6c16f74852acda35f9f23ae1e8b403fd4346cab780aa87648245f1ebe6748782

Analysis

max time kernel
101s
max time network
173s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
27-06-2024 08:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6C16F74852ACDA35F9F23AE1E8B403FD4346CAB780AA87648245F1EBE6748782.apk
Size

6.7MB
MD5

7b246583c74aa63c13b1e4d4d4ad718e
SHA1

6cc9aa1ff041fb7162debcff2dc3787bdb6707b2
SHA256

6c16f74852acda35f9f23ae1e8b403fd4346cab780aa87648245f1ebe6748782
SHA512

925401adad913d31a044a7d5a292de823467e61b0786bc82d74967d6948d1e5132168422994389e781d6763b3a6e27ea79c86d08f8e65a3b9fe1904ac6ccac84
SSDEEP

196608:2P9yuY7CuJFbNQxe4HgP+XL23Gwt8SWKE9xSMPY1uuGh:sytCuiM4Hn9SlE9oMABGh

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/data/com.lenzetech.traxxitt/.jiagu/classes.dex	5054	com.lenzetech.traxxitt
/data/data/com.lenzetech.traxxitt/.jiagu/classes.dex!classes2.dex	5054	com.lenzetech.traxxitt

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.lenzetech.traxxitt

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.lenzetech.traxxitt

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.lenzetech.traxxitt

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.lenzetech.traxxitt

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.lenzetech.traxxitt

com.lenzetech.traxxitt
1⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:5054

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.lenzetech.traxxitt/.jiagu/classes.dex

Filesize
6.0MB

MD5
475303cadc663da9a26e7c83b4708953

SHA1
ebab9bf385b75e1fe6a351d96c1adea584ef367e

SHA256
f7f61da5dbefb0cbba4d393f5e38e9ead640b0e912f99b509aa3f62994cee60e

SHA512
e7580346cb38e55a34eff00128a795c0bfd6d0ad862704d7e23ee78ef87c1531238b738a14fbd6395975670714279c1dd407f1a1e4c9003d52bbea9cc513fa06

Download Submit
/data/data/com.lenzetech.traxxitt/.jiagu/classes.dex!classes2.dex

Filesize
730KB

MD5
a9e7e42fb39d032ae836859fbb3dd985

SHA1
de6aeb9f64d8176d3a8bc15165a7d620d36e1744

SHA256
a76a30f8ef4c475eb89c24e7172b785e7e46978334c4e5ed92f99ef1bd084fbb

SHA512
1b12e0b585e5390c953ce160d8c296d39e4734eb78a99e34b211b71fe8ed59b86007d3dedbbfad111c8837b0012e1c61f8fa6356ad2eda6feef7b63313ce7870

Download Submit
/data/data/com.lenzetech.traxxitt/.jiagu/libjiagu.so

Filesize
495KB

MD5
de685970891708f6edfd18f03c6557ba

SHA1
ac50f88327652a72df73d43e9260faf169283c34

SHA256
b3124a6f192e562313f1e2d24b292852d4eb87cbe95dccd1d94b3a0540c0c11e

SHA512
cd56aa34265252c1457e28f442872dfaedc897607b816526de7e76c88ea00c24feb3542c21be7dc587b58df8ccbb1e045d3533741981212eac4d704143bfffe0

Download Submit
/data/data/com.lenzetech.traxxitt/.jiagu/libjiagu_64.so

Filesize
526KB

MD5
f3f377aff0413b6667306b3ad51a032e

SHA1
0e03658be45eb84be83a147329b82885da1b4702

SHA256
78bf69f4b3eea98355f96ae381547380263beb136fe29d630e2e3216780fdac8

SHA512
a23a89fb8721736f4c82f779f515fc2f702c0d98d696911802d57600ba4066762ade878535abdff7ba529e167d035f7b97e829dc3e1b7d04825b00d31f7d3b0b

Download Submit
/data/data/com.lenzetech.traxxitt/.oabugaij/.fsgkea

Filesize
1B

MD5
01abfc750a0c942167651c40d088531d

SHA1
d08f88df745fa7950b104e4a707a31cfce7b5841

SHA256
334359b90efed75da5f0ada1d5e6b256f4a6bd0aee7eb39c0f90182a021ffc8b

SHA512
d369286ac86b60fa920f6464d26becacd9f4c8bd885b783407cdcaa74fafd45a8b56b364b63f6256c3ceef26278a1c7799d4243a8149b5ede5ce1d890b5c7236

