General

  • Target

    236647e1769e1f53d279e7562ac29a9f90d50338c89d0f613d19f8602f58b093

  • Size

    3.5MB

  • Sample

    240817-cv5m2asblb

  • MD5

    6ce7b9bb757e1afddfb56989cb267354

  • SHA1

    4be2af2cd1e0dfe6744a7fdd8bcf0b59deabd75c

  • SHA256

    236647e1769e1f53d279e7562ac29a9f90d50338c89d0f613d19f8602f58b093

  • SHA512

    77d19b676c562cd3100b7fb52c51a7f9e91c155bcd1fff2348dfe9bb585d7c1f513476ed18f5f213f7e01359862bc6279c5102009e5288f28848bc5458db2749

  • SSDEEP

    98304:pWme/apj7PW2hUXWlu+X/7+ATkqbTbS1QD:Qypj7UGlPyCG1QD

Malware Config

Targets

    • Target

      236647e1769e1f53d279e7562ac29a9f90d50338c89d0f613d19f8602f58b093

    • Size

      3.5MB

    • MD5

      6ce7b9bb757e1afddfb56989cb267354

    • SHA1

      4be2af2cd1e0dfe6744a7fdd8bcf0b59deabd75c

    • SHA256

      236647e1769e1f53d279e7562ac29a9f90d50338c89d0f613d19f8602f58b093

    • SHA512

      77d19b676c562cd3100b7fb52c51a7f9e91c155bcd1fff2348dfe9bb585d7c1f513476ed18f5f213f7e01359862bc6279c5102009e5288f28848bc5458db2749

    • SSDEEP

      98304:pWme/apj7PW2hUXWlu+X/7+ATkqbTbS1QD:Qypj7UGlPyCG1QD

    • TiSpy

      TiSpy is an Android stalkerware.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries the phone number (MSISDN for GSM devices)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks