Extracted

• • Target

    f156d43383ae3d976d5aeb25ab8e19bb3ca790340326fa59419227129ae18364

  • Size

    3.2MB

  • MD5

    d19dcf9c17a257468077a101854dfbaf

  • SHA1

    33b37d2726718955c744ceba1f32218d654e9e47

  • SHA256

    f156d43383ae3d976d5aeb25ab8e19bb3ca790340326fa59419227129ae18364

  • SHA512

    ff25b6157710d4081e490a571052d9cdacb2b9731ed8e289719e86f2c5b53622c4996c377764aff3a4eb94662a840ed4e383b9dab498d8bd3f856c6345cc1dfc

  • SSDEEP

    49152:bG4h6nAvmD7PampLpraYjG3SeqfBiQLeWq0jDvmCmbbUecuS80K4NN:bG4knwmfPa2pre32lLed7CmbrS8uN

  Score

  10^/10

  tispycollectiondiscoveryevasioninfostealerpersistencespywaretrojan

  • TiSpy

    TiSpy is an Android stalkerware.

    trojaninfostealerspywaretispy

  • TiSpy payload

  • Requests cell location

    Uses Android APIs to to get current cell location.

    collectiondiscoveryevasion

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

    evasion

  • Queries information about the current Wi-Fi connection

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery

  • Queries information about the current nearby Wi-Fi networks

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery

  • Queries the mobile country code (MCC)

    discovery

  • Queries the phone number (MSISDN for GSM devices)

    discovery

  • Registers a broadcast receiver at runtime (usually for listening for system events)

    persistence

  • Acquires the wake lock

  • Checks if the internet connection is available

    discovery

  • Reads information about phone network operator.

    discovery
  behavioral1