tispy | 24350d572904568447e8d4caeeddcaf1c3b9467c6df5e436a1397051f38eee3f | Triage

Submit
Reports

Overview

overview

Static

static

6

24350d5729...3f.apk

android-9-x86

Sharing

General

Target

24350d572904568447e8d4caeeddcaf1c3b9467c6df5e436a1397051f38eee3f
Size

3.1MB
Sample

240419-cb5hxsef2t
MD5

f50bf2961a75efa697243caed447dccb
SHA1

2048fe8aea9ca83e9d76a1bb416030a2504b9cd2
SHA256

24350d572904568447e8d4caeeddcaf1c3b9467c6df5e436a1397051f38eee3f
SHA512

f8aa94966527506e764c6eec9ac0a8328c6ba5c0b9d6b6e77fc24fd90638efd3fb32907373340c9abc911d8ca3676a888bf714a2490dac3454cdd9a9d804feee
SSDEEP

98304:axeisnJaPgU/RvHAlsttL/ROuHKMnHypxE:8sJaIU6yH/JhaxE

Score

10^/10

tispy android collection discovery evasion infostealer spyware trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

24350d572904568447e8d4caeeddcaf1c3b9467c6df5e436a1397051f38eee3f.apk

Resource

android-x86-arm-20240221-en

tispy collection discovery evasion infostealer spyware trojan

android-9-x86

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  24350d572904568447e8d4caeeddcaf1c3b9467c6df5e436a1397051f38eee3f
- Size
  
  3.1MB
- MD5
  
  f50bf2961a75efa697243caed447dccb
- SHA1
  
  2048fe8aea9ca83e9d76a1bb416030a2504b9cd2
- SHA256
  
  24350d572904568447e8d4caeeddcaf1c3b9467c6df5e436a1397051f38eee3f
- SHA512
  
  f8aa94966527506e764c6eec9ac0a8328c6ba5c0b9d6b6e77fc24fd90638efd3fb32907373340c9abc911d8ca3676a888bf714a2490dac3454cdd9a9d804feee
- SSDEEP
  
  98304:axeisnJaPgU/RvHAlsttL/ROuHKMnHypxE:8sJaIU6yH/JhaxE
Score

10^/10

tispy collection discovery evasion infostealer spyware trojan
- TiSpy
  TiSpy is an Android stalkerware.
  trojan infostealer spyware tispy
- TiSpy payload
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about the current Wi-Fi connection.
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries information about the current nearby Wi-Fi networks.
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Acquires the wake lock
- Reads information about phone network operator.
  discovery
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

tispycollectiondiscoveryevasioninfostealerspywaretrojan

© 2018-2024

Terms | Privacy