General
-
Target
cdaefe3a750aeb195d2f30ba94c21503ee769d62b43020a1aae510e51b9a687d
-
Size
3.2MB
-
Sample
240516-ck8a6sga99
-
MD5
e7d9a7ee8f31a35b8944b555e3a9c4ef
-
SHA1
ad338871b00df94f04ddaa840cc801732a72a23e
-
SHA256
cdaefe3a750aeb195d2f30ba94c21503ee769d62b43020a1aae510e51b9a687d
-
SHA512
4596071625c957a59eee119aac558860484a55f9e81d3620dd13b5a1376ce82240ce81dbabd240f9add10841709cdefd35d56fede8411fb8089a6ec2fa543820
-
SSDEEP
98304:R9tYn53bcPZA1saolAnkOeYGBqhaazXUWYIpm:RE53YiiFAnkfhBqhaazXU4pm
Malware Config
Targets
-
-
Target
cdaefe3a750aeb195d2f30ba94c21503ee769d62b43020a1aae510e51b9a687d
-
Size
3.2MB
-
MD5
e7d9a7ee8f31a35b8944b555e3a9c4ef
-
SHA1
ad338871b00df94f04ddaa840cc801732a72a23e
-
SHA256
cdaefe3a750aeb195d2f30ba94c21503ee769d62b43020a1aae510e51b9a687d
-
SHA512
4596071625c957a59eee119aac558860484a55f9e81d3620dd13b5a1376ce82240ce81dbabd240f9add10841709cdefd35d56fede8411fb8089a6ec2fa543820
-
SSDEEP
98304:R9tYn53bcPZA1saolAnkOeYGBqhaazXUWYIpm:RE53YiiFAnkfhBqhaazXU4pm
Score10/10-
TiSpy
TiSpy is an Android stalkerware.
-
TiSpy payload
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Queries the phone number (MSISDN for GSM devices)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-