Analysis Overview
SHA256
888169a18657fab2ec5e1ef35095f1cf7d7ecb7b4b46dc063050485500a0c0b6
Threat Level: Shows suspicious behavior
The file xbrowser_v5.0.1.906_coolapk-15090-o_1ica49h40hn5p5h1aqsi5c110u13-uid-442310.apk was found to be: Shows suspicious behavior.
Malicious Activity Summary
Obtains sensitive information copied to the device clipboard
A potential corporate email address has been identified in the URL: [email protected]
Queries information about active data network
Queries the mobile country code (MCC)
Requests dangerous framework permissions
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-10 13:48
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows an app to post notifications. | android.permission.POST_NOTIFICATIONS | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-10 13:48
Reported
2024-11-10 13:50
Platform
android-x86-arm-20240910-en
Max time kernel
46s
Max time network
160s
Command Line
Signatures
A potential corporate email address has been identified in the URL: [email protected]
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.mmbox.xbrowser
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | en.xbext.com | udp |
| US | 144.202.80.134:443 | en.xbext.com | tcp |
| US | 144.202.80.134:443 | en.xbext.com | tcp |
| US | 1.1.1.1:53 | srven.xbext.com | udp |
| US | 1.1.1.1:53 | srv1.xbext.com | udp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:80 | srven.xbext.com | tcp |
| US | 144.202.80.134:80 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:80 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 1.1.1.1:53 | gcore.jsdelivr.net | udp |
| US | 1.1.1.1:53 | filters.adtidy.org | udp |
| IL | 169.150.202.203:443 | filters.adtidy.org | tcp |
| US | 1.1.1.1:53 | easylist.to | udp |
| US | 104.18.186.31:443 | gcore.jsdelivr.net | tcp |
| US | 172.67.191.28:443 | easylist.to | tcp |
| GB | 142.250.200.46:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.213.14:443 | android.apis.google.com | tcp |
| GB | 142.250.187.227:80 | tcp | |
| GB | 142.250.179.228:443 | tcp |
Files
/data/data/com.mmbox.xbrowser/databases/mbrowser-journal
| MD5 | d288e4f6f587d4f377720299581388ed |
| SHA1 | 78aad21fd66860037f746b4005b0e4178112676c |
| SHA256 | 97c45f3c6b5fb26f65bf3dc8151d7627cf6317eb791ca43b6bb7a3edd41e0282 |
| SHA512 | bf10519da267bbfe0cb16eafb8bd2c4af6accd0fb7c459bfb9f40f0740452260852cbe42c1717870627bc109113ef108c3b44f392f4a1d48eb50ab59b2d519b5 |
/data/data/com.mmbox.xbrowser/databases/mbrowser
| MD5 | a05c623e036d5dbb3c4071ed3c2ceb72 |
| SHA1 | 7dc4be5d66a891e205d75dbf4dcc5f306e0dd85d |
| SHA256 | 9f3f7fd608fa069c07ccd741cdfe1584795ac9e90b46d05d45fa7ddf90644683 |
| SHA512 | 53cadd149fbae2d886978812d809f200fc8bd6d83592816bf467c4d877a96586d0668a44b7b5d3823c78ef2961d90ecda58c724566df6175065eaafe47301fb1 |
/data/data/com.mmbox.xbrowser/databases/mbrowser-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.mmbox.xbrowser/databases/mbrowser-wal
| MD5 | 2c703a2eea049443224add8094d6e13a |
| SHA1 | 2d62a99ce0e4e9000e862b36531ba5cc2f65464d |
| SHA256 | c39d8082d76a6e53b4bb31bcf04919cc4a25d4146d508acf637f1ef4c8b1343e |
| SHA512 | 8461127117ca8449db800ff1c90f83832383d34e30c41fcfdd15c12244e93460556f4cfede88645a3d4b1c03739fc11eba8fce5ad56d99a707d87f6967b48532 |
/data/data/com.mmbox.xbrowser/cache/534133934
| MD5 | f57fcd5733da1d564a84db85ca3403e5 |
| SHA1 | b41c82789117869ad21087ce04ceba1650292a22 |
| SHA256 | 3b428fe821e1372b883bd3f40f97ddd0ee4d7af32bef5ab468abddbdfe10af57 |
