Overview
overview
8Static
static
67334a59681...18.apk
android-9-x86
77334a59681...18.apk
android-10-x64
77334a59681...18.apk
android-11-x64
6dx.apk
android-9-x86
8dx.apk
android-10-x64
8com.nd.and...me.apk
android-9-x86
1com.nd.and...me.apk
android-10-x64
1com.nd.and...me.apk
android-11-x64
1com.nd.hil...12.apk
android-9-x86
7com.nd.hil...12.apk
android-10-x64
7com.nd.hil...12.apk
android-11-x64
1nd.apk
android-9-x86
nd.apk
android-10-x64
nd.apk
android-11-x64
General
-
Target
7334a596810fed970cf990a74cfaffba_JaffaCakes118
-
Size
11.8MB
-
Sample
240525-zmywvaad93
-
MD5
7334a596810fed970cf990a74cfaffba
-
SHA1
47258eaff968c66268c02d5bd85e0fa06cbadc6c
-
SHA256
67e62234a3eb07a02fa8b48fc8b98d3173860d73cd0be4e2a35f26bed650f865
-
SHA512
83c2d1d7c49aff558f8d9264e2e421b303dc0261e2444f18534aaaf76ef95ce2ca0aec867ca2fa04f83f696e26c7e479b08325394e0f9d4af094a5a2541382bd
-
SSDEEP
196608:f9Sw+nVfQbWcGaAttoWqEjuGo/WyVrNgZRWqJHAB1uNX0/5e0cQtxQo:f9KR0BGr37Sx2ZRhHm0yxFcQbR
Static task
static1
Behavioral task
behavioral1
Sample
7334a596810fed970cf990a74cfaffba_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
7334a596810fed970cf990a74cfaffba_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
7334a596810fed970cf990a74cfaffba_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral4
Sample
dx.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral5
Sample
dx.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral6
Sample
com.nd.android.widget.pandahome.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral7
Sample
com.nd.android.widget.pandahome.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral8
Sample
com.nd.android.widget.pandahome.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral9
Sample
com.nd.hilauncherdev.plugin.browser_V_3_M_11ca6e5243bb6ed7fad7b01082506412.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral10
Sample
com.nd.hilauncherdev.plugin.browser_V_3_M_11ca6e5243bb6ed7fad7b01082506412.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral11
Sample
com.nd.hilauncherdev.plugin.browser_V_3_M_11ca6e5243bb6ed7fad7b01082506412.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral12
Sample
nd.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral13
Sample
nd.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral14
Sample
nd.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
7334a596810fed970cf990a74cfaffba_JaffaCakes118
-
Size
11.8MB
-
MD5
7334a596810fed970cf990a74cfaffba
-
SHA1
47258eaff968c66268c02d5bd85e0fa06cbadc6c
-
SHA256
67e62234a3eb07a02fa8b48fc8b98d3173860d73cd0be4e2a35f26bed650f865
-
SHA512
83c2d1d7c49aff558f8d9264e2e421b303dc0261e2444f18534aaaf76ef95ce2ca0aec867ca2fa04f83f696e26c7e479b08325394e0f9d4af094a5a2541382bd
-
SSDEEP
196608:f9Sw+nVfQbWcGaAttoWqEjuGo/WyVrNgZRWqJHAB1uNX0/5e0cQtxQo:f9KR0BGr37Sx2ZRhHm0yxFcQbR
Score7/10-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Requests dangerous framework permissions
-
-
-
Target
dx.mp3
-
Size
7.2MB
-
MD5
0f950dfda38eefaeb6de94e093ad9d7f
-
SHA1
b19d618f2b33358581e494f4df947b872c0ea210
-
SHA256
b2becd583a525a93c4944ec984fdd1528eaf7c36632ac5bc3bb8c7791d40f586
-
SHA512
d2b632e688c9de2e3efb4f50fe86fc73924dbefc8d4b9d90729a4ac8ddf6ca2bac69c7ff86db77cdb3ec255d6be657603fd388a92aebbd9df00ef31fae1e192d
-
SSDEEP
98304:X9ZrEUl9ceYTVmkQb+FAEI7iTkpF/d4paAh7aAttoc7UlrJ2jNjbQT+VJoqHCONW:X9Sw+nVfQbWcGaAttoWqEjuGo/WyVr5
-
Checks if the Android device is rooted.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads the content of the call log.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Changes the wallpaper (common with ransomware activity)
-
-
-
Target
com.nd.android.widget.pandahome.flashlight
-
Size
420KB
-
MD5
d7ed82aa742154281da5c6c64baa72be
-
SHA1
833fa9169f66a4fac0a844902d8305da875f316e
-
SHA256
5f54363be719d281f9d64d68af9e7093aba66b0781d99025e331a2375636e271
-
SHA512
222b0664cdf950a8e6d189a822ed379c29f56e2d3e36d35a35b4afc07a800a225df23a8bd1de43455a94eedaf3e8a28773ea5da13009279191d27bca3106594b
-
SSDEEP
6144:KvuvJ1RJBq3MA4DQ1siZAGml4T+fLJ7W1VXS4e8iay+8/faWdhDlE/8MskMZjv7c:KWx1Rm4DQ1cGlTWtINe8C+s3zPXwdp
Score1/10 -
-
-
Target
com.nd.hilauncherdev.plugin.browser_V_3_M_11ca6e5243bb6ed7fad7b01082506412.jar
-
Size
327KB
-
MD5
8dd5d40f0cafe4c4bccb2749693d0237
-
SHA1
505fb609c9c5bf906804418ea2e1a3561f19e893
-
SHA256
42747bb18c44e480c583b030022b0ede18081f4458adff2438e23a62a4faea9a
-
SHA512
42fd9da7fc0c283758b4af47bedc3dd553bb6e2de34364f19c9c043179c7e36720931292bb1b55091c99d256a7e48b0f753d78f4eacc52e360ba376b6dc3deb3
-
SSDEEP
6144:ziogCBYgQMMknvo7pv8W8cCILTQtWIGQjmW//d+m:zpgCBY1pwo7pkz6QtUPm
Score7/10-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
-
-
Target
nd.jar
-
Size
3KB
-
MD5
330e5a7a65f3d6593b4e3693cb6b581a
-
SHA1
97ed25af93827667740ddc0f5f20efaa0db79f2f
-
SHA256
effd679a8cfef061b537814b41f2733a9785d80d1d11f8c61216a78b35c747ca
-
SHA512
3b2234d683cfbfde304d23150678595076eff41c691269dfc0d1d035b784113879e84d19ec732b257ea2146b4170edda2d8ece79449c2a33d948d0ae4e777328
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
1System Checks
1Discovery
Location Tracking
1Process Discovery
1System Information Discovery
2System Network Configuration Discovery
3System Network Connections Discovery
2