Analysis

  • max time kernel
    3060834s
  • max time network
    176s
  • platform
    android_x64
  • resource
    android-x64-20220621-en
  • submitted
    30-06-2022 17:23

General

  • Target

    111cfd455f836794e40c6b088ab8e73f8e673a79c18e559adcffa89630a51042.apk

  • Size

    9.6MB

  • MD5

    7d56ecfd936eb03a020c9fc5c4ada352

  • SHA1

    93fc21384378cb86a4641eddc82e25abeb6360bb

  • SHA256

    111cfd455f836794e40c6b088ab8e73f8e673a79c18e559adcffa89630a51042

  • SHA512

    e3bd22cf3a0d5f4645a7e8791ed78b13cb9fa7f6e4d1d4d291b8653da875462104958f2929fdf8b5305b695a455017eb563acd4a291d13368e8183471b79ba4e

Score
6/10

Malware Config

Signatures

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

Processes

  • com.red.rainbow
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:5734
  • com.red.rainbow:remote
    1⤵
      PID:6199

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/user/0/com.red.rainbow/databases/contacts.db

      Filesize

      64KB

      MD5

      b3e2a1548afd18c9bfeee956c0037267

      SHA1

      6686a596cfb434678a38cd287a447f38a5360c39

      SHA256

      9630f368c51f3455dd00fe582541c43234a47942560c5f650c88e62ecf725a51

      SHA512

      cafd5cc4f73fcb3aed504958c4e0cbf65d678028db8c02ef3303e64c07b99006ed7eb315b4afe9cc741eb7c43d3650d0565a8c505c0bfa9ed246b9f7b5e64a64

    • /data/user/0/com.red.rainbow/databases/contacts.db-journal

      Filesize

      1KB

      MD5

      f1182afcbbd69d4c232c163d8eb50a82

      SHA1

      bf6988f443c743dc08beb5d58a22f4349c384c1e

      SHA256

      ccf616ebf5054bef2cd7a541230a670fe1402928879f06f247987c05af18f595

      SHA512

      57b599e9c76e80127ed74b8c12ce6903fb856b9ce46b69018e67271597cc1bff77cb6422be2580ba2c3196258f773d11fe473f249306b17d7cc499a2cd90842c