| SHA512 | 923b10469fa662f28c4c7d93fdd8fe71249aaea649cb30f164683f1f6c7adb68bc343526293a567ecd4004e1353834baa3e3cd2786923df857397a133eee3293 |
/data/data/com.mmbox.xbrowser/cache/1226599029
| MD5 | 6a021fe46ec2e549d99376931283ad94 |
| SHA1 | a813b4b16676b25855f58ca7e97bfc4ea43dc23e |
| SHA256 | 14a62b2de34a4018138dafa8b8f5c1400a597e420acf89b38734b7497c26021d |
| SHA512 | 8570131f84c7924a20d20461400f4e09ba3246c5d18a09b2fea369cacfdc5e2bb38e7c412a9061e436b61ed448b4bce8ccdd8e4c8b0d9e1759301a82061eee06 |
/data/data/com.mmbox.xbrowser/cache/739544195
| MD5 | b5aab4e19ed3e6ea3849aa25454da2d1 |
| SHA1 | d3cc843631438c3d1809f8972f9b6026b63e4a6d |
| SHA256 | 05fd8bdfb400a017f72225e4decab68e80f49ca7c3a74961381f297928553520 |
| SHA512 | 3c2417aeecea23036746390f9b369d741e1e0794a21fa1c6ef6bcccf3a74b4f2e54123eea5d948129d08c88263a5685ad3e4b57eaa24e8e969be718cf79aa943 |
/data/data/com.mmbox.xbrowser/cache/88210492
| MD5 | 96b99a5e8f8c95035acec8980b38c81b |
| SHA1 | 9539ba1e23592807ea22145d16c6ea877fadb1d0 |
| SHA256 | d61a44edb71d1919947139dca07a6ad8d85071fc05cdb9e9c42c82c8ea86b50e |
| SHA512 | 40f607c98f42734e1c524e15f2c7eb7d8538a5124d333227b48027deaf5cfbfe20eead5e563bdcb120b9cd92a2163a7b31a15abfdad0df624f5ce2ec2e18839f |
/data/data/com.mmbox.xbrowser/cache/349963649
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
/data/data/com.mmbox.xbrowser/cache/1631234629
| MD5 | ea04a17ecfba418fcfb11e1aa73f3275 |
| SHA1 | 0b0532c3644fc9a8199a27f8fb357389136394a5 |
| SHA256 | db8c520967ab234d44e0942ea49357e043e15d8af905c839e59a5cf729eb88f2 |
| SHA512 | b985ad307039cf97780311210dfc0abf40c1ae98451ac711c641d9d7a0dbe7e5dee3092992f69a5fd3ce519c3c7c2e1e584f26e56f5c06f16766cf1d76280ed4 |
/data/data/com.mmbox.xbrowser/cache/1845302034
| MD5 | a7dcd315eaf2d22a96c679ff3d22cd4c |
| SHA1 | 670d2d3d5695c3d0c64ef41f27925dd4a0ac1764 |
| SHA256 | 9ca6095ddbab48feef6848742cf4713e448ae15211be080bef14232dcb8b43a3 |
| SHA512 | 3a835728299aa789985628eb5d26ef2df1333946bba9e6af8a34dd2526fe446d3299714ac4b202f42db28d69ff112b2f80a8f6499519e3e4ddddd9d5e378338f |
/data/data/com.mmbox.xbrowser/cache/358787534
| MD5 | 83d285488a277e0153c3db50ae60fd8c |
| SHA1 | 27ebfb9cb87155db505b82eed92fc3b8b340d75a |
| SHA256 | 6bd8303f1322243ad3cbd73a9fea540cf4723ceaca2ecac1c4a3927c0ee7db47 |
| SHA512 | 7c2de8766f8ef11f21e8731a8c13830dde305d04b3f0b262a3157cdbff5154350370fafc2944a90645377008f0e35e8c4c39eee986e67fed91dcbc661b28db53 |
/data/data/com.mmbox.xbrowser/cache/443734731
| MD5 | 23d5857b8d05bf3d0c9c8750fd235605 |
| SHA1 | 625eeb501e8d43f1cd7a4ff4ee4d5dab699c79e9 |
| SHA256 | a30d0ae9d217a541a2fbd647cdced0df57f5cbefea6680a770dac2af5e217e02 |
| SHA512 | 6a3232fb1f4ebc9a2606e85e8281790b025a53a8357aa15e860655e30489544e35b3e91853b3e8b79e8e1cea8ebd4da117a1f35ff74322120c18ce3a78a0662f |
/data/data/com.mmbox.xbrowser/cache/1025149380
| MD5 | 6c198e1115317a25b7f73a6e0d4a8afd |
| SHA1 | df9b42bbeafcd12d77f4af8d2c2856aef39070a8 |
| SHA256 | 22936271be533011b751967d25159286b96c1f29d3a1d75be4ce1d7d50304ec3 |
| SHA512 | 463d5f69dc874d26236fddf8e11f8ca3919073c00ffb345caf60af5f0a1167bdb489b0656ad5c17507dbaba3cde0d3e93a869ac2828da620bd15060a2274d89a |
/storage/emulated/0/Android/data/com.mmbox.xbrowser/files/ad_rules/11-443734731.txt
| MD5 | 98f85d8cdaad28abb60998c1c889933b |
| SHA1 | 9b8e063c79fc256edce500133378915cfc811bcb |
| SHA256 | 0606a34c939fd7b31cd04c6eaaa475124efe26f38e528ef8008a29239de31473 |
