Resubmissions

03-05-2024 15:21

240503-srtpcsaa8z 10

03-05-2024 00:46

240503-a45chscg82 10

01-05-2024 15:24

240501-stbxbscb46 10

General

  • Target

    7ae5b896cfa90e89bb97c94d9438cde9e9c107204ace3e58cdbde7dbadaa4562

  • Size

    2.9MB

  • MD5

    df66a94dfc86e6097c386550f31c4100

  • SHA1

    ee4b21d5567c71787a58e18b90d0d93395d01022

  • SHA256

    7ae5b896cfa90e89bb97c94d9438cde9e9c107204ace3e58cdbde7dbadaa4562

  • SHA512

    cddf2359888da7f38266d005500374b0bde6679bda8871049eae48461fad85187e0b9f68ff53e6f7c833f60995a6adc26e81035ddf9317847200249e7ff13695

  • SSDEEP

    49152:HLV4Jb6W1wGLVdbbM1pssjodLaIITeSC5QfMkrHBOx4JEb5UzrzVS52l4eJB3GzD:HLQt1wGLLs1tcduTTO8frhOZlUznVS2u

Score
10/10

Malware Config

Extracted

Family

truthspy

C2

http://protocol-a.thetruthspy.com/protocols/getsetting.aspx

Signatures

  • Truthspy family
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Requests dangerous framework permissions 12 IoCs

Files

  • 7ae5b896cfa90e89bb97c94d9438cde9e9c107204ace3e58cdbde7dbadaa4562
    .apk android arch:arm

    com.guest

    com.ispyoo.android.activity.MainActivity


Android Permissions

7ae5b896cfa90e89bb97c94d9438cde9e9c107204ace3e58cdbde7dbadaa4562

Permissions

android.permission.INTERNET

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.PROCESS_OUTGOING_CALLS

android.permission.ACCESS_FINE_LOCATION

android.permission.READ_PHONE_STATE

android.permission.READ_CALL_LOG

android.permission.RECEIVE_SMS

android.permission.READ_CONTACTS

android.permission.READ_SMS

android.permission.RECORD_AUDIO

android.permission.CAMERA

com.android.browser.permission.READ_HISTORY_BOOKMARKS

android.permission.READ_CALENDAR

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_WIFI_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.GET_ACCOUNTS

android.permission.CHANGE_WIFI_STATE

android.permission.CHANGE_NETWORK_STATE

com.google.android.c2dm.permission.RECEIVE

android.permission.WAKE_LOCK