Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

0836ecdb2f...18.apk

android-9-x86

8

0836ecdb2f...18.apk

android-10-x64

8

0836ecdb2f...18.apk

android-11-x64

8

PandaHome2.apk

android-9-x86

8

PandaHome2.apk

android-11-x64

7

com.nd.and...me.apk

android-9-x86

1

com.nd.and...me.apk

android-10-x64

1

com.nd.and...me.apk

android-11-x64

1

com.nd.hil...ba.apk

android-9-x86

1

com.nd.hil...ba.apk

android-10-x64

6

com.nd.hil...ba.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0836ecdb2fd907095258ad32d2106a41_JaffaCakes118

  • Size

    11.9MB

  • Sample

    241002-bnacwatdpb

  • MD5

    0836ecdb2fd907095258ad32d2106a41

  • SHA1

    e22f85d5d8eaa48dc404c8a71a787b6992b3222a

  • SHA256

    132b93bcd9ee444f0bd68dc7c8c7408e1b4441f6774a10747143123388f951d9

  • SHA512

    16138d70f19d0009b8ae41bde5c4799e560c6d3a19bcbdb3789cbcc07b8d7e9fbf3f6d4a17284afd980d9cc897181c6c7063e6510c125ab262f661af93d4bdbc

  • SSDEEP

    196608:H8Ib1RI15raimP1Ibqy5LEASqZTHg+o453iM+tponqufr+3FsTMmk6k2:L7I1BaimP1ZL45dquaF8

Score
8/10
androidcollectioncredential_accessdiscoveryevasionimpactpersistenceupx

Malware Config

Targets

    • Target

      0836ecdb2fd907095258ad32d2106a41_JaffaCakes118

    • Size

      11.9MB

    • MD5

      0836ecdb2fd907095258ad32d2106a41

    • SHA1

      e22f85d5d8eaa48dc404c8a71a787b6992b3222a

    • SHA256

      132b93bcd9ee444f0bd68dc7c8c7408e1b4441f6774a10747143123388f951d9

    • SHA512

      16138d70f19d0009b8ae41bde5c4799e560c6d3a19bcbdb3789cbcc07b8d7e9fbf3f6d4a17284afd980d9cc897181c6c7063e6510c125ab262f661af93d4bdbc

    • SSDEEP

      196608:H8Ib1RI15raimP1Ibqy5LEASqZTHg+o453iM+tponqufr+3FsTMmk6k2:L7I1BaimP1ZL45dquaF8

    Score
    8/10
    persistenceupx

    • Patched UPX-packed file

      Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

    • Requests dangerous framework permissions

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2behavioral3

    • Target

      PandaHome2.mp3

    • Size

      9.7MB

    • MD5

      4d4a759871446a557d56560a5554a096

    • SHA1

      2cec9b00c6c12fbae28028a17e54d0a63049d3c2

    • SHA256

      abc5b401fbd50c7bf87f19bdb8b3fce936beb2000f88a3ba6a004c1a8be331b3

    • SHA512

      12bf8bf71cff1c4a439e1b50a73e9f2da6a1efb5de306d9982d90a40c3e45f06071ce872da132dacd9b12b34466e8e1316e3a67aee90791fa7e40aeb272fa279

    • SSDEEP

      196608:k8Ib1RI15raimP1Ibqy5LEASqZTHg+o453iM+tponqufr+3FsTMmkl:U7I1BaimP1ZL45dquaFT

    Score
    8/10
    collectiondiscoveryevasionimpactpersistencecredential_access

    • Checks if the Android device is rooted.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral4behavioral5

    • Target

      com.nd.android.widget.pandahome.flashlight

    • Size

      491KB

    • MD5

      3fa34493f349e5e15867565474a2c3ac

    • SHA1

      496411162fa2ca715051e1cc73d9196b422b2c98

    • SHA256

      f72eacceae58f5b3cfac40064a04389eedad6dfe44566447656302f5fb8e5422

    • SHA512

      ca2715f1f24a33ed46d9bf39d0a9f39dbbd07fbe214fa972c78e427ef2e91e1dc01e3ec673f146ee41d4c5afc6c6b9596ed7e1716c89767c7920b4a2a143fdae

    • SSDEEP

      6144:pMvJv55KCI7JhTX3MI4O4ma1btfj3JJEEDTkxj5TyArkn2uGv+pHyWn/siEER53T:pMhX8h4HFtFJNwj/uG2pHya0ivdP25u

    Score
    1/10
    behavioral6behavioral7behavioral8

    • Target

      com.nd.hilauncherdev.plugin.navigation_V_22_M_9faf7075e08033fcfcfea572ac0548ba.jar

    • Size

      901KB

    • MD5

      01d8431923f1ea4428c9686e208278b9

    • SHA1

      a9347f8325422181405cfdff233e91f9feeaa9c5

    • SHA256

      086f6315c4879ca33db63503659696647bfc89efda85d6edc77b000b4fc5c55a

    • SHA512

      912b4f3fa66e77651933717ca96a1b2bc20e3ab372c6dca71745f99662de48466c66b9cd48bf19ef7a850fc9b70486ff35d415e531ef62e43f0b372ea8c472d4

    • SSDEEP

      12288:RYNnku7f7alkPqZ01WusqaDPuC9KfRBz/YmlA5Rz/PDW2hOCHhSECLaWNC7Tm:yNkuHaSPq4Wusq1rOz98CHK2WI7Tm

    Score
    6/10
    discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery
    behavioral10behavioral11behavioral9

MITRE ATT&CK Mobile v15

Tasks