General
-
Target
b3d4ec27d26f877d3541d5abc886251bffa4fe03388badfb01c3a5906138530d
-
Size
3.2MB
-
Sample
240426-cb4lmahb3y
-
MD5
95126860ee2a2d2157057af7395d6a2b
-
SHA1
61871f139028c13ce5c0ca56d574191f67cafa0c
-
SHA256
b3d4ec27d26f877d3541d5abc886251bffa4fe03388badfb01c3a5906138530d
-
SHA512
7dcd6e22324a78ddd6e2c4093753fa793d97bd8ad2e1f3d4b6cc79f028d78cf36f0c76da63d8d57a61e61a59ccda24f888e05900959cda2efbd3a42aad5188ea
-
SSDEEP
49152:NhlOhonAE/jfSPoqw0iEXLkn2kf+t8ShIzIxWhdMKZlgpjHKVmZMPC:NhlO+ntGPoqwJnCt7IUUIpuV7C
Malware Config
Targets
-
-
Target
b3d4ec27d26f877d3541d5abc886251bffa4fe03388badfb01c3a5906138530d
-
Size
3.2MB
-
MD5
95126860ee2a2d2157057af7395d6a2b
-
SHA1
61871f139028c13ce5c0ca56d574191f67cafa0c
-
SHA256
b3d4ec27d26f877d3541d5abc886251bffa4fe03388badfb01c3a5906138530d
-
SHA512
7dcd6e22324a78ddd6e2c4093753fa793d97bd8ad2e1f3d4b6cc79f028d78cf36f0c76da63d8d57a61e61a59ccda24f888e05900959cda2efbd3a42aad5188ea
-
SSDEEP
49152:NhlOhonAE/jfSPoqw0iEXLkn2kf+t8ShIzIxWhdMKZlgpjHKVmZMPC:NhlO+ntGPoqwJnCt7IUUIpuV7C
Score10/10-
TiSpy
TiSpy is an Android stalkerware.
-
TiSpy payload
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-