Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
8Static
static
80836ecdb2f...18.apk
android-9-x86
80836ecdb2f...18.apk
android-10-x64
80836ecdb2f...18.apk
android-11-x64
8PandaHome2.apk
android-9-x86
8PandaHome2.apk
android-11-x64
7com.nd.and...me.apk
android-9-x86
1com.nd.and...me.apk
android-10-x64
1com.nd.and...me.apk
android-11-x64
1com.nd.hil...ba.apk
android-9-x86
1com.nd.hil...ba.apk
android-10-x64
6com.nd.hil...ba.apk
android-11-x64
1General
-
Target
0836ecdb2fd907095258ad32d2106a41_JaffaCakes118
-
Size
11.9MB
-
Sample
241002-bnacwatdpb
-
MD5
0836ecdb2fd907095258ad32d2106a41
-
SHA1
e22f85d5d8eaa48dc404c8a71a787b6992b3222a
-
SHA256
132b93bcd9ee444f0bd68dc7c8c7408e1b4441f6774a10747143123388f951d9
-
SHA512
16138d70f19d0009b8ae41bde5c4799e560c6d3a19bcbdb3789cbcc07b8d7e9fbf3f6d4a17284afd980d9cc897181c6c7063e6510c125ab262f661af93d4bdbc
-
SSDEEP
196608:H8Ib1RI15raimP1Ibqy5LEASqZTHg+o453iM+tponqufr+3FsTMmk6k2:L7I1BaimP1ZL45dquaF8
Behavioral task
behavioral1
Sample
0836ecdb2fd907095258ad32d2106a41_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
0836ecdb2fd907095258ad32d2106a41_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
0836ecdb2fd907095258ad32d2106a41_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral4
Sample
PandaHome2.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral5
Sample
PandaHome2.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral6
Sample
com.nd.android.widget.pandahome.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral7
Sample
com.nd.android.widget.pandahome.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral8
Sample
com.nd.android.widget.pandahome.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral9
Sample
com.nd.hilauncherdev.plugin.navigation_V_22_M_9faf7075e08033fcfcfea572ac0548ba.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral10
Sample
com.nd.hilauncherdev.plugin.navigation_V_22_M_9faf7075e08033fcfcfea572ac0548ba.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral11
Sample
com.nd.hilauncherdev.plugin.navigation_V_22_M_9faf7075e08033fcfcfea572ac0548ba.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
0836ecdb2fd907095258ad32d2106a41_JaffaCakes118
-
Size
11.9MB
-
MD5
0836ecdb2fd907095258ad32d2106a41
-
SHA1
e22f85d5d8eaa48dc404c8a71a787b6992b3222a
-
SHA256
132b93bcd9ee444f0bd68dc7c8c7408e1b4441f6774a10747143123388f951d9
-
SHA512
16138d70f19d0009b8ae41bde5c4799e560c6d3a19bcbdb3789cbcc07b8d7e9fbf3f6d4a17284afd980d9cc897181c6c7063e6510c125ab262f661af93d4bdbc
-
SSDEEP
196608:H8Ib1RI15raimP1Ibqy5LEASqZTHg+o453iM+tponqufr+3FsTMmk6k2:L7I1BaimP1ZL45dquaF8
Score8/10-
Patched UPX-packed file
Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.
-
Requests dangerous framework permissions
-
-
-
Target
PandaHome2.mp3
-
Size
9.7MB
-
MD5
4d4a759871446a557d56560a5554a096
-
SHA1
2cec9b00c6c12fbae28028a17e54d0a63049d3c2
-
SHA256
abc5b401fbd50c7bf87f19bdb8b3fce936beb2000f88a3ba6a004c1a8be331b3
-
SHA512
12bf8bf71cff1c4a439e1b50a73e9f2da6a1efb5de306d9982d90a40c3e45f06071ce872da132dacd9b12b34466e8e1316e3a67aee90791fa7e40aeb272fa279
-
SSDEEP
196608:k8Ib1RI15raimP1Ibqy5LEASqZTHg+o453iM+tponqufr+3FsTMmkl:U7I1BaimP1ZL45dquaFT
-
Checks if the Android device is rooted.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
-
-
Target
com.nd.android.widget.pandahome.flashlight
-
Size
491KB
-
MD5
3fa34493f349e5e15867565474a2c3ac
-
SHA1
496411162fa2ca715051e1cc73d9196b422b2c98
-
SHA256
f72eacceae58f5b3cfac40064a04389eedad6dfe44566447656302f5fb8e5422
-
SHA512
ca2715f1f24a33ed46d9bf39d0a9f39dbbd07fbe214fa972c78e427ef2e91e1dc01e3ec673f146ee41d4c5afc6c6b9596ed7e1716c89767c7920b4a2a143fdae
-
SSDEEP
6144:pMvJv55KCI7JhTX3MI4O4ma1btfj3JJEEDTkxj5TyArkn2uGv+pHyWn/siEER53T:pMhX8h4HFtFJNwj/uG2pHya0ivdP25u
Score1/10 -
-
-
Target
com.nd.hilauncherdev.plugin.navigation_V_22_M_9faf7075e08033fcfcfea572ac0548ba.jar
-
Size
901KB
-
MD5
01d8431923f1ea4428c9686e208278b9
-
SHA1
a9347f8325422181405cfdff233e91f9feeaa9c5
-
SHA256
086f6315c4879ca33db63503659696647bfc89efda85d6edc77b000b4fc5c55a
-
SHA512
912b4f3fa66e77651933717ca96a1b2bc20e3ab372c6dca71745f99662de48466c66b9cd48bf19ef7a850fc9b70486ff35d415e531ef62e43f0b372ea8c472d4
-
SSDEEP
12288:RYNnku7f7alkPqZ01WusqaDPuC9KfRBz/YmlA5Rz/PDW2hOCHhSECLaWNC7Tm:yNkuHaSPq4Wusq1rOz98CHK2WI7Tm
Score6/10-
Queries the unique device ID (IMEI, MEID, IMSI)
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
1System Checks
1