General
-
Target
8cd73a00a2a5f5dfe91ccc0ae37593b379d7cf1c76d4658b43ce839219f9ee20.apk
-
Size
3.2MB
-
Sample
240425-b6afladc21
-
MD5
d2a3e9118d2be6608e0876380d0a4411
-
SHA1
65ae026a2b371487d5b1468e8346e09f73747569
-
SHA256
8cd73a00a2a5f5dfe91ccc0ae37593b379d7cf1c76d4658b43ce839219f9ee20
-
SHA512
d5d80a9f4f7059edd3709cd6b9c40c72523587bcc95352f260e15820a9871072c4dc40cca45af6248617c88f783e2429d6dc7fd22fb7f2658aeea9623cbfca53
-
SSDEEP
98304:zAl0nExyPqo6mRhNEg5eRBZxC57anWhCGVcIGJT2F6W:zjEMV6mRENx0gGFL
Malware Config
Targets
-
-
Target
8cd73a00a2a5f5dfe91ccc0ae37593b379d7cf1c76d4658b43ce839219f9ee20.apk
-
Size
3.2MB
-
MD5
d2a3e9118d2be6608e0876380d0a4411
-
SHA1
65ae026a2b371487d5b1468e8346e09f73747569
-
SHA256
8cd73a00a2a5f5dfe91ccc0ae37593b379d7cf1c76d4658b43ce839219f9ee20
-
SHA512
d5d80a9f4f7059edd3709cd6b9c40c72523587bcc95352f260e15820a9871072c4dc40cca45af6248617c88f783e2429d6dc7fd22fb7f2658aeea9623cbfca53
-
SSDEEP
98304:zAl0nExyPqo6mRhNEg5eRBZxC57anWhCGVcIGJT2F6W:zjEMV6mRENx0gGFL
Score10/10-
TiSpy
TiSpy is an Android stalkerware.
-
TiSpy payload
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-