tispy

General

Target

5b29c4e0126e0b72e904d9583ab08d4712f7e23d76f763b8af4d06d5289cd491
Size

3.5MB
Sample

240826-cw6ays1fmk
MD5

01c49f92e5128a6ccb5afddadc5f17d7
SHA1

2fd0b46339f85b1c98eef7d562bfd98ad1cc2d2a
SHA256

5b29c4e0126e0b72e904d9583ab08d4712f7e23d76f763b8af4d06d5289cd491
SHA512

de30e510fbe7260b1e4b2808cce2f0fbeba4557c00062c1d5c81aeeed17b7ae0e835a0e3b2eca46a8588a8c47d0de5307f009ebc82d2f35570681a00c872c259
SSDEEP

98304:om591ljxPKdUPXYPDZxdWA30iu8OllYeN:bnljxCWPoPDZDW+0iu8Slp

Score

10^/10

Malware Config

Targets

- Target
  
  5b29c4e0126e0b72e904d9583ab08d4712f7e23d76f763b8af4d06d5289cd491
- Size
  
  3.5MB
- MD5
  
  01c49f92e5128a6ccb5afddadc5f17d7
- SHA1
  
  2fd0b46339f85b1c98eef7d562bfd98ad1cc2d2a
- SHA256
  
  5b29c4e0126e0b72e904d9583ab08d4712f7e23d76f763b8af4d06d5289cd491
- SHA512
  
  de30e510fbe7260b1e4b2808cce2f0fbeba4557c00062c1d5c81aeeed17b7ae0e835a0e3b2eca46a8588a8c47d0de5307f009ebc82d2f35570681a00c872c259
- SSDEEP
  
  98304:om591ljxPKdUPXYPDZxdWA30iu8OllYeN:bnljxCWPoPDZDW+0iu8Slp
Score

10^/10

tispy collection discovery evasion infostealer persistence spyware trojan
- TiSpy
  TiSpy is an Android stalkerware.
  trojan infostealer spyware tispy
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Reads information about phone network operator.
  discovery
behavioral1