 1.1.1.1:53 aorta.clickagy.com udp
US 1.1.1.1:53 pixel-sync.sitescout.com udp
US 1.1.1.1:53 sync.1rx.io udp
US 1.1.1.1:53 match.prod.bidr.io udp
US 1.1.1.1:53 dsum-sec.casalemedia.com udp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 1.1.1.1:53 dis.criteo.com udp
US 3.227.64.177:443 aorta.clickagy.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 34.247.205.103:443 match.prod.bidr.io tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 1.1.1.1:53 s.amazon-adsystem.com udp
US 1.1.1.1:53 ads.stickyadstv.com udp
US 98.82.156.107:443 s.amazon-adsystem.com tcp
FR 154.54.250.80:443 ads.stickyadstv.com tcp
US 1.1.1.1:53 simage2.pubmatic.com udp
US 1.1.1.1:53 image2.pubmatic.com udp
US 1.1.1.1:53 sync-tm.everesttech.net udp
NL 198.47.127.205:443 image2.pubmatic.com tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
US 151.101.194.49:443 sync-tm.everesttech.net tcp
US 1.1.1.1:53 sync.crwdcntrl.net udp
NL 198.47.127.205:443 image2.pubmatic.com tcp
US 1.1.1.1:53 cr.frontend.weborama.fr udp
IE 63.32.25.63:443 sync.crwdcntrl.net tcp
US 34.111.129.221:443 cr.frontend.weborama.fr tcp
US 1.1.1.1:53 mwzeom.zeotap.com udp
US 1.1.1.1:53 token.rubiconproject.com udp
US 104.22.51.98:443 mwzeom.zeotap.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 1.1.1.1:53 sync.targeting.unrulymedia.com udp
US 1.1.1.1:53 uipglob.semasio.net udp
US 1.1.1.1:53 um.simpli.fi udp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
DK 77.243.51.122:443 uipglob.semasio.net tcp
NL 35.204.158.49:443 um.simpli.fi tcp
US 1.1.1.1:53 simage4.pubmatic.com udp
GB 185.64.190.81:443 simage4.pubmatic.com tcp
US 1.1.1.1:53 cms.quantserve.com udp
US 1.1.1.1:53 pixel.onaudience.com udp
US 1.1.1.1:53 ups.analytics.yahoo.com udp
DE 91.228.74.166:443 cms.quantserve.com tcp
FR 54.38.113.4:443 pixel.onaudience.com tcp
GB 87.248.114.11:443 ups.analytics.yahoo.com tcp
US 1.1.1.1:53 dsp-cookie.adfarm1.adition.com udp
US 1.1.1.1:53 dsp-ap.eskimi.com udp
US 1.1.1.1:53 p.rfihub.com udp
DE 80.82.210.217:443 dsp-cookie.adfarm1.adition.com tcp
US 1.1.1.1:53 pubmatic-match.dotomi.com udp
NL 188.42.63.48:443 dsp-ap.eskimi.com tcp
NL 193.0.160.130:443 p.rfihub.com tcp
US 1.1.1.1:53 pool.admedo.com udp
NL 63.215.202.137:443 pubmatic-match.dotomi.com tcp
BE 35.206.140.87:443 pool.admedo.com tcp
GB 172.217.169.34:443 tcp
IE 34.247.205.103:443 match.prod.bidr.io tcp
US 1.1.1.1:53 csync.loopme.me udp
US 1.1.1.1:53 d5p.de17a.com udp
US 1.1.1.1:53 ipac.ctnsnet.com udp
US 1.1.1.1:53 ad.mrtnsvr.com udp
US 1.1.1.1:53 dsp.360yield.com udp
US 34.1.233.236:443 csync.loopme.me tcp
US 1.1.1.1:53 core.iprom.net udp
SE 13.50.192.155:443 d5p.de17a.com tcp
US 1.1.1.1:53 cm-supply-web.gammaplatform.com udp
US 35.186.193.173:443 ipac.ctnsnet.com tcp
US 1.1.1.1:53 ad.turn.com udp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 1.1.1.1:53 match.adsby.bidtheatre.com udp
SI 195.5.165.20:443 core.iprom.net tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
