General

  • Target

    CLIENT.apk

  • Size

    3.3MB

  • MD5

    3588caab0633dd648a82109c86410538

  • SHA1

    a0758babc32b9dfdc35a697f83de91d74d593b59

  • SHA256

    b806dd0d06269205e5c7718f3f0e67e65d271806450581a4b2ce09bb1b38df89

  • SHA512

    dea6de34fb9e56b4ac7ad21cff8702d1ff90a2a4d8781cfd937019af85b14dc59edd7369efdb5e2067a04e71701a742a6ee93b6412e7e82c6aacf692163a2bc2

  • SSDEEP

    49152:yNSm/PBSjjl4TXvEOPoR4Pmd24kaqMvh9skkV68zD8sdLQJIk7TNm1BdYn:yNhJSjjl4z/ed24PvHMV/KJPm1Bd0

Score
6/10

Malware Config

Signatures

  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 13 IoCs

Files

  • CLIENT.apk
    .apk android

    cybershieldx.rainbow

    cybershieldx.rainbow.RainbowMainActivity


Android Permissions

CLIENT.apk

Permissions

android.permission.INTERNET

android.permission.READ_CONTACTS

android.permission.READ_EXTERNAL_STORAGE

android.permission.VIBRATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_SMS

android.permission.READ_CALL_LOG

android.permission.QUERY_ALL_PACKAGES

android.permission.CAMERA

android.permission.SEND_SMS

android.permission.RECORD_AUDIO

android.permission.READ_PHONE_STATE

android.permission.POST_NOTIFICATIONS

android.permission.READ_MEDIA_IMAGES

android.permission.READ_MEDIA_VIDEO

android.permission.READ_MEDIA_AUDIO

cybershieldx.rainbow.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION