6c16f74852acda35f9f23ae1e8b403fd4346cab780aa87648245f1ebe6748782

Analysis

max time kernel
114s
max time network
187s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
27/06/2024, 08:34

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6C16F74852ACDA35F9F23AE1E8B403FD4346CAB780AA87648245F1EBE6748782.apk
Size

6.7MB
MD5

7b246583c74aa63c13b1e4d4d4ad718e
SHA1

6cc9aa1ff041fb7162debcff2dc3787bdb6707b2
SHA256

6c16f74852acda35f9f23ae1e8b403fd4346cab780aa87648245f1ebe6748782
SHA512

925401adad913d31a044a7d5a292de823467e61b0786bc82d74967d6948d1e5132168422994389e781d6763b3a6e27ea79c86d08f8e65a3b9fe1904ac6ccac84
SSDEEP

196608:2P9yuY7CuJFbNQxe4HgP+XL23Gwt8SWKE9xSMPY1uuGh:sytCuiM4Hn9SlE9oMABGh

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.lenzetech.traxxitt/.jiagu/classes.dex	4636	com.lenzetech.traxxitt
/data/user/0/com.lenzetech.traxxitt/.jiagu/classes.dex!classes2.dex	4636	com.lenzetech.traxxitt

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.lenzetech.traxxitt

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.lenzetech.traxxitt

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.lenzetech.traxxitt

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.lenzetech.traxxitt

com.lenzetech.traxxitt
1⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Checks CPU information
- Checks memory information
PID:4636

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.lenzetech.traxxitt/.oabugaij/.fsgkea

Filesize
1B

MD5
01abfc750a0c942167651c40d088531d

SHA1
d08f88df745fa7950b104e4a707a31cfce7b5841

SHA256
334359b90efed75da5f0ada1d5e6b256f4a6bd0aee7eb39c0f90182a021ffc8b

SHA512
d369286ac86b60fa920f6464d26becacd9f4c8bd885b783407cdcaa74fafd45a8b56b364b63f6256c3ceef26278a1c7799d4243a8149b5ede5ce1d890b5c7236

Download Submit
/data/user/0/com.lenzetech.traxxitt/.jiagu/classes.dex

Filesize
6.0MB

MD5
475303cadc663da9a26e7c83b4708953

SHA1
ebab9bf385b75e1fe6a351d96c1adea584ef367e

SHA256
f7f61da5dbefb0cbba4d393f5e38e9ead640b0e912f99b509aa3f62994cee60e

SHA512
e7580346cb38e55a34eff00128a795c0bfd6d0ad862704d7e23ee78ef87c1531238b738a14fbd6395975670714279c1dd407f1a1e4c9003d52bbea9cc513fa06

Download Submit
/data/user/0/com.lenzetech.traxxitt/.jiagu/classes.dex!classes2.dex

Filesize
730KB

MD5
a9e7e42fb39d032ae836859fbb3dd985

SHA1
de6aeb9f64d8176d3a8bc15165a7d620d36e1744

SHA256
a76a30f8ef4c475eb89c24e7172b785e7e46978334c4e5ed92f99ef1bd084fbb

SHA512
1b12e0b585e5390c953ce160d8c296d39e4734eb78a99e34b211b71fe8ed59b86007d3dedbbfad111c8837b0012e1c61f8fa6356ad2eda6feef7b63313ce7870

Download Submit
/data/user/0/com.lenzetech.traxxitt/.jiagu/libjiagu.so

Filesize
495KB

MD5
de685970891708f6edfd18f03c6557ba

SHA1
ac50f88327652a72df73d43e9260faf169283c34

SHA256
b3124a6f192e562313f1e2d24b292852d4eb87cbe95dccd1d94b3a0540c0c11e

SHA512
cd56aa34265252c1457e28f442872dfaedc897607b816526de7e76c88ea00c24feb3542c21be7dc587b58df8ccbb1e045d3533741981212eac4d704143bfffe0

Download Submit
/data/user/0/com.lenzetech.traxxitt/.jiagu/libjiagu_64.so

Filesize
526KB

MD5
f3f377aff0413b6667306b3ad51a032e

SHA1
0e03658be45eb84be83a147329b82885da1b4702

SHA256
78bf69f4b3eea98355f96ae381547380263beb136fe29d630e2e3216780fdac8

SHA512
a23a89fb8721736f4c82f779f515fc2f702c0d98d696911802d57600ba4066762ade878535abdff7ba529e167d035f7b97e829dc3e1b7d04825b00d31f7d3b0b

Download Submit
/data/user/0/com.lenzetech.traxxitt/databases/demo1.db

Filesize
32KB

MD5
fec332f894d14d27f4d8fe38092cf659

SHA1
58adfcae2dbe89421d05a0b3e656857f190438b6

SHA256
274dfedd117375607009224f699975d0fd6d1d47e9ce87f7b4e06c51b859706d

SHA512
a332c152db25e854545bfea8db70fc8c3c0e321cc20ace6276ea094ed6f999f8f361eb85cb87fab119c259b1771dd8d61afb7fb51ce1e2d4740a567ae3c3ce6e

Download Submit
/data/user/0/com.lenzetech.traxxitt/databases/demo1.db-journal

Filesize
512B

MD5
cd75633851a5ac1e598d836ed0b52fba

SHA1
e4014a385ae5664a0ba59fb9430fa901a8395ed7

SHA256
33552c5f7ad829187b706ba1d95d60b9feae4388eb2f68af4bfc8b0905cb0be2

SHA512
e195c036ff9450fb20b9125b4a9385e15cec4e052d4a71220ed7e949456d4b4306d1b3ae664ed01e8ce6851db7fc6b31530782008d6c63bfb29172bd115dd7cc

Download Submit
/data/user/0/com.lenzetech.traxxitt/databases/demo1.db-journal

Filesize
8KB

MD5
a1448536d474c386b38c8a8b479520fa

SHA1
40531ab362d25a16112b44c401edd2e0b19a8557

SHA256
a2e714640a7cd2e672292f21a50ae58fa12f3cb841d9c74dc4acd4a896e00e76

SHA512
bdd969c90cbd00dc97b9cc6a49183a424c4cb621d397d56f38969ef3b822530c676759946af4452af5ff7a6b11d53306a760b519b9b7df5a8e31cd7c53a04058

Download Submit
/data/user/0/com.lenzetech.traxxitt/databases/demo1.db-journal

Filesize
8KB

MD5
2cb3ca792691b452afd52cbf61aca723

SHA1
1024d417dcca952e5c832b0b78661805a4eba5bc

SHA256
f278774c3cc667e31bac6c60a29f64f160bc3888f5b5a64f0780406b24aa84ab

SHA512
a612c9cb501efcf27f12c74337c3006fe97cc95d55532e315f3c866dd8c748dd0d0dbaf9e80fa192edb7427b7835dcbbc89cfe423b218325f1e0116d4085786a

Download Submit
/data/user/0/com.lenzetech.traxxitt/databases/demo1.db-journal

Filesize
12KB

MD5
b3d255ff1e7ea51840d4206b1c68397a

SHA1
863e3b3b68899a1b41941b3a45b0faa2cfafcc99

SHA256
c82b798ff8560bbccc16aeaaa8b76dc33c923c748d35c8e1f24fbee09d2282cf

SHA512
b313ec540da7e7272026b0c6c6a17b44dd0ef30cf7dbc6ffcee196fbb708fa41a59169021dff49dc925fcc1660b68d5c08c8c8d2dfd2acfb20a9f418ad824a0b

Download Submit
/data/user/0/com.lenzetech.traxxitt/files/.jglogs/.jg.ac

Filesize
32B

MD5
d8cb48ab4d605d78e63e87b77b163358

SHA1
24642929b9ffd30f6b49a5576019057acb2273f0

SHA256
4c28e36cc90be70b3a62baf49c3f5c86e09595016dca5fe8327206fe7835b59f

SHA512
a728af196c7f6d60c4af9f74ca1f2d2027c989d0a4359da32cbbca8a9b4bffba2388e1203f093a035a4874e6907c7e16977e038bd08ad3588eaa015b65e8333e

Download Submit
/data/user/0/com.lenzetech.traxxitt/files/.jglogs/.jg.ic

Filesize
32B

MD5
20a64a4e6b8c088cfbf28b62a0824ad2

SHA1
ad4ae5b07036c85f50468949de08e3f26fb32f5a

SHA256
fdabeb4a0404d524488ab0b9d88ab1c4bc7a6b87ca70794c5d67bd9e463a0b90

SHA512
24f8684b3d19f9c152ff788969e717bfcaaf35774514dda8e6d3d7055cc4471f8204b6de322857c2a4ff957dc808637607be6ee9bc7902ad082843ec77efc561

