Analysis Overview
Threat Level: Known bad
The file https://rastreos-interrapidisimo.com/ was found to be: Known bad.
Malicious Activity Summary
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-03 16:00
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-03 16:00
Reported
2024-12-03 16:03
Platform
android-x86-arm-20240624-en
Max time kernel
115s
Max time network
128s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| US | 1.1.1.1:53 | rastreos-interrapidisimo.com | udp |
| US | 172.67.71.104:443 | rastreos-interrapidisimo.com | tcp |
| US | 172.67.71.104:443 | rastreos-interrapidisimo.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.200.35:443 | update.googleapis.com | tcp |
| GB | 216.58.201.110:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.213.14:443 | android.apis.google.com | tcp |
| GB | 142.250.178.10:443 | tcp |
Files
files/dom-0.html
| MD5 | 372467ff2bdbe4efba90e5483f2b054e |
| SHA1 | 8ef069233d839342da7e81f7a11be2c6d0172336 |
| SHA256 | 8d816f12f55d65b8a3f38c7123ce6644be4e9d0fbb36bfef1ab8c260dcd5268f |
| SHA512 | e69275ca3f20ade8fc87fffb40d3f2658791b7bcd8d9518cdce71a1981a91d4a388b59c758b154c4415f86ac52e7fd9aa23916cdc30bd749a594399cc1afb61d |
Analysis: behavioral2
Detonation Overview
Submitted
2024-12-03 16:00
Reported
2024-12-03 16:03
Platform
android-x64-20240624-en
Max time kernel
116s
Max time network
131s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| GB | 173.194.76.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | rastreos-interrapidisimo.com | udp |
| GB | 173.194.76.84:443 | accounts.google.com | tcp |
| US | 172.67.71.104:443 | rastreos-interrapidisimo.com | tcp |
| US | 172.67.71.104:443 | rastreos-interrapidisimo.com | tcp |
| US | 1.1.1.1:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.16.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.180.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| GB | 216.58.213.10:443 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 172.217.16.228:443 | tcp |
Files
files/dom-0.html
| MD5 | f28c01319412a90a1ac30be1caa9bfec |
| SHA1 | 3fb15e88c0edcf233b38602008c52cffa18597c7 |
| SHA256 | 8ec1e2f15234c0a351303735321be695713282eaad554162de35c658a1fb483f |
| SHA512 | d8635335b4d0c58459a53ad82f86650ea74d9c3db2a917f1036f0a5e406fb1000cdbaaff8d92c84886337e6d0e0562a943113f02d16b7782d7b58724a895181f |
Analysis: behavioral3
Detonation Overview
Submitted
2024-12-03 16:00
Reported
2024-12-03 16:03
Platform
android-x64-arm64-20240624-en
Max time kernel
124s
Max time network
132s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.180.14:443 | tcp | |
| GB | 142.250.180.14:443 | tcp | |
| GB | 142.250.180.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | rastreos-interrapidisimo.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| US | 1.1.1.1:53 | rastreos-interrapidisimo.com | udp |
| BE | 74.125.133.84:443 | accounts.google.com | tcp |
| US | 104.26.12.49:443 | rastreos-interrapidisimo.com | tcp |
| US | 1.1.1.1:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.179.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 216.58.212.195:443 | update.googleapis.com | tcp |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.200.36:443 | tcp | |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
Files
files/dom-0.html
| MD5 | 264c160e2486e7a08cf05f74c88972d4 |
| SHA1 | 4b7c0bdaa4b35951dfcc0b62b251c0f0b13b1673 |
| SHA256 | 193281a542919d562d3a74d9ce1b6ed69c58198d65efae373ddc67a845b313df |
| SHA512 | 9040bfa23a5231956257c3eaf1138a84aec38b82c253c20427d8f89c6ed31a13be1d0503a94d3db106b1ef246c355984d256479199a0b5caeb82cdb8ee06ff96 |