NL 134.122.57.34:443 match.adsby.bidtheatre.com tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 1.1.1.1:53 rtb-csync.smartadserver.com udp
NL 81.17.55.97:443 rtb-csync.smartadserver.com tcp
GB 142.250.200.46:443 android.apis.google.com tcp
GB 142.250.178.3:443 tcp
GB 142.250.178.3:443 tcp
GB 142.250.200.46:443 android.apis.google.com tcp
GB 142.250.178.3:443 tcp
GB 142.250.178.3:443 tcp
US 1.1.1.1:53 en.softonic.com udp
US 1.1.1.1:53 play.google.com udp
US 4.153.129.168:443 b.clarity.ms tcp
GB 142.250.178.14:443 play.google.com tcp
US 1.1.1.1:53 i.ytimg.com udp
US 1.1.1.1:53 play-lh.googleusercontent.com udp
US 1.1.1.1:53 ssl.gstatic.com udp
GB 142.250.178.22:443 i.ytimg.com tcp
GB 216.58.201.118:443 play-lh.googleusercontent.com tcp
GB 216.58.201.118:443 play-lh.googleusercontent.com tcp
GB 216.58.201.118:443 play-lh.googleusercontent.com tcp
GB 216.58.201.118:443 play-lh.googleusercontent.com tcp
GB 216.58.201.118:443 play-lh.googleusercontent.com tcp
GB 216.58.201.118:443 play-lh.googleusercontent.com tcp
GB 142.250.178.3:443 ssl.gstatic.com tcp
US 1.1.1.1:53 36fe81b35362d84901b17c76bb69e11d.safeframe.googlesyndication.com udp
GB 142.250.200.33:443 36fe81b35362d84901b17c76bb69e11d.safeframe.googlesyndication.com tcp
NL 139.45.197.227:443 notix.io tcp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
US 1.1.1.1:53 js.adscale.de udp
GB 18.245.143.7:443 js.adscale.de tcp
US 1.1.1.1:53 ih.adscale.de udp
DE 3.123.55.249:443 ih.adscale.de tcp
US 1.1.1.1:53 inmobi-match.dotomi.com udp
NL 63.215.202.169:443 inmobi-match.dotomi.com tcp
US 1.1.1.1:53 rtd-tm.everesttech.net udp
US 1.1.1.1:53 push-sdk.com udp
DE 157.90.33.72:443 push-sdk.com tcp
US 1.1.1.1:53 uidsync.net udp
DE 157.90.33.121:443 uidsync.net tcp
US 34.1.233.236:443 csync.loopme.me tcp
DE 157.90.33.121:443 uidsync.net tcp
US 1.1.1.1:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 1.1.1.1:53 diagnostics.id5-sync.com udp
US 1.1.1.1:53 temporary-phone-number.en.softonic.com udp
US 1.1.1.1:53 bat.bing.com udp
US 1.1.1.1:53 www.clarity.ms udp
DE 141.95.33.120:443 diagnostics.id5-sync.com tcp
US 1.1.1.1:53 di-images.sftcdn.net udp
US 1.1.1.1:53 images.sftcdn.net udp
US 1.1.1.1:53 sc.sftcdn.net udp
US 1.1.1.1:53 sdk.privacy-center.org udp
US 1.1.1.1:53 rv-assets.softonic.com udp
US 1.1.1.1:53 c.amazon-adsystem.com udp
US 1.1.1.1:53 config.aps.amazon-adsystem.com udp
US 1.1.1.1:53 cdn.id5-sync.com udp
US 1.1.1.1:53 syndicatedsearch.goog udp
US 1.1.1.1:53 b-code.liadm.com udp
US 1.1.1.1:53 duckduckgo.com udp
US 1.1.1.1:53 links.duckduckgo.com udp
US 1.1.1.1:53 external-content.duckduckgo.com udp
GB 18.165.227.105:443 b-code.liadm.com tcp
IE 52.142.124.215:443 duckduckgo.com tcp
IE 20.223.54.233:443 links.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 1.1.1.1:53 apkpure.com udp
US 172.67.8.127:443 apkpure.com tcp
US 1.1.1.1:53 static.apkpure.com udp
US 1.1.1.1:53 a.apkpure.com udp
US 1.1.1.1:53 i.apkpure.com udp
US 1.1.1.1:53 image.winudf.com udp
US 1.1.1.1:53 download.apkpure.com udp