| SHA512 | 5fdc85768d914a78ea505f95d6f2c74c574c0d6881c062fa32356d396fb8fe2dab1d2ac21c0729ab9f732bdc811962d3aceb2068138d3de0013bebf1ea00c853 |
/storage/emulated/0/Android/data/com.mmbox.xbrowser/files/ad_rules/easylist-1025149380.txt
| MD5 | 6b346018026fc5dc2ad34d52c824fa38 |
| SHA1 | 9e5a1009f4e584357e38d291ed26e0d04f5c6c0d |
| SHA256 | 0fbe5835f447ce978d624183576f75de2c2ba1a9d92e7bcac1804805a32b6786 |
| SHA512 | ad14f718b391c2f03bfc690c89c354ffbf11d1260ad6d8eb81635c5af73830a90e0d3edb8297a18732004dc7addf8b9721458f6fd5c0e27568113365343d62f4 |
/data/data/com.mmbox.xbrowser/cache/417067056
| MD5 | e4aabb1f44380fe39e52e762431c4814 |
| SHA1 | 2d146272c83ae8986ae0dcabc797b1e66f17c938 |
| SHA256 | 984962f2f589561b6d8e50788b2681e110fb3c5a4c1c6d930b89e4fefb69c839 |
| SHA512 | b8408f9827383a9e01b55bc19b4c46f48bf5333db8e75eba2fe8b684caefc5ece834b429ab639ff0031b029a5c1cb29024b451628b26d1825710e59d8323be61 |
/data/data/com.mmbox.xbrowser/files/340118463
| MD5 | 1d4d26e838a9324f2ebd9e4fb80a9bef |
| SHA1 | bace4b250a931ea1f1fb1bdfab0086542e5b6ef7 |
| SHA256 | 8f80dfa2ee1f9e87045c3468a7c181a9686b5fc608b6e2f43f381bea79f2ef9d |
| SHA512 | 83a71a820fc873f205ea4008d8dc59d4b38d6866fbb98b1985fbbb11cafb8668790e542b265bba469af15b25a33606c52aa31231f498ce99517f2aecaf42caba |
/data/data/com.mmbox.xbrowser/files/80196892
| MD5 | e4d61982263497f8744ab5d46e86deca |
| SHA1 | 585348d8e1923a2a026751b5ea59d7906f3da82a |
| SHA256 | 23e01b943df98b3407356336bbff29ef546f6fc689e124b6f4b0615649096d03 |
| SHA512 | 7a9e723572d1660046a1e480ff9ee7a0c5b5935891d5769321c853df4a319e8c8f6eb327cd0e5ee4b22e2268509ce5dd607b44b58aa1d54753fd50ea8f9665a5 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-10 13:48
Reported
2024-11-10 13:50
Platform
android-x64-20240910-en
Max time kernel
30s
Max time network
157s
Command Line
Signatures
A potential corporate email address has been identified in the URL: [email protected]
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.mmbox.xbrowser
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.212.234:443 | tcp | |
| GB | 216.58.212.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.169.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | en.xbext.com | udp |
| US | 144.202.80.134:443 | en.xbext.com | tcp |
| US | 144.202.80.134:443 | en.xbext.com | tcp |
| US | 144.202.80.134:443 | en.xbext.com | tcp |
| US | 144.202.80.134:443 | en.xbext.com | tcp |
| US | 144.202.80.134:443 | en.xbext.com | tcp |
| US | 144.202.80.134:443 | en.xbext.com | tcp |
| US | 144.202.80.134:443 | en.xbext.com | tcp |
| US | 144.202.80.134:443 | en.xbext.com | tcp |
| US | 1.1.1.1:53 | srven.xbext.com | udp |
| US | 1.1.1.1:53 | srv1.xbext.com | udp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:80 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:80 | srven.xbext.com | tcp |
| US | 1.1.1.1:53 | gcore.jsdelivr.net | udp |
| US | 1.1.1.1:53 | easylist.to | udp |
| US | 1.1.1.1:53 | filters.adtidy.org | udp |
| US | 104.18.186.31:443 | gcore.jsdelivr.net | tcp |
| US | 172.67.191.28:443 | easylist.to | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:80 | srven.xbext.com | tcp |
| IL | 169.150.202.202:443 | filters.adtidy.org | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.8:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.180.14:443 | tcp | |
| GB | 142.250.180.14:443 | tcp | |
| GB | 142.250.200.2:443 | tcp |
Files
/data/data/com.mmbox.xbrowser/databases/mbrowser-journal
