General
-
Target
cdaefe3a750aeb195d2f30ba94c21503ee769d62b43020a1aae510e51b9a687d
-
Size
3.2MB
-
Sample
240517-nq2lcsff6s
-
MD5
e7d9a7ee8f31a35b8944b555e3a9c4ef
-
SHA1
ad338871b00df94f04ddaa840cc801732a72a23e
-
SHA256
cdaefe3a750aeb195d2f30ba94c21503ee769d62b43020a1aae510e51b9a687d
-
SHA512
4596071625c957a59eee119aac558860484a55f9e81d3620dd13b5a1376ce82240ce81dbabd240f9add10841709cdefd35d56fede8411fb8089a6ec2fa543820
-
SSDEEP
98304:R9tYn53bcPZA1saolAnkOeYGBqhaazXUWYIpm:RE53YiiFAnkfhBqhaazXU4pm
Static task
static1
Behavioral task
behavioral1
Sample
cdaefe3a750aeb195d2f30ba94c21503ee769d62b43020a1aae510e51b9a687d.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral2
Sample
cdaefe3a750aeb195d2f30ba94c21503ee769d62b43020a1aae510e51b9a687d.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral3
Sample
cdaefe3a750aeb195d2f30ba94c21503ee769d62b43020a1aae510e51b9a687d.apk
Resource
android-33-x64-arm64-20240514-en
Behavioral task
behavioral4
Sample
cdaefe3a750aeb195d2f30ba94c21503ee769d62b43020a1aae510e51b9a687d.apk
Resource
android-x86-arm-20240514-en
Malware Config
Extracted
tispy
https://auth.familysafty.com/TiSPY/printIPN.jsp?screen=IntroScreen&model=Pixel+2&osversion=30&deviceid=87cf69cd28fb42ba8f17e42ef5f7831b&version=3.2.183_16May24&rtype=T
https://auth.familysafty.com/TiSPY/printIPN.jsp?screen=IntroScreen&model=Pixel+2&osversion=33&deviceid=d9e506e0179c478c94d3b25df65bf9bc&version=3.2.183_16May24&rtype=T
https://auth.familysafty.com/TiSPY/printIPN.jsp?screen=IntroScreen&model=Pixel+2&osversion=28&deviceid=358240051014041&version=3.2.183_16May24&rtype=T
Targets
-
-
Target
cdaefe3a750aeb195d2f30ba94c21503ee769d62b43020a1aae510e51b9a687d
-
Size
3.2MB
-
MD5
e7d9a7ee8f31a35b8944b555e3a9c4ef
-
SHA1
ad338871b00df94f04ddaa840cc801732a72a23e
-
SHA256
cdaefe3a750aeb195d2f30ba94c21503ee769d62b43020a1aae510e51b9a687d
-
SHA512
4596071625c957a59eee119aac558860484a55f9e81d3620dd13b5a1376ce82240ce81dbabd240f9add10841709cdefd35d56fede8411fb8089a6ec2fa543820
-
SSDEEP
98304:R9tYn53bcPZA1saolAnkOeYGBqhaazXUWYIpm:RE53YiiFAnkfhBqhaazXU4pm
-
TiSpy payload
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Queries the phone number (MSISDN for GSM devices)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-