General
-
Target
a5cdcc26e5874d46c40becf831dd65fd236fa1192375724d37666376b4b4a04b
-
Size
3.2MB
-
Sample
240425-db5dlaea49
-
MD5
87636d7eaca96a05cddaa8e843d83678
-
SHA1
cbf833018916ad83233440d890a59c75d7ea2360
-
SHA256
a5cdcc26e5874d46c40becf831dd65fd236fa1192375724d37666376b4b4a04b
-
SHA512
fbdb81a4773d339d7fc06e831633b37eaec2909ec0f08679b81855f519dfbfaab6926c36409f44844b8d88a4bc664a63b947ea5d3486a31e06519a842d4fa5ad
-
SSDEEP
49152:vJQLhnnA+IoXPZYMXZdSExphpWIFtJ2Kq23dMpWPqkqzSvJ0HVkk4q:vJQLFnPIWP5phpWIhhqkdoQqkeQM0q
Malware Config
Targets
-
-
Target
a5cdcc26e5874d46c40becf831dd65fd236fa1192375724d37666376b4b4a04b
-
Size
3.2MB
-
MD5
87636d7eaca96a05cddaa8e843d83678
-
SHA1
cbf833018916ad83233440d890a59c75d7ea2360
-
SHA256
a5cdcc26e5874d46c40becf831dd65fd236fa1192375724d37666376b4b4a04b
-
SHA512
fbdb81a4773d339d7fc06e831633b37eaec2909ec0f08679b81855f519dfbfaab6926c36409f44844b8d88a4bc664a63b947ea5d3486a31e06519a842d4fa5ad
-
SSDEEP
49152:vJQLhnnA+IoXPZYMXZdSExphpWIFtJ2Kq23dMpWPqkqzSvJ0HVkk4q:vJQLFnPIWP5phpWIhhqkdoQqkeQM0q
Score10/10-
TiSpy
TiSpy is an Android stalkerware.
-
TiSpy payload
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-