Overview

overview

8

Static

static

6

f94c1877aa...18.apk

android-9-x86

8

f94c1877aa...18.apk

android-11-x64

7

com.nd.hil...54.apk

android-9-x86

1

com.nd.hil...54.apk

android-10-x64

1

com.nd.hil...54.apk

android-11-x64

1

nd.apk

android-9-x86

nd.apk

android-10-x64

nd.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f94c1877aaf6bba250543a2d578a6ef8_JaffaCakes118

  • Size

    15.3MB

  • Sample

    240419-cvx8yseb53

  • MD5

    f94c1877aaf6bba250543a2d578a6ef8

  • SHA1

    7d1586eb1e9b81bb835aa507804934400b6fa959

  • SHA256

    43fa4b8fa647f383fb911560dcf6a483d4a84a96035ccec82076849578fc24fe

  • SHA512

    858d31946d4f4d6bca87e1e2400758e1af70f0b644d214e657426a57a60830e1e4d7c649ca2f46b2481983e7cd7e9be01db8af7fcd1f8e1cd656992cd95862c6

  • SSDEEP

    393216:usZoR/8ZCnIww/23cPHLzpI861t3egBQt:ugoRNnI723cPHLz/6vugBQt

Score
8/10
androidcollectiondiscoveryevasion

Malware Config

Targets

    • Target

      f94c1877aaf6bba250543a2d578a6ef8_JaffaCakes118

    • Size

      15.3MB

    • MD5

      f94c1877aaf6bba250543a2d578a6ef8

    • SHA1

      7d1586eb1e9b81bb835aa507804934400b6fa959

    • SHA256

      43fa4b8fa647f383fb911560dcf6a483d4a84a96035ccec82076849578fc24fe

    • SHA512

      858d31946d4f4d6bca87e1e2400758e1af70f0b644d214e657426a57a60830e1e4d7c649ca2f46b2481983e7cd7e9be01db8af7fcd1f8e1cd656992cd95862c6

    • SSDEEP

      393216:usZoR/8ZCnIww/23cPHLzpI861t3egBQt:ugoRNnI723cPHLz/6vugBQt

    Score
    8/10
    collectiondiscoveryevasion

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device.

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection.

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

    • Target

      com.nd.hilauncherdev.plugin.navigation_V_62_M_b709b42a41ee748f20408d414ff50554.jar

    • Size

      2.0MB

    • MD5

      1fc785aca2ce2f7354ae4b00ebef6c0a

    • SHA1

      c706a6f841d3c07af16dbb9b45e3f5824c8dcd29

    • SHA256

      e77d8fe6af921cffe955ca00e881b73717a9d579d91b285a2a56c01e3bddd47f

    • SHA512

      4cb2f1e9d3b86830b06e394ac7081de1ceefbbf8079030666bb999150386f3b559147768b75605246353e7b320a326fda0597d38e1d3e1c598325213c4f3fbb0

    • SSDEEP

      24576:Oz9XIGI54/0kpruNMQJkl/iIDQAW0e2YPDj1zvARhDl4b/ClSsUT0kgLk51k+42w:eXw4/JprnQJ0Kl8YPDKRhib2I0Ec+4l

    Score
    1/10
    behavioral3behavioral4behavioral5

    • Target

      nd.jar

    • Size

      3KB

    • MD5

      330e5a7a65f3d6593b4e3693cb6b581a

    • SHA1

      97ed25af93827667740ddc0f5f20efaa0db79f2f

    • SHA256

      effd679a8cfef061b537814b41f2733a9785d80d1d11f8c61216a78b35c747ca

    • SHA512

      3b2234d683cfbfde304d23150678595076eff41c691269dfc0d1d035b784113879e84d19ec732b257ea2146b4170edda2d8ece79449c2a33d948d0ae4e777328

    Score
    1/10
    behavioral6behavioral7behavioral8

MITRE ATT&CK Matrix

Tasks