Unknown packers: Nagain

[circleous]

So, i just happened to see this APK on Koodous some days ago. I havent got the time for inspecting this further, but the class name has something with vdog. Google a bit about vdog+app+protect, i got Arxan App-Protect. Looks like something unrelated tho.

(sha256) b1f0143c22a588aea89d3a9c0a53fa6d8cea07dd64dec1f82d905f5599acea94

[strazzere]

Awesome thank you - I'll look into this as soon as I can. I have a few other Arxan protected applications that I can compare it against as well.

[strazzere]

This still doesn't seem to be detected by anything, if it is arxan, maybe an older version we haven't categorized yet?

[33%]tstrazzere@C02VL0NSHV2J:[~/repo/APKiD/docker] $ ./apkid.sh ~/Downloads/b1f0143c22a588aea89d3a9c0a53fa6d8cea07dd64dec1f82d905f5599acea94 
[+] APKiD 1.0.0 :: from RedNaga :: rednaga.io
[*] b1f0143c22a588aea89d3a9c0a53fa6d8cea07dd64dec1f82d905f5599acea94!classes.dex
 |-> compiler : dx

@enovella This might be interesting to you?

[CalebFenton]

It looks like a standard packer. It must not be that popular, though, as I can only find two references to it:
https://groups.google.com/forum/#!topic/android-x86/UcM95-Ehbjg (app won't install)
https://www.jianshu.com/p/19b67c263207 (getting around the packer)

[dwendt]

for the curious reader, vdog / crazydog is one of the APK protection SDKs offered by this company (another product they offer seems to be listed in the signature list as "naga" when "libddog.so" is found):

北京娜迦信息科技发展有限公司 aka NAGA•IN
http://www.nagain.com/

[enovella]

can anyone get the sample? Cannot download it from anywhere