Analysis
-
max time kernel
141s -
max time network
149s -
platform
android_x64 -
resource
android-33-x64-arm64-20240624-en -
resource tags
androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system -
submitted
31/10/2024, 16:12
Static task
static1
Behavioral task
behavioral1
Sample
CLIENT.apk
Resource
android-33-x64-arm64-20240624-en
General
-
Target
CLIENT.apk
-
Size
3.3MB
-
MD5
3588caab0633dd648a82109c86410538
-
SHA1
a0758babc32b9dfdc35a697f83de91d74d593b59
-
SHA256
b806dd0d06269205e5c7718f3f0e67e65d271806450581a4b2ce09bb1b38df89
-
SHA512
dea6de34fb9e56b4ac7ad21cff8702d1ff90a2a4d8781cfd937019af85b14dc59edd7369efdb5e2067a04e71701a742a6ee93b6412e7e82c6aacf692163a2bc2
-
SSDEEP
49152:yNSm/PBSjjl4TXvEOPoR4Pmd24kaqMvh9skkV68zD8sdLQJIk7TNm1BdYn:yNhJSjjl4z/ed24PvHMV/KJPm1Bd0
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener cybershieldx.rainbow -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo cybershieldx.rainbow -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo cybershieldx.rainbow
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24B
MD540f0878dcd2435da62134473ff77677a
SHA1f8fdb9fc6992b5b8daae4ce9404307b19b8e2b42
SHA2561fdd5924781c04a28cce338a138ab956c068d53d2f2cd6143ff37db55e9734d7
SHA512e283428eaa7c258418ac18c840bb7edd8302d3c3de2164d82a41a3ad3d7160d174fdf22718dfb0f21046541d95416d48e5e9fa90dd47ba3b4637bdacacd92a11
-
Filesize
8B
MD5eb0211d0d3660b1385878e32e050091a
SHA1b709a4229a06d6758bf052f86cd1ef46138ebb56
SHA2561ce8503edbf8f6bbff2896d9cb0aada94b667742f0c19fb8f3b69c66d44f7ba9
SHA5121ab4ac98efda2f7b9b6d19d85f1a581f9d85f8472cde6160861d6ec3020812f73715d72abf6f7b46311f4cae6c69cc9f3b0150963480afd1b37d1a7bbcabd260
-
Filesize
3KB
MD510f66da999d8e7ad9dd369a680e789f6
SHA1da5c0229a460ff7bc102d80162cb3ff63a4bb11c
SHA25649058d3a71265a31f0a7de57525a42d11ef506a481caedc139233c59641c0e07
SHA512abed2c8895ec1f139149049ceeca039dc0e47295bafb46dd1abef94c35324a695a99870a613470c584c5dcba6e1ab81690308721e09709f3d9b10ce24be84174
-
Filesize
5KB
MD551eded6a024a4ed4bc2819683ad18a70
SHA1f8f77d4126f98c0932915655b3e7c33bda94548a
SHA2563a7c3b3d4506b2cf273e2e0415525d2fcceff8e037245e8a7703885c54d21104
SHA51245ebdb13f4b9c7c09ea18df76c3a11729a5ddc383155a513b1d50b620530774499143116866a7aaab468a8b188d69e665782754fdc852f8f862c296e41897e47