General
-
Target
b425ec7a8a3718744fea6fb6dd012454eeeaa0aa44008da9d7d8000d8cea0009.apk
-
Size
2.4MB
-
Sample
240731-12157awckn
-
MD5
594512812ebc62a8da054e6d76c7804b
-
SHA1
37f6e5e6bc0e7db45899815b3b0ad3872b046a69
-
SHA256
b425ec7a8a3718744fea6fb6dd012454eeeaa0aa44008da9d7d8000d8cea0009
-
SHA512
fcbd697c62cffb415d535484df5aedac5d999e56d06fd7339004b991ea8f9e205650a96d8fb6b106975a90c32d60aef6da3881ee4b5f4e0e816441a2b7889423
-
SSDEEP
49152:0ceEvHSvdCLZyxxNVnfdejS6ZdzHRST007XjUFjDn4JhfkxfNwIi6p:0claVCoXUdzHRSTFjUFjD4Df0NwJo
Static task
static1
Behavioral task
behavioral1
Sample
b425ec7a8a3718744fea6fb6dd012454eeeaa0aa44008da9d7d8000d8cea0009.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral2
Sample
b425ec7a8a3718744fea6fb6dd012454eeeaa0aa44008da9d7d8000d8cea0009.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral3
Sample
b425ec7a8a3718744fea6fb6dd012454eeeaa0aa44008da9d7d8000d8cea0009.apk
Resource
android-33-x64-arm64-20240624-en
Behavioral task
behavioral4
Sample
b425ec7a8a3718744fea6fb6dd012454eeeaa0aa44008da9d7d8000d8cea0009.apk
Resource
android-x86-arm-20240624-en
Malware Config
Extracted
tispy
https://brunoespiao.com.br/esp/appprofile.jsp
Targets
-
-
Target
b425ec7a8a3718744fea6fb6dd012454eeeaa0aa44008da9d7d8000d8cea0009.apk
-
Size
2.4MB
-
MD5
594512812ebc62a8da054e6d76c7804b
-
SHA1
37f6e5e6bc0e7db45899815b3b0ad3872b046a69
-
SHA256
b425ec7a8a3718744fea6fb6dd012454eeeaa0aa44008da9d7d8000d8cea0009
-
SHA512
fcbd697c62cffb415d535484df5aedac5d999e56d06fd7339004b991ea8f9e205650a96d8fb6b106975a90c32d60aef6da3881ee4b5f4e0e816441a2b7889423
-
SSDEEP
49152:0ceEvHSvdCLZyxxNVnfdejS6ZdzHRST007XjUFjDn4JhfkxfNwIi6p:0claVCoXUdzHRSTFjUFjD4Df0NwJo
-
Checks if the Android device is rooted.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the contacts stored on the device.
-
Acquires the wake lock
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2Discovery
Location Tracking
1System Information Discovery
3System Network Configuration Discovery
3System Network Connections Discovery
3