Overview

overview

7

Static

static

7

111cfd455f...42.apk

android_x86

6

111cfd455f...42.apk

android_x64

6

111cfd455f...42.apk

android_x64

5

Analysis

  • max time kernel
    3060711s
  • max time network
    117s
  • platform
    android_x86
  • resource
    android-x86-arm-20220621-en
  • submitted
    30-06-2022 17:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    111cfd455f836794e40c6b088ab8e73f8e673a79c18e559adcffa89630a51042.apk

  • Size

    9.6MB

  • MD5

    7d56ecfd936eb03a020c9fc5c4ada352

  • SHA1

    93fc21384378cb86a4641eddc82e25abeb6360bb

  • SHA256

    111cfd455f836794e40c6b088ab8e73f8e673a79c18e559adcffa89630a51042

  • SHA512

    e3bd22cf3a0d5f4645a7e8791ed78b13cb9fa7f6e4d1d4d291b8653da875462104958f2929fdf8b5305b695a455017eb563acd4a291d13368e8183471b79ba4e

Score
6/10
evasionransomware

Malware Config

Signatures

  • Reads information about phone network operator.
  • Removes a system notification. 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.red.rainbow
    1⤵
    • Removes a system notification.
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4297
  • com.red.rainbow:remote
    1⤵
      PID:4765

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/user/0/com.red.rainbow/databases/contacts.db
      Filesize

      20KB

      MD5

      e62054dd777ae467c576b5cdaf7be048

      SHA1

      b8d541a9417e91eeeb054b09e4a37f6269bca007

      SHA256

      9502b2678b2ddb946cc305a66ad03f1411fc1a704c2d43fdb64f23d7f8683c58

      SHA512

      d4341ba4dc2fcf13311d4025938dc09aeedf539663e450deb24f01650cb55e8422f59fa537bd0ccd34a7a771f0ea45cdafe42634d741cf737af1e833ee7521f3

      Download Submit

    • /data/user/0/com.red.rainbow/databases/contacts.db-journal
      Filesize

      524B

      MD5

      8bdc3961e9ba78b27e65073c0259f6b9

      SHA1

      a174e2f1cc2a699f7272120907156186af4c246a

      SHA256

      2e30456b96d7f58ed21b38ab94ad2cf5493366e371d038e2ff5d25e48c49d74f

      SHA512

      7d8ee5d224557373658ede25ea185747f9f8c36cd7ece0dc05cee53fbcbaf9b414f29ac785820121af0a278895ee79d31d68c7014f7ad3be1681d41b3ff5cd51

      Download Submit

    • /data/user/0/com.red.rainbow/databases/contacts.db-shm
      Filesize

      8B

      MD5

      7dea362b3fac8e00956a4952a3d4f474

      SHA1

      05fe405753166f125559e7c9ac558654f107c7e9

      SHA256

      af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

      SHA512

      1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

      Download Submit

    • /data/user/0/com.red.rainbow/databases/contacts.db-wal
      Filesize

      28KB

      MD5

      3b7deb0908efc4a7721eddb1cf1ff9e8

      SHA1

      817ba89e580e30e743f017e4769effa9c57d1591

      SHA256

      437122a5c4b2908048601e4e21be22c67d85fdda8947836d71322f68e66fa800

      SHA512

      8498d7add8e537f15cb2406151e3adcdb7c838a9148906e6d18d041a656ba56f4dd330a3352abdf20feee447558d14e24466d7a135646efe13fa84fdd09b3154

      Download Submit