| MD5 | 0dd6462059e86e7773b227a9721d029f |
| SHA1 | 61ebda9356bcac5d7d37c3c7122d1aebf94fc063 |
| SHA256 | df32c0e12ff1e95bf6bc1471a9ad8cf7e5b745a19739369393e9ea26b5115661 |
| SHA512 | 7a1a960a7261adf968863d56707745a7aa9fa619f2ec6f55c93f5218737c546820c1f39cf039ec4ddc7aaeeeee53e56425a141263b8000aa3c452165501613c9 |
/data/data/com.mmbox.xbrowser/databases/mbrowser
| MD5 | d9ee388dfff58c3b7cee19665599ad30 |
| SHA1 | 26efa6bd0f6d9d0acf121141c7a4291c84daa0cc |
| SHA256 | 5f1be37a86d7a6a31e432455900efc243961bac3f6e6831786ff0ed33e62053a |
| SHA512 | 20625a6847c905f785192e35c665ef449a8ba5d3fe4ac6ea65b4b32d16d2b29b84c1ab175fe076673eb9af33921da67baa776f7e4636e4922da56655d831bfe0 |
/data/data/com.mmbox.xbrowser/databases/mbrowser-journal
| MD5 | eaa26e95fa14dbf8d8444c96c7b451e3 |
| SHA1 | fd6337a2b1ac7c3e024b835bcbf9986d11a4a99b |
| SHA256 | ff5477a5a68932e922f01dcd0e977998d7a727b023b4e09951cffc0bec5dc4dd |
| SHA512 | 72f0fc4970a2ee1a8bb814e1c42a38f9a8501a8cd22922d5795b322e1dfebca95990603cd2121ad0508e78fbe2b44b500bca007277d4c60eb105bd0eecac3c01 |
/data/data/com.mmbox.xbrowser/databases/mbrowser-journal
| MD5 | 7d50c45820fab339dcd61498d85d0bda |
| SHA1 | c4e8bc661e648106a8fa40c3e02a7b65af9a4945 |
| SHA256 | 64d0ba0b6138144f2343ac28860ef492d7a4f595bc63d97fa9feb8bbb5ff8576 |
| SHA512 | a873db15527b634092f824ad47b1fa83b9ed003ad9627d0b21d17406d684a36eb5fbd2ef495050c26bf0233410212c164b09984fa9ced36498b7043291ea9db5 |
/data/data/com.mmbox.xbrowser/cache/534131860
| MD5 | f57fcd5733da1d564a84db85ca3403e5 |
| SHA1 | b41c82789117869ad21087ce04ceba1650292a22 |
| SHA256 | 3b428fe821e1372b883bd3f40f97ddd0ee4d7af32bef5ab468abddbdfe10af57 |
| SHA512 | 923b10469fa662f28c4c7d93fdd8fe71249aaea649cb30f164683f1f6c7adb68bc343526293a567ecd4004e1353834baa3e3cd2786923df857397a133eee3293 |
/data/data/com.mmbox.xbrowser/databases/mbrowser-journal
| MD5 | 648c902dae9abdf1a25991703a3a84d1 |
| SHA1 | e432d44412904c7346f85454de42bad092ff0177 |
| SHA256 | 211e29727b4cfd2c4fd7ca50036e24eab6c229da50eef47608ef435e6d1645c7 |
| SHA512 | c8b496a682aa1cf21dfce8f0c1849be6e318a08a6d782f10c76f84abecd70cab5bc7b4e638986e839094837da0dbde09d158dbc44bddb36214d5d0426f0e0648 |
/data/data/com.mmbox.xbrowser/databases/mbrowser-journal
| MD5 | 6094d840d73b0a19ca3f3898edb260d1 |
| SHA1 | fcc678a8d4be6d81ba00482e0640a6bd09be13d7 |
| SHA256 | 1f1f83133edf9279124fb73fcead8d23741e8045a5c9dc763fd7fd67a4a4d4d4 |
| SHA512 | ade1f15b429aeb241a1a19bdf33bc2d4d0a5d327c6c359bf89b7a485e6f74d4d5604a7b432dd6155e8b78212de7bc68db5a19b2b6a0edf918226a78409380002 |
/data/data/com.mmbox.xbrowser/databases/mbrowser-journal
| MD5 | 8ee17ed598453122ff6a264d40cd0dd1 |
| SHA1 | bd79eba0b18f9cabd4b251b87b8dad17aa63d646 |
| SHA256 | 771fb5ef138f9ee58f8cd069c3ccdd582a63c67818455ea792412c44b95b5f89 |
| SHA512 | a81a05cf7f2f9fa4ef6d44b221332dc516ac67e675ff7581b250a875be91a17613b45374dc9e459eace147b233244f0a49151d0d4ae5990b7654465a2b625660 |
/data/data/com.mmbox.xbrowser/cache/1226599029
| MD5 | 6a021fe46ec2e549d99376931283ad94 |
| SHA1 | a813b4b16676b25855f58ca7e97bfc4ea43dc23e |
| SHA256 | 14a62b2de34a4018138dafa8b8f5c1400a597e420acf89b38734b7497c26021d |
| SHA512 | 8570131f84c7924a20d20461400f4e09ba3246c5d18a09b2fea369cacfdc5e2bb38e7c412a9061e436b61ed448b4bce8ccdd8e4c8b0d9e1759301a82061eee06 |
/data/data/com.mmbox.xbrowser/cache/358787534
| MD5 | 83d285488a277e0153c3db50ae60fd8c |
| SHA1 | 27ebfb9cb87155db505b82eed92fc3b8b340d75a |
