Analysis

  • max time kernel
    141s
  • max time network
    149s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240624-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
  • submitted
    31/10/2024, 16:12

General

  • Target

    CLIENT.apk

  • Size

    3.3MB

  • MD5

    3588caab0633dd648a82109c86410538

  • SHA1

    a0758babc32b9dfdc35a697f83de91d74d593b59

  • SHA256

    b806dd0d06269205e5c7718f3f0e67e65d271806450581a4b2ce09bb1b38df89

  • SHA512

    dea6de34fb9e56b4ac7ad21cff8702d1ff90a2a4d8781cfd937019af85b14dc59edd7369efdb5e2067a04e71701a742a6ee93b6412e7e82c6aacf692163a2bc2

  • SSDEEP

    49152:yNSm/PBSjjl4TXvEOPoR4Pmd24kaqMvh9skkV68zD8sdLQJIk7TNm1BdYn:yNhJSjjl4z/ed24PvHMV/KJPm1Bd0

Malware Config

Signatures

Processes

  • cybershieldx.rainbow
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Checks CPU information
    • Checks memory information
    PID:4318

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/cybershieldx.rainbow/files/profileInstalled

          Filesize

          24B

          MD5

          40f0878dcd2435da62134473ff77677a

          SHA1

          f8fdb9fc6992b5b8daae4ce9404307b19b8e2b42

          SHA256

          1fdd5924781c04a28cce338a138ab956c068d53d2f2cd6143ff37db55e9734d7

          SHA512

          e283428eaa7c258418ac18c840bb7edd8302d3c3de2164d82a41a3ad3d7160d174fdf22718dfb0f21046541d95416d48e5e9fa90dd47ba3b4637bdacacd92a11

        • /data/data/cybershieldx.rainbow/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

          Filesize

          8B

          MD5

          eb0211d0d3660b1385878e32e050091a

          SHA1

          b709a4229a06d6758bf052f86cd1ef46138ebb56

          SHA256

          1ce8503edbf8f6bbff2896d9cb0aada94b667742f0c19fb8f3b69c66d44f7ba9

          SHA512

          1ab4ac98efda2f7b9b6d19d85f1a581f9d85f8472cde6160861d6ec3020812f73715d72abf6f7b46311f4cae6c69cc9f3b0150963480afd1b37d1a7bbcabd260

        • /data/misc/profiles/cur/0/cybershieldx.rainbow/primary.prof

          Filesize

          3KB

          MD5

          10f66da999d8e7ad9dd369a680e789f6

          SHA1

          da5c0229a460ff7bc102d80162cb3ff63a4bb11c

          SHA256

          49058d3a71265a31f0a7de57525a42d11ef506a481caedc139233c59641c0e07

          SHA512

          abed2c8895ec1f139149049ceeca039dc0e47295bafb46dd1abef94c35324a695a99870a613470c584c5dcba6e1ab81690308721e09709f3d9b10ce24be84174

        • /data/misc/profiles/cur/0/cybershieldx.rainbow/primary.prof

          Filesize

          5KB

          MD5

          51eded6a024a4ed4bc2819683ad18a70

          SHA1

          f8f77d4126f98c0932915655b3e7c33bda94548a

          SHA256

          3a7c3b3d4506b2cf273e2e0415525d2fcceff8e037245e8a7703885c54d21104

          SHA512

          45ebdb13f4b9c7c09ea18df76c3a11729a5ddc383155a513b1d50b620530774499143116866a7aaab468a8b188d69e665782754fdc852f8f862c296e41897e47