Analysis

  • max time kernel
    44s
  • max time network
    51s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240624-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
  • submitted
    31/10/2024, 15:39

Errors

Reason
exit status 1: "{\"level\":\"error\",\"stdout\":\"\",\"stderr\":\"WARNING | userdata partition is resized from 6 M to 16384 M\\nERROR | resizing partition e2fsck failed with exit code 8\\nERROR | Unable to connect to adb daemon on port: 5037\\nWARNING | cannot add library /opt/android-sdk-linux/emulator/qemu/linux-x86_64/lib64/vulkan/libvulkan.so: failed\\nWARNING | Requested adb port (28028) is outside the recommended range [5555,5586]. ADB may not function properly for the emulator. See -help-port for details.\\n\",\"error\":\"signal: segmentation fault\",\"time\":\"2024-10-31T15:40:23Z\",\"message\":\"Emulator process unexpectedly exited\"}"

General

  • Target

    CLIENT.apk

  • Size

    3.4MB

  • MD5

    e05f642a954e5fa5d06c56cf04c00b2d

  • SHA1

    19d28d4f2677d6311ccc90c74806383931f2c0bc

  • SHA256

    2bbe9cd94760ffe4f2ac5058343c25d7e9a24c5c678a1d3493999de2a5ea18dc

  • SHA512

    e0f516e534619b727d4cf1508c5f7408e18f2ffe5a432c2393d7add17927bead273ad38fa08e8a53f996c8b2ee69500ff3f1cbe2daf96a417c0e3e4b037587ff

  • SSDEEP

    49152:Yad2okaqMvh9/rY68za8sdWuDLA2LQm1cOdc/bpjgmVY2yocPKl65So:Rd2oPvHc/S+m11dc/b7Pcc655

Malware Config

Signatures

Processes

  • cybershieldx.rainbow
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Requests enabling of the accessibility settings.
    • Checks CPU information
    • Checks memory information
    PID:4307

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/cybershieldx.rainbow/files/profileInstalled

          Filesize

          24B

          MD5

          913b846c56f868ac3a5669530ae35df0

          SHA1

          2454e0c278a3ddb777d4ad6fbeab57de99945064

          SHA256

          d06f5ec259ac8c291096ce50ef2b9db1d1c26e82759cfe6825ef340c8a3b02c2

          SHA512

          06911f6f0aa877f8a6271be54b7ca7f307f8434cd5a83591f6a8fcaed8b2823bbba5f3b5d94378a70006fb1bdda24b9dbe00e6ff1650096fa02d11b0f7ea0dd6

        • /data/data/cybershieldx.rainbow/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

          Filesize

          8B

          MD5

          0ca08c6375d9e4dffaf644d6bc2ddc94

          SHA1

          0b2e8a345a85db370809ae7dd90199f66fc0ecf0

          SHA256

          35dd951abacea82409f3971b0cfd6194d5b1b8ed5affa363aa1916fe435631e1

          SHA512

          a86a454dd9249e010a34c1e64d308630d903abd92f3cccd7ba5d4c39bfd0d519319ab4788c7b19f904d74dec7396467af2827e03ffe96a71293f53fc826c5251

        • /data/misc/profiles/cur/0/cybershieldx.rainbow/primary.prof

          Filesize

          3KB

          MD5

          10f66da999d8e7ad9dd369a680e789f6

          SHA1

          da5c0229a460ff7bc102d80162cb3ff63a4bb11c

          SHA256

          49058d3a71265a31f0a7de57525a42d11ef506a481caedc139233c59641c0e07

          SHA512

          abed2c8895ec1f139149049ceeca039dc0e47295bafb46dd1abef94c35324a695a99870a613470c584c5dcba6e1ab81690308721e09709f3d9b10ce24be84174