| SHA256 | 6bd8303f1322243ad3cbd73a9fea540cf4723ceaca2ecac1c4a3927c0ee7db47 |
| SHA512 | 7c2de8766f8ef11f21e8731a8c13830dde305d04b3f0b262a3157cdbff5154350370fafc2944a90645377008f0e35e8c4c39eee986e67fed91dcbc661b28db53 |
/data/data/com.mmbox.xbrowser/cache/1025149380
| MD5 | 6c198e1115317a25b7f73a6e0d4a8afd |
| SHA1 | df9b42bbeafcd12d77f4af8d2c2856aef39070a8 |
| SHA256 | 22936271be533011b751967d25159286b96c1f29d3a1d75be4ce1d7d50304ec3 |
| SHA512 | 463d5f69dc874d26236fddf8e11f8ca3919073c00ffb345caf60af5f0a1167bdb489b0656ad5c17507dbaba3cde0d3e93a869ac2828da620bd15060a2274d89a |
/data/data/com.mmbox.xbrowser/cache/417067056
| MD5 | e4aabb1f44380fe39e52e762431c4814 |
| SHA1 | 2d146272c83ae8986ae0dcabc797b1e66f17c938 |
| SHA256 | 984962f2f589561b6d8e50788b2681e110fb3c5a4c1c6d930b89e4fefb69c839 |
| SHA512 | b8408f9827383a9e01b55bc19b4c46f48bf5333db8e75eba2fe8b684caefc5ece834b429ab639ff0031b029a5c1cb29024b451628b26d1825710e59d8323be61 |
/storage/emulated/0/Android/data/com.mmbox.xbrowser/files/ad_rules/easylist-1025149380.txt
| MD5 | 6b346018026fc5dc2ad34d52c824fa38 |
| SHA1 | 9e5a1009f4e584357e38d291ed26e0d04f5c6c0d |
| SHA256 | 0fbe5835f447ce978d624183576f75de2c2ba1a9d92e7bcac1804805a32b6786 |
| SHA512 | ad14f718b391c2f03bfc690c89c354ffbf11d1260ad6d8eb81635c5af73830a90e0d3edb8297a18732004dc7addf8b9721458f6fd5c0e27568113365343d62f4 |
/data/data/com.mmbox.xbrowser/files/340118463
| MD5 | 1d4d26e838a9324f2ebd9e4fb80a9bef |
| SHA1 | bace4b250a931ea1f1fb1bdfab0086542e5b6ef7 |
| SHA256 | 8f80dfa2ee1f9e87045c3468a7c181a9686b5fc608b6e2f43f381bea79f2ef9d |
| SHA512 | 83a71a820fc873f205ea4008d8dc59d4b38d6866fbb98b1985fbbb11cafb8668790e542b265bba469af15b25a33606c52aa31231f498ce99517f2aecaf42caba |
/data/data/com.mmbox.xbrowser/files/80196892
| MD5 | e4d61982263497f8744ab5d46e86deca |
| SHA1 | 585348d8e1923a2a026751b5ea59d7906f3da82a |
| SHA256 | 23e01b943df98b3407356336bbff29ef546f6fc689e124b6f4b0615649096d03 |
| SHA512 | 7a9e723572d1660046a1e480ff9ee7a0c5b5935891d5769321c853df4a319e8c8f6eb327cd0e5ee4b22e2268509ce5dd607b44b58aa1d54753fd50ea8f9665a5 |
/data/data/com.mmbox.xbrowser/cache/739544195
| MD5 | b5aab4e19ed3e6ea3849aa25454da2d1 |
| SHA1 | d3cc843631438c3d1809f8972f9b6026b63e4a6d |
| SHA256 | 05fd8bdfb400a017f72225e4decab68e80f49ca7c3a74961381f297928553520 |
| SHA512 | 3c2417aeecea23036746390f9b369d741e1e0794a21fa1c6ef6bcccf3a74b4f2e54123eea5d948129d08c88263a5685ad3e4b57eaa24e8e969be718cf79aa943 |
/data/data/com.mmbox.xbrowser/cache/88210492
| MD5 | 96b99a5e8f8c95035acec8980b38c81b |
| SHA1 | 9539ba1e23592807ea22145d16c6ea877fadb1d0 |
| SHA256 | d61a44edb71d1919947139dca07a6ad8d85071fc05cdb9e9c42c82c8ea86b50e |
| SHA512 | 40f607c98f42734e1c524e15f2c7eb7d8538a5124d333227b48027deaf5cfbfe20eead5e563bdcb120b9cd92a2163a7b31a15abfdad0df624f5ce2ec2e18839f |
/data/data/com.mmbox.xbrowser/cache/443734731
| MD5 | 23d5857b8d05bf3d0c9c8750fd235605 |
| SHA1 | 625eeb501e8d43f1cd7a4ff4ee4d5dab699c79e9 |
| SHA256 | a30d0ae9d217a541a2fbd647cdced0df57f5cbefea6680a770dac2af5e217e02 |
| SHA512 | 6a3232fb1f4ebc9a2606e85e8281790b025a53a8357aa15e860655e30489544e35b3e91853b3e8b79e8e1cea8ebd4da117a1f35ff74322120c18ce3a78a0662f |
/storage/emulated/0/Android/data/com.mmbox.xbrowser/files/ad_rules/11-443734731.txt
| MD5 | 98f85d8cdaad28abb60998c1c889933b |
| SHA1 | 9b8e063c79fc256edce500133378915cfc811bcb |
| SHA256 | 0606a34c939fd7b31cd04c6eaaa475124efe26f38e528ef8008a29239de31473 |
