9017f3327922d07afd3d20cd07488f8d98cb0d04554f41d3d195c4db3379d713

Analysis

max time kernel
8s
max time network
155s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
25/09/2024, 21:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f6dc5bd2dc2b021b45b12ef2e89e5d80_JaffaCakes118.apk
Size

30.0MB
MD5

f6dc5bd2dc2b021b45b12ef2e89e5d80
SHA1

796408b22698fe21a7d8a7499eeee8c1e9ef5bd4
SHA256

9017f3327922d07afd3d20cd07488f8d98cb0d04554f41d3d195c4db3379d713
SHA512

58096def4cfd04be8212ec5897706a965144eb8a4e36990547a0da059c2d319decf4bd6960b8e6adf3eff7c4cdd21a00f52f7af4736b3e6fdf5dca5d5d26918a
SSDEEP

786432:qdfuGNgDn4dGum61qBv0kFf47xVUs6Evxe9gPqJkIv:qMGNOijmhSQxj

Score

7^/10

evasion persistence

Malware Config

Signatures

Checks Qemu related system properties. 1 TTPs 1 IoCs

Checks for Android system properties related to Qemu for Emulator detection.

evasion

System Checks

T1633.001

description	ioc	Process
Accessed system property	key: ro.kernel.qemu	com.seconddream.cloudhunter

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.seconddream.cloudhunter

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.seconddream.cloudhunter

com.seconddream.cloudhunter
1⤵
- Checks Qemu related system properties.
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
PID:5066

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads