General
-
Target
62ab73a2ed0d3b385dbc7421500f887920cde26d739379ff680e755d03c204da
-
Size
3.2MB
-
Sample
240514-clzenaeh9w
-
MD5
8ad693020b70c86b95c472f19e43e6b3
-
SHA1
7e9f2fc2f20b6d787a58e731bec8cc76fb814326
-
SHA256
62ab73a2ed0d3b385dbc7421500f887920cde26d739379ff680e755d03c204da
-
SHA512
6745562422d62cd72c88b7adbd82fb627adc6a1c8756701741659e0719a41bb908892a2c83e9baa14da6a00de3c7eb213afc99054795ef8ca054a4862a6d7893
-
SSDEEP
49152:+TSSh/nAlPhPniDj6PQERONo5+c5ez5pWalFpQU7c4ynuaiOBi4Hn:gSSNnAZPnySXO6terWa3ppQ4ybiOBi4H
Malware Config
Targets
-
-
Target
62ab73a2ed0d3b385dbc7421500f887920cde26d739379ff680e755d03c204da
-
Size
3.2MB
-
MD5
8ad693020b70c86b95c472f19e43e6b3
-
SHA1
7e9f2fc2f20b6d787a58e731bec8cc76fb814326
-
SHA256
62ab73a2ed0d3b385dbc7421500f887920cde26d739379ff680e755d03c204da
-
SHA512
6745562422d62cd72c88b7adbd82fb627adc6a1c8756701741659e0719a41bb908892a2c83e9baa14da6a00de3c7eb213afc99054795ef8ca054a4862a6d7893
-
SSDEEP
49152:+TSSh/nAlPhPniDj6PQERONo5+c5ez5pWalFpQU7c4ynuaiOBi4Hn:gSSNnAZPnySXO6terWa3ppQ4ybiOBi4H
Score10/10-
TiSpy
TiSpy is an Android stalkerware.
-
TiSpy payload
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Queries the phone number (MSISDN for GSM devices)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-