File name:

e6a97fa7-0ec8-48dd-9b56-758d1a27ce8d

Full analysis: https://app.any.run/tasks/c379cee3-07bb-4469-9a28-c54166aafd59
Verdict: Malicious activity
Analysis date: May 17, 2025, 00:15:17
OS: Android 14
MIME: text/html
File info: HTML document, Unicode text, UTF-8 text, with very long lines (65199), with no line terminators
MD5:

C36249399102B5C8DE912BA52695A01F

SHA1:

2B7A93E143769CC3F7BC2EF9A2B0C2A08A6433D8

SHA256:

F2FB4A708D05C02ADABFD7C10AE4724678BECFBFF360AE5C583C3C4B36437FDB

SSDEEP:

3072:SKioxxfTYfkhT54XPAZakQ7OYYyj6XYZAaf:S2HYf+T8PIakQ7xj6XYZAaf

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    No suspicious indicators.

  • INFO

    No info indicators.
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.htm/html | HyperText Markup Language with DOCTYPE (80.6)
.html | HyperText Markup Language (19.3)
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
125
Monitored processes
3
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start app_process64 app_process32 no specs app_process32 no specs

Process information

PID
CMD
Path
Indicators
Parent process
2281org.chromium.webview_shell /system/bin/app_process64
app_process64
User:
root
Integrity Level:
UNKNOWN
Exit code:
0
2305zygote /system/bin/app_process32app_process32
User:
root
Integrity Level:
UNKNOWN
Exit code:
0
2327webview_zygote /system/bin/app_process32app_process32
User:
webview_zygote
Integrity Level:
UNKNOWN
Exit code:
0
Total events
0
Read events
0
Write events
0
Delete events
0

Modification events

No data
Executable files
0
Suspicious files
0
Text files
0
Unknown types
0

Dropped files

No data
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
26
TCP/UDP connections
56
DNS requests
10
Threats
9

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
GET
404
142.250.185.99:80
http://connectivitycheck.gstatic.com/generate_204
unknown
whitelisted
GET
404
142.250.186.132:80
http://www.google.com/gen_204
unknown
whitelisted
GET
404
142.250.185.99:80
http://connectivitycheck.gstatic.com/generate_204
unknown
whitelisted
GET
404
142.250.186.132:80
http://www.google.com/gen_204
unknown
whitelisted
804
app_process64
GET
404
216.239.32.223:80
http://play.googleapis.com/generate_204
unknown
whitelisted
804
app_process64
GET
404
216.239.38.223:80
http://play.googleapis.com/generate_204
unknown
whitelisted
804
app_process64
GET
404
142.250.186.99:80
http://connectivitycheck.gstatic.com/generate_204
unknown
whitelisted
804
app_process64
GET
404
142.250.186.132:80
http://www.google.com/gen_204
unknown
whitelisted
804
app_process64
GET
404
142.250.185.99:80
http://connectivitycheck.gstatic.com/generate_204
unknown
whitelisted
804
app_process64
GET
404
142.250.186.99:80
http://connectivitycheck.gstatic.com/generate_204
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
449
mdnsd
224.0.0.251:5353
unknown
142.250.186.132:443
www.google.com
GOOGLE
US
whitelisted
142.250.185.99:80
connectivitycheck.gstatic.com
GOOGLE
US
whitelisted
142.250.186.132:80
www.google.com
GOOGLE
US
whitelisted
804
app_process64
142.250.185.99:80
connectivitycheck.gstatic.com
GOOGLE
US
whitelisted
804
app_process64
142.250.186.132:443
www.google.com
GOOGLE
US
whitelisted
804
app_process64
216.239.38.223:80
play.googleapis.com
GOOGLE
US
whitelisted
804
app_process64
142.250.186.99:80
connectivitycheck.gstatic.com
GOOGLE
US
whitelisted
804
app_process64
142.250.186.132:80
www.google.com
GOOGLE
US
whitelisted
804
app_process64
216.239.32.223:80
play.googleapis.com
GOOGLE
US
whitelisted

DNS requests

Domain
IP
Reputation
connectivitycheck.gstatic.com
  • 142.250.185.99
  • 142.250.186.99
whitelisted
www.google.com
  • 142.250.186.132
  • 142.250.186.68
  • 142.250.184.228
whitelisted
google.com
  • 216.58.206.46
whitelisted
play.googleapis.com
  • 216.239.34.223
  • 216.239.38.223
  • 216.239.32.223
  • 216.239.36.223
whitelisted
time.android.com
  • 216.239.35.4
  • 216.239.35.0
  • 216.239.35.12
  • 216.239.35.8
whitelisted
pornhub.com
  • 66.254.114.41
whitelisted

Threats

PID
Process
Class
Message
Misc activity
ET INFO Android Device Connectivity Check
Misc activity
ET INFO Android Device Connectivity Check
804
app_process64
Misc activity
ET INFO Android Device Connectivity Check
804
app_process64
Misc activity
ET INFO Android Device Connectivity Check
804
app_process64
Misc activity
ET INFO Android Device Connectivity Check
804
app_process64
Misc activity
ET INFO Android Device Connectivity Check
804
app_process64
Misc activity
ET INFO Android Device Connectivity Check
804
app_process64
Misc activity
ET INFO Android Device Connectivity Check
804
app_process64
Misc activity
ET INFO Android Device Connectivity Check
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
e6a97fa7-0ec8-48dd-9b56-758d1a27ce8d