US 172.67.68.182:443 image.winudf.com tcp
US 172.67.68.182:443 image.winudf.com tcp
US 172.67.68.182:443 image.winudf.com tcp
US 172.67.68.182:443 image.winudf.com tcp
US 172.67.68.182:443 image.winudf.com tcp
US 1.1.1.1:53 cdnjs.cloudflare.com udp
US 1.1.1.1:53 cdnpure.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 172.67.72.189:443 cdnpure.com tcp
US 104.22.4.119:443 download.apkpure.com tcp
US 104.22.4.119:443 download.apkpure.com tcp
US 104.22.4.119:443 download.apkpure.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.22.5.119:443 download.apkpure.com tcp
US 172.67.72.189:443 cdnpure.com tcp
US 1.1.1.1:53 accounts.google.com udp
GB 173.194.76.84:443 accounts.google.com tcp
US 1.1.1.1:53 a.cdnpure.com udp
US 1.1.1.1:53 r.cdnpure.com udp
US 1.1.1.1:53 fundingchoicesmessages.google.com udp
GB 142.250.200.46:443 fundingchoicesmessages.google.com tcp
US 1.1.1.1:53 svibeacon.onezapp.com udp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
GB 142.250.200.46:443 fundingchoicesmessages.google.com tcp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
US 1.1.1.1:53 connect.facebook.net udp
US 1.1.1.1:53 www.facebook.com udp
US 4.153.129.168:443 b.clarity.ms tcp
US 1.1.1.1:53 i.liadm.com udp
US 18.205.228.210:443 i.liadm.com tcp
US 1.1.1.1:53 8876029.fls.doubleclick.net udp
GB 172.217.16.230:443 8876029.fls.doubleclick.net tcp
US 1.1.1.1:53 12325200.fls.doubleclick.net udp
GB 216.58.201.102:443 12325200.fls.doubleclick.net tcp
US 1.1.1.1:53 a79efe3cd89c102c3f9907371e49fd9a.safeframe.googlesyndication.com udp
US 1.1.1.1:53 rp.liadm.com udp
GB 142.250.178.1:443 a79efe3cd89c102c3f9907371e49fd9a.safeframe.googlesyndication.com tcp
US 52.202.143.6:443 rp.liadm.com tcp
US 3.33.220.150:443 match.adsrvr.org tcp
US 1.1.1.1:53 live.rezync.com udp
US 1.1.1.1:53 d.turn.com udp
US 1.1.1.1:53 b1sync.zemanta.com udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 1.1.1.1:53 dpm.demdex.net udp
US 1.1.1.1:53 mid.rkdms.com udp
GB 108.138.217.13:443 live.rezync.com tcp
NL 46.228.164.13:443 d.turn.com tcp
US 64.202.112.63:443 b1sync.zemanta.com tcp
IE 99.81.86.51:443 dpm.demdex.net tcp
US 3.224.60.248:443 mid.rkdms.com tcp
US 18.205.228.210:443 i.liadm.com tcp
US 18.205.228.210:443 i.liadm.com tcp
US 1.1.1.1:53 notix.io udp
NL 139.45.197.253:443 notix.io tcp
DE 51.89.9.252:443 onetag-sys.com tcp
US 1.1.1.1:53 2e46f0429fbe9f26886faf7ef7c4b978.safeframe.googlesyndication.com udp
US 1.1.1.1:53 update.googleapis.com udp
US 1.1.1.1:53 en.softonic.com udp
GB 157.240.214.11:443 connect.facebook.net tcp
US 1.1.1.1:53 aax.amazon-adsystem.com udp
US 1.1.1.1:53 securepubads.g.doubleclick.net udp
US 1.1.1.1:53 tags.crwdcntrl.net udp
US 1.1.1.1:53 7d57b24b6224c432765b332515703a0f.safeframe.googlesyndication.com udp
GB 142.250.187.193:443 7d57b24b6224c432765b332515703a0f.safeframe.googlesyndication.com tcp
US 1.1.1.1:53 ih.adscale.de udp
DE 3.123.55.249:443 ih.adscale.de tcp
GB 142.250.178.3:443 ssl.gstatic.com tcp