Download Submit
/data/data/com.lenzetech.traxxitt/databases/demo1.db

Filesize
32KB

MD5
696c95925e862f65ef815d3056a3a468

SHA1
cfdc4aa171e533e954877813f989b4cd6f9533ec

SHA256
30cdbc5b521752e322f78668b8bb1fdb942b64153f5aaa1bddca0fc860026672

SHA512
e54684af159919692c9cb5d03c3d34b73f3b025dfe10dddf7eb1f2ffd8c6a6f5d8061c75bb19287972c994273fcd6a95ce075f5b76e196bc6f4fc2c82d05730d

Download Submit
/data/data/com.lenzetech.traxxitt/databases/demo1.db-journal

Filesize
512B

MD5
21f4fc25e7453a082333b2427e2afabb

SHA1
6e1eda24c2136450c69d35c168cb6f3836142383

SHA256
ca53612b0f0621de3e188afd03d7dcc6ad55fe21b7448b3985f83832ea0ebb16

SHA512
ec945263c27845e61b6036b75c256ac58f4589ae20725145b0e621579393509f2b5fd2a70dcbc6a0e069b12f70661aaa5fcca3f1c877a85231e1ab85b4e97139

Download Submit
/data/data/com.lenzetech.traxxitt/databases/demo1.db-journal

Filesize
8KB

MD5
6c354d8398d736122bc9f70890c6ef0d

SHA1
bfc815069f93a5b0d7f82663b76a0918cd51a98d

SHA256
8decd8bd8b3d2184d0a432fdc258a8a956b2ac74f8b10a9b10a386bde9c9e376

SHA512
8d13c9aa7f65b87af84b06bb53f9fdc17dd8512e5e8c31b0c6e3a23f6113fab6b14ca50b36c1f290f0614186707c6b4d6978897dd06b0770f5718f08c2368af8

Download Submit
/data/data/com.lenzetech.traxxitt/databases/demo1.db-journal

Filesize
8KB

MD5
8d5f5008ccda68f6f340db28df2a4d92

SHA1
2eb8fc0088b178a87a46f879b46858f818e0e275

SHA256
e17f51f96d3d8ad2316c31eaf5244bbb85941212ed8f139a4c75c787af772b1e

SHA512
969b67fa002fbd8df0bf57a56ec5c1a7563889ccb546440694e0b2b0fcf9a4914c969bf2f5d69de49a0ca770c5d254302c397d6111ecdac611b00d916004da65

Download Submit
/data/data/com.lenzetech.traxxitt/databases/demo1.db-journal

Filesize
12KB

MD5
94d68770e763c9ee55eb4a49b4e41dc6

SHA1
1f21756b64627469ae7a708c1e82c81e51a1f1cc

SHA256
c63def9f635f8b523855a54a8458b29ded52eb496734f1514ff0b69ae0f0bb82

SHA512
5b3b7b388afd549e537bcc0f583e1b9b8300877aecc3f1496848502b723307c8a268d3018fffcc31465fb706428a1fbc31d4cfd544c8516c442ad2ef93d2a6a1

Download Submit
/data/data/com.lenzetech.traxxitt/files/.jglogs/.jg.ac

Filesize
32B

MD5
d8cb48ab4d605d78e63e87b77b163358

SHA1
24642929b9ffd30f6b49a5576019057acb2273f0

SHA256
4c28e36cc90be70b3a62baf49c3f5c86e09595016dca5fe8327206fe7835b59f

SHA512
a728af196c7f6d60c4af9f74ca1f2d2027c989d0a4359da32cbbca8a9b4bffba2388e1203f093a035a4874e6907c7e16977e038bd08ad3588eaa015b65e8333e

Download Submit
/data/data/com.lenzetech.traxxitt/files/.jglogs/.jg.ic

Filesize
32B

MD5
20a64a4e6b8c088cfbf28b62a0824ad2

SHA1
ad4ae5b07036c85f50468949de08e3f26fb32f5a

SHA256
fdabeb4a0404d524488ab0b9d88ab1c4bc7a6b87ca70794c5d67bd9e463a0b90

SHA512
24f8684b3d19f9c152ff788969e717bfcaaf35774514dda8e6d3d7055cc4471f8204b6de322857c2a4ff957dc808637607be6ee9bc7902ad082843ec77efc561

