Overview
overview
8Static
static
6bb1ab6ce6f...18.apk
android-9-x86
6bb1ab6ce6f...18.apk
android-10-x64
6bb1ab6ce6f...18.apk
android-11-x64
6PandaHome2.apk
android-9-x86
8PandaHome2.apk
android-13-x64
com.nd.and...me.apk
android-9-x86
1com.nd.and...me.apk
android-10-x64
1com.nd.and...me.apk
android-11-x64
1com.nd.hil...ac.apk
android-9-x86
6com.nd.hil...ac.apk
android-10-x64
7com.nd.hil...ac.apk
android-11-x64
7com.nd.hil...ca.apk
android-9-x86
6com.nd.hil...ca.apk
android-10-x64
7com.nd.hil...ca.apk
android-11-x64
7nd.apk
android-9-x86
nd.apk
android-10-x64
nd.apk
android-11-x64
Analysis
-
max time kernel
139s -
max time network
195s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
18-06-2024 06:29
Static task
static1
Behavioral task
behavioral1
Sample
bb1ab6ce6f0e4e56baafe4f311b89511_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
bb1ab6ce6f0e4e56baafe4f311b89511_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
bb1ab6ce6f0e4e56baafe4f311b89511_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral4
Sample
PandaHome2.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral5
Sample
PandaHome2.apk
Resource
android-33-x64-arm64-20240611.1-en
Behavioral task
behavioral6
Sample
com.nd.android.widget.pandahome.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral7
Sample
com.nd.android.widget.pandahome.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral8
Sample
com.nd.android.widget.pandahome.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral9
Sample
com.nd.hilauncherdev.plugin.browser_V_4_M_f098eb78edf38f1234dbc177c54037ac.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral10
Sample
com.nd.hilauncherdev.plugin.browser_V_4_M_f098eb78edf38f1234dbc177c54037ac.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral11
Sample
com.nd.hilauncherdev.plugin.browser_V_4_M_f098eb78edf38f1234dbc177c54037ac.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral12
Sample
com.nd.hilauncherdev.plugin.navigation_V_15_M_f9116e80f80655ce754d9e54d0da57ca.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral13
Sample
com.nd.hilauncherdev.plugin.navigation_V_15_M_f9116e80f80655ce754d9e54d0da57ca.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral14
Sample
com.nd.hilauncherdev.plugin.navigation_V_15_M_f9116e80f80655ce754d9e54d0da57ca.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral15
Sample
nd.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral16
Sample
nd.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral17
Sample
nd.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
com.nd.hilauncherdev.plugin.navigation_V_15_M_f9116e80f80655ce754d9e54d0da57ca.apk
-
Size
771KB
-
MD5
a435c9750bcfc45844495839fe48788d
-
SHA1
1cd299bb6c3de10d88024337bad42a9384ade401
-
SHA256
48a86092acb220b35bf26a8bce521243470130fc27ed04e8a2441e8f78872545
-
SHA512
1b18fe3f946d90e1fd03c965d31b210454338ea0fa1d181cceaef027e08837c9be26e897f5ad15aad587e00a4b9b31675388691ef5c806f24898c781b7959f7d
-
SSDEEP
12288:Cu2F5fdMgUnub0ls4b5Y1z6AzpXPtVoMWVh0TgdFyTuIAwLa61uz4KAA+aAU:dejM5a0ls4EdT7WVRwyIvm611VPU
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.nd.hilauncherdev.plugin.navigationdescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.nd.hilauncherdev.plugin.navigation -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.nd.hilauncherdev.plugin.navigationdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.nd.hilauncherdev.plugin.navigation -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.nd.hilauncherdev.plugin.navigationdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.nd.hilauncherdev.plugin.navigation -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.nd.hilauncherdev.plugin.navigationdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.nd.hilauncherdev.plugin.navigation -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.nd.hilauncherdev.plugin.navigationdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.nd.hilauncherdev.plugin.navigation -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.nd.hilauncherdev.plugin.navigationdescription ioc process File opened for read /proc/meminfo com.nd.hilauncherdev.plugin.navigation
Processes
-
com.nd.hilauncherdev.plugin.navigation1⤵
- Obtains sensitive information copied to the device clipboard
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:5062
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD5944de3a2685b0756d2ba9881fb3bb7e1
SHA14e5280daee733f93a45b4058c43dde9f15235920
SHA256d9f25313270e54836bd13a4252b7667a7863dab346824417d98085b0f411d740
SHA51236aab7c34034401b2e793cddcacff1b80cd2e4c10690c3f99d35f6aed50289836a866dca90051f12de63bf0fe1a8463ff7cb1195d621eaa1a254ff3b18d0d86d
-
Filesize
512B
MD5cb4c447d238bc64e2261a89b640fa2e8
SHA1eccd10a605ef2f1369ec1e3df1804c804f49b8de
SHA2566c4f737d651c6c3cd5d700ff02f66029047d1a6c1dc053d1a698fb2e11e8e7bb
SHA512f014d86333e9f2394c4a9f62f198f196a3a32a7b69238aab5d60ca262d0d20b9aa73205aa495d797c9c904b6a3df6662c84bfd6b804560e1c45c56a1f209d5d8
-
Filesize
8KB
MD5814f4b9196966661ee7ab5fd1fbe13ef
SHA15faabb49c10b810948995f6bb92fd0f35372bf4c
SHA2568f00711d5f6b5cca880e283c728aaed9dd2de093c553cfd4c7678caa186aaec3
SHA51202b618d0835415529bd2b8d04837ca681d388e586d383db72d32261ab3f9a47e136d3d3843c19071f9f03022ae0fa7ba6ffada94af5e0b9c61ba1df6d72b595b
-
Filesize
8KB
MD5d1169f45353d2c08dbf3fbf08c15bd92
SHA141f228b0e8fd5b5afdf19c3a84a9263458d38000
SHA2569a72f7f9e4d371e72e24cd0b9e306cd99634dcab83a8f5f25e605eadeb448838
SHA512d97a4a6e3836016b11a3c3496332a195589333f151cc15e52322a721916ff46be59ce66da59484416427915c2d6daf01d36f6354829ca018813a5cbc060a124f
-
Filesize
3KB
MD514adace71e0e91482a993c6bf1698756
SHA1614e2892a8a77076e935d1813c4b8c9ccf16289e
SHA256eeec618629b5ea5e946c7b61bd6ce7b9dbaddb92a193376355ccf64663a9aaaf
SHA512b0d0d65dbded382229556f2de57805e930e6ea2aba7ff374456506c099beab9660b9d5ddd010396789ff49b975d382c0c79c7c511141b9caf6e9964f59d0c7c1
-
Filesize
2KB
MD575762b1d4cf1f49bd6b036b4a4d3d6ed
SHA165ebf30194b63374e40d81b40839bc694a6c8a91
SHA256046739d4f217e457aa30598dde39fadf14ccb6e71cc1e8bca6c821682933da43
SHA512b7fa68b5308e71c3c56f9fe7e6a21e3623aab91827cdbc2453e68e38e93870c0e5416f8365643d7093086d2c742f79f211054632f0bcc77861b47f9a94caeb4b