| SHA512 | 5fdc85768d914a78ea505f95d6f2c74c574c0d6881c062fa32356d396fb8fe2dab1d2ac21c0729ab9f732bdc811962d3aceb2068138d3de0013bebf1ea00c853 |
/data/data/com.mmbox.xbrowser/cache/1845302034
| MD5 | a7dcd315eaf2d22a96c679ff3d22cd4c |
| SHA1 | 670d2d3d5695c3d0c64ef41f27925dd4a0ac1764 |
| SHA256 | 9ca6095ddbab48feef6848742cf4713e448ae15211be080bef14232dcb8b43a3 |
| SHA512 | 3a835728299aa789985628eb5d26ef2df1333946bba9e6af8a34dd2526fe446d3299714ac4b202f42db28d69ff112b2f80a8f6499519e3e4ddddd9d5e378338f |
/data/data/com.mmbox.xbrowser/cache/1631234629
| MD5 | ea04a17ecfba418fcfb11e1aa73f3275 |
| SHA1 | 0b0532c3644fc9a8199a27f8fb357389136394a5 |
| SHA256 | db8c520967ab234d44e0942ea49357e043e15d8af905c839e59a5cf729eb88f2 |
| SHA512 | b985ad307039cf97780311210dfc0abf40c1ae98451ac711c641d9d7a0dbe7e5dee3092992f69a5fd3ce519c3c7c2e1e584f26e56f5c06f16766cf1d76280ed4 |
/data/data/com.mmbox.xbrowser/cache/349963649
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
Analysis: behavioral3
Detonation Overview
Submitted
2024-11-10 13:48
Reported
2024-11-10 13:50
Platform
android-x64-arm64-20240910-en
Max time kernel
46s
Max time network
152s
Command Line
Signatures
A potential corporate email address has been identified in the URL: [email protected]
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.mmbox.xbrowser
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| GB | 142.250.200.46:443 | www.youtube.com | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | tcp |
| US | 1.1.1.1:53 | en.xbext.com | udp |
| US | 216.239.34.223:443 | tcp | |
| US | 144.202.80.134:443 | en.xbext.com | tcp |
| US | 144.202.80.134:443 | en.xbext.com | tcp |
| US | 1.1.1.1:53 | srven.xbext.com | udp |
| US | 1.1.1.1:53 | srv1.xbext.com | udp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:80 | srven.xbext.com | tcp |
| US | 144.202.80.134:80 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:80 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 144.202.80.134:443 | srven.xbext.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.212.200:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | gcore.jsdelivr.net | udp |
| US | 1.1.1.1:53 | easylist.to | udp |
| US | 1.1.1.1:53 | filters.adtidy.org | udp |
| US | 104.18.186.31:443 | gcore.jsdelivr.net | tcp |
| US | 172.67.191.28:443 | easylist.to | tcp |
| IL | 169.150.202.203:443 | filters.adtidy.org | tcp |
| GB | 142.250.187.193:443 | tcp | |
| GB | 216.58.204.65:443 | tcp | |
| US | 216.239.34.223:443 | tcp |
Files
/data/data/com.mmbox.xbrowser/databases/mbrowser-journal
| MD5 | 3c790f3afebcf9dea0c8c3d159e83ac9 |
| SHA1 | bacac77c47f59a1610037a7e592d9e1aef28db5d |
| SHA256 | d56b8fa56e8eaa44e9c78200f58ef12388fdd042491bdf3b71e394518f489de0 |
| SHA512 | f1652e582b4f13e1d6bd7affa88a98c15f02bdf3dc6c20e57921c03a7185271fc6635ad3df0ffc126f223212a8b093707bbf3ab654eb4b87bfff589e6096f147 |
/data/data/com.mmbox.xbrowser/databases/mbrowser
| MD5 | 83840598abd34f4a724c146ec8f48866 |
| SHA1 | 3364e0246a8fb6a4dbd441aacca8396e24ac34ad |
| SHA256 | fa0d7dbd0278b9291e9ddd41ae0e7eee86b410cb8779a42a64d874089bd6ff6b |
| SHA512 | 349b67bf29368201a27df5b0610824f575bf36b29e6ed5d42d75cbcbe1759d956be5b9ea7f4a5822f0c60cd89feae71c7c962f523a14dcc07de8fa72dd95dd8d |
/data/data/com.mmbox.xbrowser/databases/mbrowser-journal
| MD5 | 8e331ce6566af9ca81600cf79ac92fe4 |
| SHA1 | 284028470f1d92d3ef49986716e0c95ca807e379 |
| SHA256 | 4b59db84d24cfd2f0bef5baa487e908b7f8d7208f9d5d81b740742e69cb0808d |