Download Submit
/data/data/com.lenzetech.traxxitt/files/.jglogs/.jg.pk

Filesize
32B

MD5
e695ca8e1241af7ca38605ec9cfc5f7f

SHA1
582676750af9552764d27b04b48ab7b97b396ee5

SHA256
028a30b8a948d21808e1de98f535968221c1a5e6d0cbab2968320efe09308d58

SHA512
f029679c7a50b8498e316283a7a8636c10448503bd8e2c7fcf79a431c197b6ec4db5ea8a00579a12ffe7949219475dfe5fa68f793722c37526c99015384bb668

Download Submit
/data/data/com.lenzetech.traxxitt/files/.jglogs/.jg.pk.h

Filesize
64B

MD5
a52f5c2c023dc0a3fcf4aebdbe619990

SHA1
821f793c91a21975424f7a8eecd777138f96a77a

SHA256
ed67bb8a6f72a00a6ce3b684701975372848521c4ff45d18bfc09fab61534a50

SHA512
310ec074eb8dcafe649524ce594566c82f3ee8da491300bfe34a7ca5b7e570b5e8d9b86653c0ec2fabe47f9d5d35ba342bfe1320cbc8963d999b5aab0472061d

Download Submit
/data/data/com.lenzetech.traxxitt/files/.jglogs/.jg.rd

Filesize
32B

MD5
e424adb58240068dc79642da5159adec

SHA1
45b9f65bf01d80d850f30eb41b6e710678abcd9c

SHA256
c69b70e604a25c040146ca9b1e3831a5607c993bef137ced3ada6ad183289fad

SHA512
4dec96b72e4bef7ca6c8e4b9a53114e0a71913381a15f3ce91f97efe257701ae4fbae428a9205a23628704239be5f3c3459239c50490261534a04555ff299106

Download Submit
/data/data/com.lenzetech.traxxitt/files/.jglogs/.jg.ri

Filesize
307B

MD5
389af8f368319c381a70ab12d96ec309

SHA1
45b98e3031e0ab836d1a1cb06474f1e551f3f03a

SHA256
e54eecfaeea14d6e4e410b05ec4edbd8b387e25f6282fff8c5e8c1c5954a16df

SHA512
5370f4cff297812fda7912335a86f6668ccd41b39680c207fbccf90d7d0c6cba0360c75d4289d4babd59a422be0c78f78c527451a8f406ad644614b01855f53a

Download Submit
/data/data/com.lenzetech.traxxitt/files/.jglogs/.jg.ri

Filesize
314B

MD5
36ada3f48eb6f42cf7e7882371ebdf19

SHA1
0e177c507f3dd6bb048167fbf1baf5a78571d030

SHA256
b060ab0d378a95f27b93dc016c9a174c32c3ac3b386545e7bbb10a677bab1fb4

SHA512
c7252ea65cc310ee190679b689a24b07f8d8c876a26f6f77d591d539170b2ba0eae9d27b07b79fb25cb9bc07dd2a5b92511767c7f8ec7633a8c7c1b2e79b6e3e

Download Submit
/data/data/com.lenzetech.traxxitt/files/.jglogs/.jg.store.report_pid

Filesize
32B

MD5
48337302036d1f3bb2c18d7fb2ba1cb5

SHA1
69a623bb1af4c4582350a13126781d6b72366a56

SHA256
8f8f312fcba13eddefe22245e450cf4fd17260662cfb6782d183d90628056485

SHA512
91ccc820eba1768aadb58d0877b6faf70a8164885f538f7f3f54090c93d37a0b00a3fda53e6add0dd40fa82ddabb0f1e4340117b1cd5973b5dd004f524e89339

Download Submit
/data/data/com.lenzetech.traxxitt/files/.jiagu.lock

Filesize
27B

MD5
5b35a152dc9db79e5b5143b6cc4d9a79

SHA1
98f4798eb2c9223c02f11aa36071ced4d40373a3

SHA256
a1233e94bb18cf4e81f672b094202d06ddc1e787f5d3efb39e82b18453ee5634

SHA512
a1c7e95507c05248eb8294cd4af16357db6d233bb4265b33d8027307ccdd1b2837a0ef882b224dc225c8deffadf9d14b57737c159418bea7212f7bc85f34f5f8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads