General
-
Target
ced95bfb8abc315a6d3e5dfc44450ffd1bd497ae418e85ad95e9c8076affc6f3
-
Size
2.4MB
-
Sample
240518-cmermsfd88
-
MD5
ad352c0c13998a91de39d7b723e0c2b0
-
SHA1
e2891b14fbcddf1735f52a7637e9bcb00f5941da
-
SHA256
ced95bfb8abc315a6d3e5dfc44450ffd1bd497ae418e85ad95e9c8076affc6f3
-
SHA512
d34b550813742ac0f16f131c93284fbc4990dc1b8653717211375b5982e5b501c3d293055f644122d9a8cbf9b65dae26f3d668e623952f4a685c5b48c697b61a
-
SSDEEP
49152:lsIUfUSfsO4AeeTQsDzryyDBCmdP0TE3SALu2hHGD5B4M5rfF:lsHZfsONJDzryyDEA0TEfLJmDjX9
Malware Config
Targets
-
-
Target
ced95bfb8abc315a6d3e5dfc44450ffd1bd497ae418e85ad95e9c8076affc6f3
-
Size
2.4MB
-
MD5
ad352c0c13998a91de39d7b723e0c2b0
-
SHA1
e2891b14fbcddf1735f52a7637e9bcb00f5941da
-
SHA256
ced95bfb8abc315a6d3e5dfc44450ffd1bd497ae418e85ad95e9c8076affc6f3
-
SHA512
d34b550813742ac0f16f131c93284fbc4990dc1b8653717211375b5982e5b501c3d293055f644122d9a8cbf9b65dae26f3d668e623952f4a685c5b48c697b61a
-
SSDEEP
49152:lsIUfUSfsO4AeeTQsDzryyDBCmdP0TE3SALu2hHGD5B4M5rfF:lsHZfsONJDzryyDEA0TEfLJmDjX9
Score10/10-
TiSpy
TiSpy is an Android stalkerware.
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Queries the phone number (MSISDN for GSM devices)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-