| SHA512 | ab95c611a79f4e2e3d2778b826e040ce1bec5be44f7840561cea301fa24a025ddfafb7937ac8436e103bfceaac1f9b8f9d73bb839fdcbefc37b482ea5626dc35 |
/data/data/com.mmbox.xbrowser/databases/mbrowser-journal
| MD5 | 2acce95ed618a2786d15fb0d5e87b463 |
| SHA1 | ef76b1176b7a98ce31dbb276ac4c1199bbfb7598 |
| SHA256 | 0a924e159c8331daff10633f37d33c3daeca73c6d094831adbd78d84c442b22d |
| SHA512 | 7279f6a28e966da95079415a0995d8b845bf987e5f7e172a057ab963dae8a0d753ad75fc25c38ba5831db8f19df607d3f7674416c3b8eca83259b8899c8ad9b9 |
/data/data/com.mmbox.xbrowser/cache/533325554
| MD5 | f57fcd5733da1d564a84db85ca3403e5 |
| SHA1 | b41c82789117869ad21087ce04ceba1650292a22 |
| SHA256 | 3b428fe821e1372b883bd3f40f97ddd0ee4d7af32bef5ab468abddbdfe10af57 |
| SHA512 | 923b10469fa662f28c4c7d93fdd8fe71249aaea649cb30f164683f1f6c7adb68bc343526293a567ecd4004e1353834baa3e3cd2786923df857397a133eee3293 |
/data/data/com.mmbox.xbrowser/databases/mbrowser-journal
| MD5 | 7cd588cd7d85035e3996eaed8339e938 |
| SHA1 | 05608cca9b7f94db9af2d391f253ee3017504191 |
| SHA256 | f8ef371cd87a4bfed42fa0800f544fdf3bbd6ea21b69fc660442e1e955145ae1 |
| SHA512 | 7940e53fb40521c271690bc4b6299e3e9807c357a859a2cd4be62b8132f315f7b6b08adc0cbb8c5089d990b02a6c2224c5e782420b80bca017be0861fdc94274 |
/data/data/com.mmbox.xbrowser/cache/1226599029
| MD5 | 6a021fe46ec2e549d99376931283ad94 |
| SHA1 | a813b4b16676b25855f58ca7e97bfc4ea43dc23e |
| SHA256 | 14a62b2de34a4018138dafa8b8f5c1400a597e420acf89b38734b7497c26021d |
| SHA512 | 8570131f84c7924a20d20461400f4e09ba3246c5d18a09b2fea369cacfdc5e2bb38e7c412a9061e436b61ed448b4bce8ccdd8e4c8b0d9e1759301a82061eee06 |
/data/data/com.mmbox.xbrowser/databases/mbrowser-journal
| MD5 | bf30747d148aaa802f2f27e677688cc8 |
| SHA1 | 40c8ebe0360f7bec195a03299ffcb7fe508e7698 |
| SHA256 | 35e247fd6caffd8d863f73e362315036437b06d5d5f56e7d29d5e65ba63909fd |
| SHA512 | 3668cbeb6ed56970b9d64221f3caef3b4b442f93994fc320ffb6fc6bab19b31d20167df559b40108c58a64f30b8b70dec3079b16722c7f21763c7330f2cbe421 |
/data/data/com.mmbox.xbrowser/databases/mbrowser-journal
| MD5 | 555aeca1dd7b2cc0f5fa2e09304b88f3 |
| SHA1 | 7153cea312db899f3ecfa283db6f5fce6eea0c21 |
| SHA256 | 8d0003c81353cf26ab978f74c2e7b8233c3fc8ba1d5f2d22e0de238a10a94ac6 |
| SHA512 | 48e9bc0f4ca1eb3631c30e069f3af1e8ead2c11fde99c57d066d3a52aece9523dee72abb995fb64e9fe85f7e20d4124183046d9415459740de98432ed2979f7c |
/data/data/com.mmbox.xbrowser/cache/88210492
| MD5 | 96b99a5e8f8c95035acec8980b38c81b |
| SHA1 | 9539ba1e23592807ea22145d16c6ea877fadb1d0 |
| SHA256 | d61a44edb71d1919947139dca07a6ad8d85071fc05cdb9e9c42c82c8ea86b50e |
| SHA512 | 40f607c98f42734e1c524e15f2c7eb7d8538a5124d333227b48027deaf5cfbfe20eead5e563bdcb120b9cd92a2163a7b31a15abfdad0df624f5ce2ec2e18839f |
/data/data/com.mmbox.xbrowser/cache/739544195
| MD5 | b5aab4e19ed3e6ea3849aa25454da2d1 |
| SHA1 | d3cc843631438c3d1809f8972f9b6026b63e4a6d |
| SHA256 | 05fd8bdfb400a017f72225e4decab68e80f49ca7c3a74961381f297928553520 |
| SHA512 | 3c2417aeecea23036746390f9b369d741e1e0794a21fa1c6ef6bcccf3a74b4f2e54123eea5d948129d08c88263a5685ad3e4b57eaa24e8e969be718cf79aa943 |
/data/data/com.mmbox.xbrowser/cache/1631234629
| MD5 | ea04a17ecfba418fcfb11e1aa73f3275 |
| SHA1 | 0b0532c3644fc9a8199a27f8fb357389136394a5 |
| SHA256 | db8c520967ab234d44e0942ea49357e043e15d8af905c839e59a5cf729eb88f2 |
| SHA512 | b985ad307039cf97780311210dfc0abf40c1ae98451ac711c641d9d7a0dbe7e5dee3092992f69a5fd3ce519c3c7c2e1e584f26e56f5c06f16766cf1d76280ed4 |
