General
-
Target
ec34a9ac83d8d31923ebe7f82d4fbd011c977faadfe358ba8f97adb14fa07d7c.zip
-
Size
3.1MB
-
Sample
240806-zegbtstcnf
-
MD5
373b274feabef2c4324ffa371c82b6c0
-
SHA1
00ed0aea6d6d23e6600391010883c6e19615ba9d
-
SHA256
ce6d85487553f884a357e9707510e7e3cb36da543b5f93e7f3e6da25413f175e
-
SHA512
0b4f43827c9819835334e3204d1f1309a1591d3cf2d6e4bea2be53ecb5d18d021b51a003465e56face34c4873ca84c1d4c3406c765640eede6c0ebc2c9860e33
-
SSDEEP
98304:hwwRtH6TjOdhuGnfZHCcfBXC7flXRIjp0fjl0UK45:hw46TadhuGVC+A7f5RIN0h75
Static task
static1
Behavioral task
behavioral1
Sample
ec34a9ac83d8d31923ebe7f82d4fbd011c977faadfe358ba8f97adb14fa07d7c.apk
Resource
android-x86-arm-20240624-en
Malware Config
Extracted
tispy
https://auth.familysafty.com/TiSPY/printIPN.jsp?screen=IntroScreen&model=Pixel+2&osversion=28&deviceid=358240051014041&version=3.2.183_20Jul24&rtype=T
Targets
-
-
Target
ec34a9ac83d8d31923ebe7f82d4fbd011c977faadfe358ba8f97adb14fa07d7c.apk
-
Size
3.5MB
-
MD5
cf76efa7ddd12116694a73ce6a6a3018
-
SHA1
769f254451b2f3919e69478fcd1705bb3c0005ac
-
SHA256
ec34a9ac83d8d31923ebe7f82d4fbd011c977faadfe358ba8f97adb14fa07d7c
-
SHA512
9196ca11168f898f2cd34cb39e6a713cbd1cc536bfcc9cfe0203172d0b8682368dc9902a28655e0d83abae67a5444d3022d55e390dd9846b8bae3c0fbeb74fb9
-
SSDEEP
98304:lbITfnTkRPqNHCtzyX20CkNFB4nU4jnEQa3C01MfW:JeTkRMHk/CNFKfjkSoM+
-
TiSpy payload
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices)
-
Acquires the wake lock
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-