General
-
Target
d16a588683857d68ce0164cccee6b5dd3068629ec9136556dcf5f8893e6acede.apk
-
Size
3.2MB
-
Sample
240428-cgl9jadg57
-
MD5
be3df63d3cd146538849619d30e29c6f
-
SHA1
fb0a1e044e46e35e448459b0a35a8dfde8257a23
-
SHA256
d16a588683857d68ce0164cccee6b5dd3068629ec9136556dcf5f8893e6acede
-
SHA512
751f12a67ddb3c6a5cd9b596316d890529cf5dd940d2589935fa94f8ad311bae322518878d2b1d2036c4be30aad60d07231a24008df2e01fd94f30cbd086d920
-
SSDEEP
98304:7yHAnI8Pw4BlBBpP1UsRw7WLRUL7OU8y+:7rI8J3Bz1pyLSQ+
Malware Config
Targets
-
-
Target
d16a588683857d68ce0164cccee6b5dd3068629ec9136556dcf5f8893e6acede.apk
-
Size
3.2MB
-
MD5
be3df63d3cd146538849619d30e29c6f
-
SHA1
fb0a1e044e46e35e448459b0a35a8dfde8257a23
-
SHA256
d16a588683857d68ce0164cccee6b5dd3068629ec9136556dcf5f8893e6acede
-
SHA512
751f12a67ddb3c6a5cd9b596316d890529cf5dd940d2589935fa94f8ad311bae322518878d2b1d2036c4be30aad60d07231a24008df2e01fd94f30cbd086d920
-
SSDEEP
98304:7yHAnI8Pw4BlBBpP1UsRw7WLRUL7OU8y+:7rI8J3Bz1pyLSQ+
Score10/10-
TiSpy
TiSpy is an Android stalkerware.
-
TiSpy payload
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-