/data/data/com.mmbox.xbrowser/cache/1845302034
| MD5 | a7dcd315eaf2d22a96c679ff3d22cd4c |
| SHA1 | 670d2d3d5695c3d0c64ef41f27925dd4a0ac1764 |
| SHA256 | 9ca6095ddbab48feef6848742cf4713e448ae15211be080bef14232dcb8b43a3 |
| SHA512 | 3a835728299aa789985628eb5d26ef2df1333946bba9e6af8a34dd2526fe446d3299714ac4b202f42db28d69ff112b2f80a8f6499519e3e4ddddd9d5e378338f |
/data/data/com.mmbox.xbrowser/cache/349963649
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
/data/data/com.mmbox.xbrowser/cache/358787534
| MD5 | 83d285488a277e0153c3db50ae60fd8c |
| SHA1 | 27ebfb9cb87155db505b82eed92fc3b8b340d75a |
| SHA256 | 6bd8303f1322243ad3cbd73a9fea540cf4723ceaca2ecac1c4a3927c0ee7db47 |
| SHA512 | 7c2de8766f8ef11f21e8731a8c13830dde305d04b3f0b262a3157cdbff5154350370fafc2944a90645377008f0e35e8c4c39eee986e67fed91dcbc661b28db53 |
/data/data/com.mmbox.xbrowser/cache/1025149380
| MD5 | 6c198e1115317a25b7f73a6e0d4a8afd |
| SHA1 | df9b42bbeafcd12d77f4af8d2c2856aef39070a8 |
| SHA256 | 22936271be533011b751967d25159286b96c1f29d3a1d75be4ce1d7d50304ec3 |
| SHA512 | 463d5f69dc874d26236fddf8e11f8ca3919073c00ffb345caf60af5f0a1167bdb489b0656ad5c17507dbaba3cde0d3e93a869ac2828da620bd15060a2274d89a |
/storage/emulated/0/Android/data/com.mmbox.xbrowser/files/ad_rules/easylist-1025149380.txt (deleted)
| MD5 | 6b346018026fc5dc2ad34d52c824fa38 |
| SHA1 | 9e5a1009f4e584357e38d291ed26e0d04f5c6c0d |
| SHA256 | 0fbe5835f447ce978d624183576f75de2c2ba1a9d92e7bcac1804805a32b6786 |
| SHA512 | ad14f718b391c2f03bfc690c89c354ffbf11d1260ad6d8eb81635c5af73830a90e0d3edb8297a18732004dc7addf8b9721458f6fd5c0e27568113365343d62f4 |
/data/data/com.mmbox.xbrowser/cache/417067056
| MD5 | e4aabb1f44380fe39e52e762431c4814 |
| SHA1 | 2d146272c83ae8986ae0dcabc797b1e66f17c938 |
| SHA256 | 984962f2f589561b6d8e50788b2681e110fb3c5a4c1c6d930b89e4fefb69c839 |
| SHA512 | b8408f9827383a9e01b55bc19b4c46f48bf5333db8e75eba2fe8b684caefc5ece834b429ab639ff0031b029a5c1cb29024b451628b26d1825710e59d8323be61 |
/data/data/com.mmbox.xbrowser/files/340118463
| MD5 | 1d4d26e838a9324f2ebd9e4fb80a9bef |
| SHA1 | bace4b250a931ea1f1fb1bdfab0086542e5b6ef7 |
| SHA256 | 8f80dfa2ee1f9e87045c3468a7c181a9686b5fc608b6e2f43f381bea79f2ef9d |
| SHA512 | 83a71a820fc873f205ea4008d8dc59d4b38d6866fbb98b1985fbbb11cafb8668790e542b265bba469af15b25a33606c52aa31231f498ce99517f2aecaf42caba |
/data/data/com.mmbox.xbrowser/files/80196892
| MD5 | e4d61982263497f8744ab5d46e86deca |
| SHA1 | 585348d8e1923a2a026751b5ea59d7906f3da82a |
| SHA256 | 23e01b943df98b3407356336bbff29ef546f6fc689e124b6f4b0615649096d03 |
| SHA512 | 7a9e723572d1660046a1e480ff9ee7a0c5b5935891d5769321c853df4a319e8c8f6eb327cd0e5ee4b22e2268509ce5dd607b44b58aa1d54753fd50ea8f9665a5 |
/data/data/com.mmbox.xbrowser/cache/443734731
| MD5 | 23d5857b8d05bf3d0c9c8750fd235605 |
| SHA1 | 625eeb501e8d43f1cd7a4ff4ee4d5dab699c79e9 |
| SHA256 | a30d0ae9d217a541a2fbd647cdced0df57f5cbefea6680a770dac2af5e217e02 |
| SHA512 | 6a3232fb1f4ebc9a2606e85e8281790b025a53a8357aa15e860655e30489544e35b3e91853b3e8b79e8e1cea8ebd4da117a1f35ff74322120c18ce3a78a0662f |
/storage/emulated/0/Android/data/com.mmbox.xbrowser/files/ad_rules/11-443734731.txt (deleted)
| MD5 | 98f85d8cdaad28abb60998c1c889933b |
| SHA1 | 9b8e063c79fc256edce500133378915cfc811bcb |
| SHA256 | 0606a34c939fd7b31cd04c6eaaa475124efe26f38e528ef8008a29239de31473 |
| SHA512 | 5fdc85768d914a78ea505f95d6f2c74c574c0d6881c062fa32356d396fb8fe2dab1d2ac21c0729ab9f732bdc811962d3aceb2068138d3de0013bebf1ea00c853 |