Analysis Overview
Threat Level: Known bad
The file http://rastreo-interrapidisimo.co was found to be: Known bad.
Malicious Activity Summary
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-30 13:23
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-30 13:23
Reported
2024-11-30 13:26
Platform
android-x86-arm-20240624-en
Max time kernel
121s
Max time network
138s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | rastreo-interrapidisimo.co | udp |
| US | 104.21.67.60:80 | rastreo-interrapidisimo.co | tcp |
| US | 104.21.67.60:80 | rastreo-interrapidisimo.co | tcp |
| US | 1.1.1.1:53 | www.cloudflare.com | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.169.3:443 | update.googleapis.com | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| GB | 142.250.179.234:443 | tcp | |
| US | 104.21.67.60:80 | rastreo-interrapidisimo.co | tcp |
| US | 104.21.67.60:80 | rastreo-interrapidisimo.co | tcp |
| US | 104.21.67.60:443 | rastreo-interrapidisimo.co | tcp |
| US | 104.21.67.60:443 | rastreo-interrapidisimo.co | tcp |
| US | 1.1.1.1:53 | www.herokucdn.com | udp |
| GB | 18.245.218.95:443 | www.herokucdn.com | tcp |
Files
files/dom-0.html
| MD5 | 9c50eab5c448548b797f1a34a6f8cff7 |
| SHA1 | bbf0d53511ddfe67bf8d0ee225482a0123b8650f |
| SHA256 | 9ad10ef1aa4feb9ced6bf0d1da15d387372832ad3c23a5ad545a8bb4f020b05c |
| SHA512 | ed8de02a6ecf5ff32f0b277a2f774c2f87f35bf996d4c92ea6aa15d2bd8b8daef1f1d9185d39040986a521e37eea3e0331105abe6b323782998cb5abc7e6dd77 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-30 13:23
Reported
2024-11-30 13:26
Platform
android-x64-20240624-en
Max time kernel
117s
Max time network
139s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 142.250.110.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | rastreo-interrapidisimo.co | udp |
| US | 172.67.214.251:80 | rastreo-interrapidisimo.co | tcp |
| US | 172.67.214.251:80 | rastreo-interrapidisimo.co | tcp |
| US | 172.67.214.251:80 | rastreo-interrapidisimo.co | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 142.251.173.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | www.cloudflare.com | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.40:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | www.cloudflare.com | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| GB | 142.250.179.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.179.234:443 | tcp | |
| GB | 216.58.201.98:443 | tcp | |
| GB | 172.217.169.46:443 | tcp |
Files
files/dom-0.html
| MD5 | 9c5b9665c962814d1a7ab7a5a893cff1 |
| SHA1 | 4611029886811e9e82fddb34c6c511da13e6677a |
| SHA256 | a1d6f4cd90e571e22c01126adc2bd134e99d8c58786ead45b1d619fd17415ce2 |
| SHA512 | 3884f27cb4b925241571e59189a9cb6dda849170991f1fc228ac9f4d1d0165e0999e34b5754e16344223d687fe14af8e44be1b09bc575ba212d154b4c9f20d39 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-11-30 13:23
Reported
2024-11-30 13:26
Platform
android-x64-arm64-20240624-en
Max time kernel
124s
Max time network
150s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.206:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | rastreo-interrapidisimo.co | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | rastreo-interrapidisimo.co | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| US | 104.21.67.60:80 | rastreo-interrapidisimo.co | tcp |
| US | 104.21.67.60:80 | rastreo-interrapidisimo.co | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.169.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | www.cloudflare.com | udp |
| US | 104.21.67.60:80 | rastreo-interrapidisimo.co | tcp |
| US | 1.1.1.1:53 | www.cloudflare.com | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 172.217.16.227:443 | update.googleapis.com | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| US | 104.21.67.60:80 | rastreo-interrapidisimo.co | tcp |
| US | 104.21.67.60:80 | rastreo-interrapidisimo.co | tcp |
Files
files/dom-0.html
| MD5 | 4d454764bab6ac7bb03f48e3316b789f |
| SHA1 | 8cb6a24f04da70c89786c4dc296b8e501034ff8b |
| SHA256 | 76a49208ca269a9944ea29e774525938fb02a039e1c0412d07527ae17f536d62 |
| SHA512 | a7f2be3558786401bf56979dc56fe95da1d2b1fd70a67d7d1ab3d68f9e8c833427a8dcb0edd86c350185acede578f24f73ba1bd96e8c8c5746dd9d976bdbbc42 |