Analysis
-
max time kernel
19s -
max time network
152s -
platform
android-13_x64 -
resource
android-33-x64-arm64-20240910-en -
resource tags
arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system -
submitted
24-09-2024 02:39
Behavioral task
behavioral1
Sample
5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb.apk
Resource
android-x86-arm-20240910-en
General
-
Target
5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb.apk
-
Size
3.6MB
-
MD5
d836feab9d4bf3c6cf086bdc14724c8b
-
SHA1
c837cf7b181679a0081165e5fe4aa0eb94f748f8
-
SHA256
5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb
-
SHA512
8c7801c5f1d8dfda39e0c65bdbea83feb8f217b41b69a245d01dd9e983a6a357c8b0b2be79123bed07e638655fc66ef3a093cc01be68c696ecfea5ab6c692dad
-
SSDEEP
98304:5s13ZL3Vf6JqeomaMDmQZ75ub8GoRJ6Odp/9hBbW+te6lXhAyHzwI:eTLVf6JumaMiQVWovl9jS+oS4I
Malware Config
Extracted
truthspy
http://protocol-a100.phoneparental.com/protocols
Signatures
-
Truthspy
Truthspy is an Android stalkerware.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
56KB
MD520fbb1ee4b54e7580f3419b766b3e5c9
SHA1b8df2540fe9da75f5bfca02b113adedc67d2caa0
SHA25617c1dea8b7df29f547d388edc0b1f2c194e3bfdfb34ef84c4fca5e4f73fa0c39
SHA512193f3b5f4b0033cf06d0c57bb0e182f50a8c56c883c7a17d0af6a5892848e635b6b21362a70f8db9db944972bae1952d1aaba5876e7a0ef2949e792b9cd30f5c
-
Filesize
512B
MD5cf5cb71781327d7daeffa7466460abd3
SHA157f3f7f1de994d3181ce0c2401443469a57b923a
SHA2565212a35e9963c5529413d517f1c8323f7cd601f207ae02137d312d29e95ea1bc
SHA5124ab4aff135ebe28026fb382f7f82e6360ab20e3c1896eb366082df6b0c996cabeccc926ee7de86c1e96f6b84d9cea64ae9d8a502debaf3a6b27ee91e59416cef
-
Filesize
8KB
MD5094e091a7393a79f9bc2efe9c9c6beaa
SHA1909c8fa08199fe25f9d1d5470cbe5a1ee0ac7beb
SHA256c1b23e7ae2e0adebd88d1fdd3336e22cb59fdc1eb81ceb419e6ef8f1cbabbf18
SHA512c84a17729be43821e514cafc09c643309a36e07fdaaac375dc75695c25c21f65bc3b93975513046afb7f6fec40a23ecb954141eba1aa2b37e211d6ee274a0692
-
Filesize
8KB
MD5185bf9c1ef921f42df0c33e3a16f3764
SHA13a2fe65e7acea628ca09bbe1c29e79e1edb36dfe
SHA256dc9f4a976d94d1eba83175aaf50e6017f7826290212ae96ea5c91416d48b8b0a
SHA512f60f1cab2cee035842ce3c65390dda066112945c7516a91d2fda45f0c431e26f7e4bca57d649fa0cdd0e5e44ac33d47b001c23efc3273a3818bc3c32fad5ec12
-
Filesize
36KB
MD5045489a0639eee27bca52f48828cd93d
SHA1436e7966e7c019273c44faa4d8c5709b816dfda3
SHA2560151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e
SHA512c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e
-
Filesize
16KB
MD562ad4a05cbdca7f47b3206b7dbda487f
SHA14f4044cef7b7b1e5c6184ed9025267fc92bf0cd3
SHA25618b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6
SHA5120936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6
-
Filesize
16KB
MD50a7c874d4fc8c8a00345c8ac8502d448
SHA1e50bf02eaff8fdb8d5a8195ce87757ba09096538
SHA256bc1130f1769ee06e6161e652df8857c6ea2901c0f59b0b98ace81a9002740882
SHA5128f85950bfdae7452d03c0a7a2caeec4636c1fc605a733f147b9290c7f786a344fbfa45143531410c84eecbdaf8b076c9658a1f879685b6304814e985fdbd54f9
-
Filesize
16KB
MD51699739ceb5be95194a0042b513909a1
SHA11b39567f673dc8b5b65cc2a2c6f7a6109421734a
SHA256b77495452422782b38223f82f6a1b310ca8d7ff22ef91b638a7f95b43702b2fa
SHA512d29bd97c76dd9f9d00376fc63ee3a5b79dcfa3e9151b47f3dd94a89ec2448c0c6863e8d1c139274041985e04e743b273905fb622681fdf72b8d13ffb399405c0
-
Filesize
16KB
MD556256db3c94143d1a8089926953cdcdf
SHA14e17ec0f2301e5639073c9ac4cf2062cb6eaf65f
SHA25677f4eb9e43e98128d949c7f7cb6b1721fb5b5388da828a8a7d85264862bfee9f