NL 139.45.197.253:443 notix.io tcp
US 1.1.1.1:53 s2.googleusercontent.com udp
GB 142.250.187.225:443 s2.googleusercontent.com tcp
US 1.1.1.1:53 t1.gstatic.com udp
GB 216.58.204.68:443 t1.gstatic.com tcp
IE 52.142.124.215:443 duckduckgo.com tcp
IE 20.223.54.233:443 links.duckduckgo.com tcp
IE 52.142.125.222:443 external-content.duckduckgo.com tcp
US 1.1.1.1:53 improving.duckduckgo.com udp
IE 52.142.124.215:443 improving.duckduckgo.com tcp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
US 1.1.1.1:53 tapi.apkpure.net udp
US 104.22.43.111:443 tapi.apkpure.net tcp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
US 1.1.1.1:53 fundingchoicesmessages.google.com udp
US 1.1.1.1:53 static-sg.winudf.com udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 t3.cdnpure.com udp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
US 1.1.1.1:53 d.apkpure.com udp
US 1.1.1.1:53 d-11.winudf.com udp
FR 193.70.47.70:443 d-11.winudf.com tcp
US 1.1.1.1:53 fundingchoicesmessages.google.com udp
GB 142.250.200.46:443 fundingchoicesmessages.google.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 142.250.180.2:443 googleads.g.doubleclick.net tcp
GB 142.250.180.2:443 googleads.g.doubleclick.net tcp
GB 142.250.180.2:443 googleads.g.doubleclick.net tcp
GB 142.250.200.46:443 fundingchoicesmessages.google.com tcp
GB 142.250.200.46:443 fundingchoicesmessages.google.com tcp
US 1.1.1.1:53 yt3.ggpht.com udp
GB 142.250.187.193:443 yt3.ggpht.com tcp
US 1.1.1.1:53 csi.gstatic.com udp
DE 142.251.37.3:443 csi.gstatic.com tcp
US 1.1.1.1:53 rr2---sn-aigzrn7l.googlevideo.com udp
GB 173.194.5.231:443 rr2---sn-aigzrn7l.googlevideo.com tcp
GB 173.194.5.231:443 rr2---sn-aigzrn7l.googlevideo.com tcp
US 1.1.1.1:53 mytempsms.com udp
US 104.21.43.221:443 mytempsms.com tcp
US 104.21.43.221:443 mytempsms.com tcp
US 104.21.43.221:443 mytempsms.com tcp
US 104.21.43.221:443 mytempsms.com tcp
NL 149.154.167.41:443 tcp
NL 149.154.167.91:443 tcp
NL 149.154.164.250:443 tcp
NL 149.154.167.91:443 tcp
NL 149.154.167.91:443 tcp
US 1.1.1.1:53 tpc.googlesyndication.com udp
US 1.1.1.1:53 www.receivesms.co udp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
US 104.26.12.216:443 www.receivesms.co tcp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
US 1.1.1.1:53 csi.gstatic.com udp
GB 173.194.5.231:443 rr2---sn-aigzrn7l.googlevideo.com tcp
GB 173.194.5.231:443 rr2---sn-aigzrn7l.googlevideo.com tcp
NL 149.154.167.91:443 tcp
US 1.1.1.1:53 sms24.me udp
US 104.21.22.42:443 sms24.me tcp
NL 149.154.167.91:443 tcp
SG 91.108.56.104:443 tcp
SG 91.108.56.104:443 tcp
US 1.1.1.1:53 rr4---sn-aigl6ney.googlevideo.com udp
GB 173.194.183.169:443 rr4---sn-aigl6ney.googlevideo.com tcp
GB 173.194.183.169:443 rr4---sn-aigl6ney.googlevideo.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
GB 173.194.183.169:443 rr4---sn-aigl6ney.googlevideo.com tcp
GB 173.194.183.169:443 rr4---sn-aigl6ney.googlevideo.com tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
SG 91.108.56.104:443 tcp

