General
-
Target
e7fd36d30ab9635ec2113d38b6fcfb53092c88fd350e69ee693393e8ead9cefb.apk
-
Size
3.2MB
-
Sample
240512-k4xb1scd84
-
MD5
48aef3bdab4724f4bf116b321393e17e
-
SHA1
12ef88b9ec33e021f1fcdc12b9ab2ba7fdac98af
-
SHA256
e7fd36d30ab9635ec2113d38b6fcfb53092c88fd350e69ee693393e8ead9cefb
-
SHA512
69a020a60f5f7c97123ce4dbad0fc7be82bcc0f28eaa4473e693d93555eefab703e603f3b79666364fb75f68a2fbedca937eafe714b9c9764b388a534c04b198
-
SSDEEP
49152:8IuLdhwnA9QCwPtiaGyZmOzhQDC+HYla2PJzN6B8ul0xhuVP1aoNKEnHxUxiG:8IuLdan0kPttfmwXhPJx6yul0HS1NKEA
Malware Config
Targets
-
-
Target
e7fd36d30ab9635ec2113d38b6fcfb53092c88fd350e69ee693393e8ead9cefb.apk
-
Size
3.2MB
-
MD5
48aef3bdab4724f4bf116b321393e17e
-
SHA1
12ef88b9ec33e021f1fcdc12b9ab2ba7fdac98af
-
SHA256
e7fd36d30ab9635ec2113d38b6fcfb53092c88fd350e69ee693393e8ead9cefb
-
SHA512
69a020a60f5f7c97123ce4dbad0fc7be82bcc0f28eaa4473e693d93555eefab703e603f3b79666364fb75f68a2fbedca937eafe714b9c9764b388a534c04b198
-
SSDEEP
49152:8IuLdhwnA9QCwPtiaGyZmOzhQDC+HYla2PJzN6B8ul0xhuVP1aoNKEnHxUxiG:8IuLdan0kPttfmwXhPJx6yul0HS1NKEA
Score10/10-
TiSpy
TiSpy is an Android stalkerware.
-
TiSpy payload
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Queries the phone number (MSISDN for GSM devices)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-