3c7d732f60c57dab84803cee24908bb08d317c636e377c581597391d28350c3e[.]apk[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

3c7d732f60c57dab84803cee24908bb08d317c636e377c581597391d28350c3e.apk.zip
Size

40.9MB
MD5

7c9f256436b489947c4bd3eb0315ea71
SHA1

ee3cca441d105d202b1b962fd4c21e80e6139b42
SHA256

c8e3a9082b31403c368859c97768e10f3779131827caf47ed80992e677bb22ca
SHA512

adfc4d5802867f2ad5558223e25b5f40c70a5d8fa55a416d83335ed9cd13c5822cea23e9aae9286d5b77fb396d7b6b3e7d9d82440154b845424be787adbdd7fc
SSDEEP

786432:yIEloK6NX9CcokzWJRxj365tenxOsJ5QyE6dg79RikhBpIzdD53xBj:HElMNXAclujK7qiegx0oBcR5n

Score

1^/10

Malware Config

Signatures

Files

3c7d732f60c57dab84803cee24908bb08d317c636e377c581597391d28350c3e.apk.zip
.zip

Password: infected
3c7d732f60c57dab84803cee24908bb08d317c636e377c581597391d28350c3e.apk
.apk android arch:arm64 arch:arm arch:mips arch:x86 arch:x64

com.nordvpn.android

com.nordvpn.android.rating.RatingActivity

Activities

com.nordvpn.android.WelcomeActivity

android.intent.action.VIEW

com.nordvpn.android.purchaseUI.StartSubscriptionActivity

android.intent.action.VIEW

com.nordvpn.android.purchaseUI.freeTrial.SuggestFreeTrialActivity

android.intent.action.VIEW

com.nordvpn.android.purchaseUI.stripe.FinishPaymentActivity

android.intent.action.VIEW

com.nordvpn.android.inAppMessages.listUI.AppMessagesListActivity

android.intent.action.VIEW

com.nordvpn.android.deepLinks.DeepLinkDisconnectActivity

android.intent.action.VIEW

com.nordvpn.android.deepLinks.DeepLinkConnectActivity

android.intent.action.VIEW

com.nordvpn.android.deepLinks.DeepLinkLogActivity

android.intent.action.VIEW

com.nordvpn.android.deepLinks.DeepLinkSnoozeActivity

android.intent.action.VIEW

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.vending.BILLING
com.android.vending.CHECK_LICENSE
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.FOREGROUND_SERVICE
com.google.android.c2dm.permission.RECEIVE
com.nordvpn.android.permission.C2D_MESSAGE
android.permission.WAKE_LOCK
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

Receivers

com.appsflyer.MultipleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.nordvpn.android.broadcastReceivers.InstallReferrerReceiver

com.android.vending.INSTALL_REFERRER

com.nordvpn.android.broadcastReceivers.OnBootReceiver

android.intent.action.BOOT_COMPLETED

com.google.android.gms.analytics.AnalyticsReceiver

com.google.android.gms.analytics.ANALYTICS_DISPATCH

com.nordvpn.android.broadcastReceivers.PackageReplacedReceiver

android.intent.action.MY_PACKAGE_REPLACED

com.amazon.device.iap.ResponseReceiver

com.amazon.inapp.purchasing.NOTIFY

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

android.intent.action.BATTERY_OKAY
android.intent.action.BATTERY_LOW

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

android.intent.action.DEVICE_STORAGE_LOW
android.intent.action.DEVICE_STORAGE_OK

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

android.net.conn.CONNECTIVITY_CHANGE

androidx.work.impl.background.systemalarm.RescheduleReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.TIME_SET
android.intent.action.TIMEZONE_CHANGED

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

androidx.work.impl.background.systemalarm.UpdateProxies

Services

com.nordvpn.android.vpnService.NordVPNService

android.net.VpnService

com.nordvpn.android.notificationCenter.fcm.MessagingService

com.google.firebase.MESSAGING_EVENT

com.nordvpn.android.quicksettings.QuickSettingsService

android.service.quicksettings.action.QS_TILE

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

androidx.work.impl.background.gcm.WorkManagerGcmService

com.google.android.gms.gcm.ACTION_TASK_READY
MQTTServerCertificate.crt
ds-amex.pem
ds-discover.cer
ds-mastercard.crt
ds-test-ec.txt
ds-test-rsa.txt
ds-visa.crt
help_center_article_style.css
logback.xml
map_md_mq.png
.png
nordlynxTemplate.xslt
ovpnTemplate.xslt
pie_openvpn.arm64-v8a
.elf linux aarch64
pie_openvpn.armeabi-v7a
.elf linux arm
pie_openvpn.x86
.elf linux x86
pie_openvpn.x86_64
.elf linux x64
pre_loading_lottie_animation.json
root.pem
server.json
signature.pem
xorTemplate.xslt

Sharing

General

Malware Config

Signatures

Files

Password: infected

com.nordvpn.android

com.nordvpn.android.rating.RatingActivity

Activities

com.nordvpn.android.WelcomeActivity

com.nordvpn.android.purchaseUI.StartSubscriptionActivity

com.nordvpn.android.purchaseUI.freeTrial.SuggestFreeTrialActivity

com.nordvpn.android.purchaseUI.stripe.FinishPaymentActivity

com.nordvpn.android.inAppMessages.listUI.AppMessagesListActivity

com.nordvpn.android.deepLinks.DeepLinkDisconnectActivity

com.nordvpn.android.deepLinks.DeepLinkConnectActivity

com.nordvpn.android.deepLinks.DeepLinkLogActivity

com.nordvpn.android.deepLinks.DeepLinkSnoozeActivity

Permissions

Receivers

com.appsflyer.MultipleInstallBroadcastReceiver

com.nordvpn.android.broadcastReceivers.InstallReferrerReceiver

com.nordvpn.android.broadcastReceivers.OnBootReceiver

com.google.android.gms.analytics.AnalyticsReceiver

com.nordvpn.android.broadcastReceivers.PackageReplacedReceiver

com.amazon.device.iap.ResponseReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy

androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy

androidx.work.impl.background.systemalarm.RescheduleReceiver

androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver

Services

com.nordvpn.android.vpnService.NordVPNService

com.nordvpn.android.notificationCenter.fcm.MessagingService

com.nordvpn.android.quicksettings.QuickSettingsService

com.google.firebase.messaging.FirebaseMessagingService

androidx.work.impl.background.gcm.WorkManagerGcmService