Files

/storage/emulated/0/Download/.com.google.Chrome.KfbPYL

MD5 9a3ab5637bf9e3b008cfd134118b6330
SHA1 480c27805673ecc4a091e3f14ce49a982f14d810
SHA256 72aaafdd49670a3805805a66e94f73d3fc6ef3f0ce8c09f4031249c7864846b7
SHA512 9e5b81b0b9cf8f9357e65b707feb8d133c38194211b4d73a1621300b95b4a3ea6f2002f4ff0553cc7bcf958dc3726d4d2bfab3d7e4ee59ca9da0e0ca88ad3308

/storage/emulated/0/Download/Unconfirmed 218132.crdownload

MD5 ce23b94bfaaf9207e5d3852bf5220f91
SHA1 4d3317adef9e41fd1f2c31210f93b0d1c4da5288
SHA256 a854948dfa626c05434d9e9f0e613c57a2b2b7b5eb22484a905f03bca5a9b3cd
SHA512 37efe62212c5a098ec48d8867460d5efdaa80e7f07cef83a9c1e6e1675e3b420a819c62d35087ad542212f6c1798c16144cc720b979a14dd3105b82f381444f4

files/dom-0.html

MD5 c421228fd2eaa1f8679bccdd83d99f5a
SHA1 17a635ab16f5d063287d2d64ba2cbac6c5bd9497
SHA256 917846dc2928f0eefdc181be34909be20e55244acb4e7bcd2dd2908894258a60
SHA512 e2169d017beae1fd922174572ec37333ad71d50d61b1946852711aea251975ed15cb8ab0c64d0c5967b9e40cf613d9a9432a4fe3b300b3b4e0dba78c439c7e70

/storage/emulated/0/Download/Download and installation help.mhtml

MD5 b09aba2be4acae33c196280ea72d524d
SHA1 55afc3bf35671616f84bd20a134aef199af219b5
SHA256 3960c47a1a116574230dfb07454a81005cfbbb622f965fde7dbc03d835be8574
SHA512 1878a85c655cef7325fcaf5362d2555415459a68ee8771c0d92cac232acb171df2c2a1e4b8a4c6453cc7212b2b6653b2c158c169462e28e1ccf9972859a4ebd2

/storage/emulated/0/Download/Temporary Phone Number APK for Android Download.mhtml

MD5 8a3544cfaad7b5c3aa3d22d056e2bbc7
SHA1 60afa9cc9d251b633dc2772d07bf3cc85165accf
SHA256 bd404a59d609d9d7a1355e05140bd007435eb2fe7b63ae51a3a7cade9bb16f8f
SHA512 e842dc5b54872d05788cebee6295cdde2a1166b6b9ae98c9cce3e3104401231c6a10cd20fd0c2973b01cddb7bfb1f3946a5d7b72ba5c201e8a700b43f537d899

/storage/emulated/0/Download/Unconfirmed 346748.crdownload

MD5 c367fdeff37f4198cde1f489d4ba4fd9
SHA1 03114347e8ac15280ed4eed6c02638b9fe82dd8e
SHA256 7138bc5332d91a283559e6c1bc438261253a31724e10e319c69717c3265fd2c9
SHA512 ca0bb3f2cf1a9d996cb1b00f9dcdc7c07d0ebf5091cb10bfdb7291f6419d79f0f23ed3d0ee4353307904aebb6c650e5b86711950f6d1aed42401ff43d92bd5de