General

  • Target

    b3f23bdd3dea208f05de7a5b9ea928758187b3f2b0f4f5733c8bdb3298818ec0

  • Size

    3.7MB

  • Sample

    240623-cn68aawcjh

  • MD5

    f17c846775fe7d69c25b1f9834ec31d9

  • SHA1

    642e9c6595ed94cf6040c9a66e4431b04a62a2a3

  • SHA256

    b3f23bdd3dea208f05de7a5b9ea928758187b3f2b0f4f5733c8bdb3298818ec0

  • SHA512

    2f9883be40f1b9fda7ef9bd432c7d32e5adf6222e5bc9dbeed974f7e101a8c8af39f3bdd059fb0b83cb7e0d034f1ac85bc860bba30eb46b2da7f6d02657c70c9

  • SSDEEP

    98304:qmVDDWjqPP2X1180Q046fgVPwLBqylSWFk5uYUbLCJrn:p3WjqX2l2046qPwLB/lS+kpUnu

Malware Config

Targets

    • Target

      b3f23bdd3dea208f05de7a5b9ea928758187b3f2b0f4f5733c8bdb3298818ec0

    • Size

      3.7MB

    • MD5

      f17c846775fe7d69c25b1f9834ec31d9

    • SHA1

      642e9c6595ed94cf6040c9a66e4431b04a62a2a3

    • SHA256

      b3f23bdd3dea208f05de7a5b9ea928758187b3f2b0f4f5733c8bdb3298818ec0

    • SHA512

      2f9883be40f1b9fda7ef9bd432c7d32e5adf6222e5bc9dbeed974f7e101a8c8af39f3bdd059fb0b83cb7e0d034f1ac85bc860bba30eb46b2da7f6d02657c70c9

    • SSDEEP

      98304:qmVDDWjqPP2X1180Q046fgVPwLBqylSWFk5uYUbLCJrn:p3WjqX2l2046qPwLB/lS+kpUnu

    • TiSpy

      TiSpy is an Android stalkerware.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries the phone number (MSISDN for GSM devices)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

MITRE ATT&CK Matrix

Tasks