SHA512dc373dff0ec9b5752b4f1776aee1988f94928f763362abed5838bf36bf21823f98aee0413e3c61595df16cbeb7391a2b17ab5054e6afbfea398a08c88f937214
-
Filesize
16KB
MD522ae8d5afac026d612f8e6ac58511049
SHA122c23adc1e7bf1c5b014215c28ff54d2548b4ebd
SHA256c424b9d260d9f9f0c3bb0047359fcb9a318543069eba2ca7676e5ee704323c87
SHA512649cf1be760c183c292989a6e31db233b81263ff9002fc12cac183f544665566e54aa3146ec96b80e7cbe7d27b126475eea51000d6c4dce9cecf486a60185d44
-
Filesize
16KB
MD5e3f13c7d7678604e5b293f6672bc0ed1
SHA1b16c998ac7ca1db79cd4983b207a292ac1d96e21
SHA256486eb5bec4ec277ea7b334a0d0e431e5e62881d3462903e8294640edbe96b2e3
SHA512b63bab85a373912587e78dfc9daf8b4168a223c7af08fb87de8140d66b9f35042052d2d25694e4ea7c9f2064107e5471318b6dcec39c4e3dc0aa352627fa09f4
-
Filesize
512B
MD5e1847ff3779cad7f7fb7436fec4916ac
SHA1c0b208c216ff52cd86eee15b2eb2dd143f969548
SHA256d710ef9f8e92a578d837103e15bf9ef9642567f0b9019da96363fb9cd387b40b
SHA512579bad681407d4f17ba9d7052e341ee630f7c2951040f687a21b657a67d19a98623deb6df3c607cc28b3a1615291606e6882e6c25730554ec4ed02c83d92ed58
-
Filesize
8KB
MD5dc9e5fec9aa8f99ddb79f44d819864ac
SHA10d6e1c015c1d293b961310fdc676ad4d1983b71b
SHA25647d404991ffa7d62cb5b47884558b5e8acc7c61f8a40e85d48fd171a2473b238
SHA5122d50ac1228a074e77bd9ee74cce6c3e2546a37b3e9c6c24a68b132e3cf71de8e9582ee3ecf2f19793ee6a5999915c83a406750da757a31549d822baf8825daab
-
Filesize
4KB
MD569e8dc398a44f51b7b2b1264463f3e58
SHA15e6101088e7bb54c47514d041487ece8e622a570
SHA256f7ac82c49b1682258b59614acafb2f92b83a807dd7fb8401c2f4bc534ce0ea13
SHA512b0548af0834e40bf911fad30839128f840455a8b8f625712e8ab5f95083df007ea4452d3108927790ecc59ce29e49250d711defe5b435f155916a61f123bd91c
-
Filesize
8KB
MD542579ef216802c9fce0a85d116e90851
SHA1b20989dd5fa19fbb1ff7ee3cba5fa4a0e2045bf0
SHA25684a75d60e6b711b3162e63a046f4408e00c4ac9602421a014ead826ce091dc38
SHA5126701ed7ba085bd6d0d290d1b80c3a58497d4e9a8787bfea47c18aabe0911f246708572cbcbac861573ecb04a5c72a23e84c8a2a6eeace3220b0c653d0273566d
-
Filesize
8KB
MD525820d58517fdba01203fe4789276377
SHA19b15fd4bea43ed978b8e4d4c72a580d1a576f70c
SHA2568b8d205e25124e66e8deb49f764ec11087fc24d3ec62a48889239f2b5c7de5ab
SHA512887ce6e08b0f708a8371151af15e9a3c620df886a61fac8e2f11f3de6e91885577b2fe336c99b05392ade3a8c288e4925a20f1e09d86a676de051d35f6bb3219
-
Filesize
8KB
MD5a44944dad396282e026f8488b93c5ee0
SHA1afb779d0cc638d3d03dce6722fc8b0ab7bfbc241
SHA256135382bad59a8917d002f2da8819bb39bd803da076a508a2527a9a5b7d097dea
SHA512855add2d2221f07630299a7b5e5c6e58363b055aafde2d8d2611fb35895bbe063d32970b45782511b499938a78736f8f640e1e91891377d9bf07e2f53dd90c84
-
Filesize
90B
MD5c58f926884951e95f88976a25ccdc52d
SHA11b65f58dc25595f03980bb0335934ca53366c195
SHA25636b3a0ded474a609a8a259705dab0192dee78b9a7e86b4fbbda739800e5c37cd
SHA512cc745e62c021d1e7cf79cf577afb7ba50963d6f001f186f9ea5655661bb9ded0fef671ca887ce635fc89676f9c4615c1b5f6f114590c8432e5dfb7a17fc6681b
-
Filesize
556B
MD5ed6153228da18f7d1bcb5f59617d52a3
SHA1cedcc6b154d4a5e4b3e2216d7a2dcd60548920a8
SHA256f7f2d464035da1c6defb97ef63772bd0eaaafec065f17a7de29205e7dc6a70a0
SHA5125372e63ea991eee398675146f5fada1f9ec611f7a014662b83f7006a6c52e9480dff0b134f279647d8deae3046a41303a8fde3e0256471eb9fca051fcc82afad
-
Filesize
3KB
MD58046e10865eb7e822fa43212917bce48
SHA13804110c0713654c2fc842264276ac8be9660a4c
SHA256d444b226667fa9c65095363f097454fc8c0334222068e3ee457e32f63a676247
SHA5128687a7cfc2c0fb618bdaea1167c5e30f4499122765fd8abb98721036599fe04433475995c6b89a900933a1126abae97248c2042ac0da298ad951582a4d5d284a