Overview
overview
8Static
static
6bb1ab6ce6f...18.apk
android-9-x86
6bb1ab6ce6f...18.apk
android-10-x64
6bb1ab6ce6f...18.apk
android-11-x64
6PandaHome2.apk
android-9-x86
8PandaHome2.apk
android-13-x64
com.nd.and...me.apk
android-9-x86
1com.nd.and...me.apk
android-10-x64
1com.nd.and...me.apk
android-11-x64
1com.nd.hil...ac.apk
android-9-x86
6com.nd.hil...ac.apk
android-10-x64
7com.nd.hil...ac.apk
android-11-x64
7com.nd.hil...ca.apk
android-9-x86
6com.nd.hil...ca.apk
android-10-x64
7com.nd.hil...ca.apk
android-11-x64
7nd.apk
android-9-x86
nd.apk
android-10-x64
nd.apk
android-11-x64
Analysis
-
max time kernel
138s -
max time network
158s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
18-06-2024 06:29
Static task
static1
Behavioral task
behavioral1
Sample
bb1ab6ce6f0e4e56baafe4f311b89511_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
bb1ab6ce6f0e4e56baafe4f311b89511_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
bb1ab6ce6f0e4e56baafe4f311b89511_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral4
Sample
PandaHome2.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral5
Sample
PandaHome2.apk
Resource
android-33-x64-arm64-20240611.1-en
Behavioral task
behavioral6
Sample
com.nd.android.widget.pandahome.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral7
Sample
com.nd.android.widget.pandahome.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral8
Sample
com.nd.android.widget.pandahome.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral9
Sample
com.nd.hilauncherdev.plugin.browser_V_4_M_f098eb78edf38f1234dbc177c54037ac.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral10
Sample
com.nd.hilauncherdev.plugin.browser_V_4_M_f098eb78edf38f1234dbc177c54037ac.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral11
Sample
com.nd.hilauncherdev.plugin.browser_V_4_M_f098eb78edf38f1234dbc177c54037ac.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral12
Sample
com.nd.hilauncherdev.plugin.navigation_V_15_M_f9116e80f80655ce754d9e54d0da57ca.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral13
Sample
com.nd.hilauncherdev.plugin.navigation_V_15_M_f9116e80f80655ce754d9e54d0da57ca.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral14
Sample
com.nd.hilauncherdev.plugin.navigation_V_15_M_f9116e80f80655ce754d9e54d0da57ca.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral15
Sample
nd.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral16
Sample
nd.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral17
Sample
nd.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
com.nd.hilauncherdev.plugin.browser_V_4_M_f098eb78edf38f1234dbc177c54037ac.apk
-
Size
281KB
-
MD5
1198af2fca7af37f6a481b8cba4043fa
-
SHA1
34bbc90b1319265938205d33609f017e6e7fbdef
-
SHA256
a6546124de6beed3c6f4cd46a9a264ebb238330e04720b6b8095f28cabd2ce51
-
SHA512
071f47e2fa18b68d378833391c270d19dfff4a4db701f5fe54b529a13930ffdebdd20877aea400d90ddf0f5c4553edf96a28b7ff7916c91418cc9b4fc4bf70af
-
SSDEEP
6144:PxPpDK+ocpiFWf/PsSYIxbmyKTCwlqH1ujNS:pRVocpgaYMbvwdyb
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.nd.hilauncherdev.plugin.browserdescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.nd.hilauncherdev.plugin.browser -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.nd.hilauncherdev.plugin.browserdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.nd.hilauncherdev.plugin.browser -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.nd.hilauncherdev.plugin.browserdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.nd.hilauncherdev.plugin.browser -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.nd.hilauncherdev.plugin.browserdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.nd.hilauncherdev.plugin.browser -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.nd.hilauncherdev.plugin.browserdescription ioc process File opened for read /proc/meminfo com.nd.hilauncherdev.plugin.browser
Processes
-
com.nd.hilauncherdev.plugin.browser1⤵
- Obtains sensitive information copied to the device clipboard
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:5079
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
397B
MD5fe37b27eb6d4e39bfd1a8aa2585dd0b4
SHA167bd43d83d64e0dcc79e72a62bae61af99a6f277
SHA256363e018f9500125807101f52da8ca97120f47bb040dd8c77dfe94228c088a8e7
SHA5127f2b089fff400b32d0f72026b8a47aac2acd625b9aabc688037b5b3f8e1cff557688a7f63747a2a6914dbb08f97f10cfe7cfa54d3970283c51446738545f0adc