Download Submit
/data/user/0/com.lenzetech.traxxitt/files/.jglogs/.jg.pk

Filesize
32B

MD5
e695ca8e1241af7ca38605ec9cfc5f7f

SHA1
582676750af9552764d27b04b48ab7b97b396ee5

SHA256
028a30b8a948d21808e1de98f535968221c1a5e6d0cbab2968320efe09308d58

SHA512
f029679c7a50b8498e316283a7a8636c10448503bd8e2c7fcf79a431c197b6ec4db5ea8a00579a12ffe7949219475dfe5fa68f793722c37526c99015384bb668

Download Submit
/data/user/0/com.lenzetech.traxxitt/files/.jglogs/.jg.pk.h

Filesize
64B

MD5
a52f5c2c023dc0a3fcf4aebdbe619990

SHA1
821f793c91a21975424f7a8eecd777138f96a77a

SHA256
ed67bb8a6f72a00a6ce3b684701975372848521c4ff45d18bfc09fab61534a50

SHA512
310ec074eb8dcafe649524ce594566c82f3ee8da491300bfe34a7ca5b7e570b5e8d9b86653c0ec2fabe47f9d5d35ba342bfe1320cbc8963d999b5aab0472061d

Download Submit
/data/user/0/com.lenzetech.traxxitt/files/.jglogs/.jg.rd

Filesize
32B

MD5
e424adb58240068dc79642da5159adec

SHA1
45b9f65bf01d80d850f30eb41b6e710678abcd9c

SHA256
c69b70e604a25c040146ca9b1e3831a5607c993bef137ced3ada6ad183289fad

SHA512
4dec96b72e4bef7ca6c8e4b9a53114e0a71913381a15f3ce91f97efe257701ae4fbae428a9205a23628704239be5f3c3459239c50490261534a04555ff299106

Download Submit
/data/user/0/com.lenzetech.traxxitt/files/.jglogs/.jg.ri

Filesize
307B

MD5
727e93077ffd1afb9e83a394639c0c12

SHA1
f3f7426ac92534ea7f44d337df5a6866a9e57bd5

SHA256
8e8b4a5bd4bdf1d5f668ee27d4d947606c725031db20440fa9835284b12add5a

SHA512
38321c5edb572b4df1f417bbd30b8223e4950fb97ed9ffc248b3512e0c7453cd089a2a8915d750ef8bf7bb0a0610d67a2c20e5accfb0f7ad183e21507d32ca49

Download Submit
/data/user/0/com.lenzetech.traxxitt/files/.jglogs/.jg.ri

Filesize
314B

MD5
85b6be84873db07818d3914981e130df

SHA1
386e60ec1d4862a97872de948bc13d317f4b19b8

SHA256
5a6ef78466f2b54e051ba76d407d78d5314057349ab8054ec833af08c29051d0

SHA512
c6a9a863d2c8d1408b724e47905467f880a04e7673778ca8df3f22719dc4848d8f40b8adfc9c5533bf46f8728e17a9562d3f79b30ad61ef0f131eb71b25f898f

Download Submit
/data/user/0/com.lenzetech.traxxitt/files/.jglogs/.jg.store.report_pid

Filesize
32B

MD5
48337302036d1f3bb2c18d7fb2ba1cb5

SHA1
69a623bb1af4c4582350a13126781d6b72366a56

SHA256
8f8f312fcba13eddefe22245e450cf4fd17260662cfb6782d183d90628056485

SHA512
91ccc820eba1768aadb58d0877b6faf70a8164885f538f7f3f54090c93d37a0b00a3fda53e6add0dd40fa82ddabb0f1e4340117b1cd5973b5dd004f524e89339

Download Submit
/data/user/0/com.lenzetech.traxxitt/files/.jiagu.lock

Filesize
27B

MD5
2f16bf8b0366fbbff0b9a6a0d63312ce

SHA1
ea68c5b8147d7deea05c5fb85a1146c34b29d337

SHA256
9aeb1fa4f7e5ea99ea51534fb55c32b3bdd914e781ce4b438868c9b31fcb2e50

SHA512
1902edd7509b406c685009f310fe6a451cbba0ad2a703cd1a7e39b7976a5dd1d158842b34dda360b2900636735a142eee261e26725b310a7b084bc887b4b94d0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads