Resubmissions

03-05-2024 15:21

240503-srtpcsaa8z 10

03-05-2024 00:46

240503-a45chscg82 10

01-05-2024 15:24

240501-stbxbscb46 10

Analysis

  • max time kernel
    37s
  • max time network
    136s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    01-05-2024 15:24

General

  • Target

    7ae5b896cfa90e89bb97c94d9438cde9e9c107204ace3e58cdbde7dbadaa4562.apk

  • Size

    2.9MB

  • MD5

    df66a94dfc86e6097c386550f31c4100

  • SHA1

    ee4b21d5567c71787a58e18b90d0d93395d01022

  • SHA256

    7ae5b896cfa90e89bb97c94d9438cde9e9c107204ace3e58cdbde7dbadaa4562

  • SHA512

    cddf2359888da7f38266d005500374b0bde6679bda8871049eae48461fad85187e0b9f68ff53e6f7c833f60995a6adc26e81035ddf9317847200249e7ff13695

  • SSDEEP

    49152:HLV4Jb6W1wGLVdbbM1pssjodLaIITeSC5QfMkrHBOx4JEb5UzrzVS52l4eJB3GzD:HLQt1wGLLs1tcduTTO8frhOZlUznVS2u

Malware Config

Extracted

Family

truthspy

C2

http://protocol-a60.guestspy.com/protocols

Signatures

Processes

  • com.guest
    1⤵
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4233

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.guest/databases/core.db

    Filesize

    27KB

    MD5

    c7b5801f4970b944a556dda8d75097f6

    SHA1

    ab62d5c3d60940ac286f019fecd21f822af864f2

    SHA256

    cc9e08d0728cef73f1f391fc1486845d285b6a14d778ef14c0ac2401e6b3fde0

    SHA512

    6ac93f5393ce957d0be7de34145f433285f6ee37f6037f174f4532502da62218dddfc0e32883bf94830b4c79f63aa16cf10b3fa7b6eb4187b72f7703b6e0f0c1