truthspy | 92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
22s
max time network
154s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
25/10/2024, 02:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

10^/10

truthspy banker discovery infostealer spyware trojan

Malware Config

Extracted

Family

truthspy

http://protocol-a100.phoneparental.com/protocols

Signatures

Truthspy
Truthspy is an Android stalkerware.
trojan infostealer spyware truthspy
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

com.systemservice
1⤵
- Acquires the wake lock
- Queries information about active data network
PID:4510

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
535142d4740538ea70a7de53aa102c2b

SHA1
e45a142eb8cd752e9f4e8cd745d5a894b25940cb

SHA256
d085e4b97d836d4e3f3f4a84b63903e6dc22a83ae6a0a3ac980f9f7a5b149aba

SHA512
304e9355d5325214c7b6a7e88eecf52ea1053beb031229e1c8d86e7fd7c40c3bab434e626a9f1883aa1b03f1d4b5f4801d3c6ad7fd1f63e1378c4003bfa00703

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
25b4ab06d51c59ff4ec53efff110fc08

SHA1
1cf54a1c05c15818bef34fc0d97efd4f89fff6e2

SHA256
5649571863035bc53c80cb8b0f3487a99960c8a12c0acb11a25029aab8a9e51d

SHA512
0a1a38c2f4b6c18dba83f0aa1c6d33afac4b4c58d5652c6d20fd872ba22dc4557ff2d16b19e272a0fd38f29289d7def09f3f59dcb646ea5bc34fde379eb9d624

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
670e434057aa0be1adbde3edae3bc2a7

SHA1
7fef0612d38503eaddbc623da3767048438c4d26

SHA256
ec8b03caa9dbcc0cc40c3be57bf29810bea882cda0e54919156a9329cc948a99

SHA512
e85681c8b9d423b5ae89fbf7b5041fb99966d3e328c48b822b9dd20ecd82e57c0c584ab584d764988437cd988bbece428cdb188510b9370f31f68f0db44974ab

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
1fc85b3f14b09641156522832aafbe7d

SHA1
a0ba7497219d381386df5190d75fa6416f55632f

SHA256
e024ed99c398e7bee73315cd63c2e36b90d5de1fcbc0c2de29439110b1a4ee69

SHA512
ea6b719f9ba4dc1a79269d59ae5142e1bd5b33fdbcb430ee93603b69cb6183543eb8ce2da3c072dff29773fd3b57193b4c980a33823c599fb6b18b94cefec96f

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62ad4a05cbdca7f47b3206b7dbda487f

SHA1
4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

SHA256
18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

SHA512
0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ae43df0db415edc31918d8944743f5b0

SHA1
bfd26d4e6b00531059c9616bdc36361ac9fcfb80

SHA256
fe9e6dd98fd9b73f6b8bad3ddd2cb7302ce23e791f966c436e929bcc3be3d821

SHA512
133970e4e161c9b2e3902bd4359fc87347ccbab394fa0b1339ea886c2c8d62d95ac3fb9fe9c8eb086bec31862397b76fe3acaf6e85a4e9ad3adb220ecee5fc7b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
88b76a01a4f3ffad042d843a832faf86

SHA1
b2221292c6cd5feb9de8324a2d5cf107318dcefb

SHA256
53be1c264253df40ba10ad6fbefd2cf33aee03388a78ca2100e6645d53d88048

SHA512
4f3825d8d698700be0cee57eb17d6fe7cb0a9b8a0d7fc07082c3052d1902517e92af30872de59cbb89deb743ba33cbeaa8070d2ed8ca70a54b188c839fcb5d74

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
afcb0321d992db4c419ba4dbd00f7cab

SHA1
eb3abe4120a9b4da51d6c2fd3daf4b228a802dcf

SHA256
e3f996e814a6e53e98a441058664363b3cb39f2b7182d693cbd05026c30b5eab

SHA512
1b71d177cd5a60c5c52bf7c02be66f045b59ba6b2b6dd1c586a6d69d37698f5571e1108c4e19829289ad816b070a7477bfaa0c2f83848b727f17d7bde1a2cc98

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ac856682128834d8979b2b26297bb218

SHA1
8f9489a1d9ec06e1e1d5f7261afbefe856d4bf4b

SHA256
20d082cd8a6c6e7c3b36ea4075ba6b42ac0fe663c63404328ff7a56ff6086b74

SHA512
a5d52d095c43695b9b20172ef437bbe38c248e8455c2ea780866e330d841beea884c0e9f4d908e769511c0d8c7348756b84107398f645325137b1905732b6b4e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e3f13c7d7678604e5b293f6672bc0ed1

SHA1
b16c998ac7ca1db79cd4983b207a292ac1d96e21

SHA256
486eb5bec4ec277ea7b334a0d0e431e5e62881d3462903e8294640edbe96b2e3

SHA512
b63bab85a373912587e78dfc9daf8b4168a223c7af08fb87de8140d66b9f35042052d2d25694e4ea7c9f2064107e5471318b6dcec39c4e3dc0aa352627fa09f4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
e89f17a33f30dac8bbf72097df58d3fa

SHA1
90f83634741e2cde7fac9c7e95c9cdb80113abeb

SHA256
b3517e712086ee236563f7008c342aa781203cbd0a3abd9202d96d11e13dd2b6

SHA512
3f3d262bad6000485748df195a7cc6e58a298a122a194fe0be1e4a20f13370d9f23d5d6c8f6a107a701f37f1f3aab6ad3bf6033d63837871964c99e497986333

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
a50ebb7f81278f87c097913478c285b0

SHA1
7923a0078f3d4ce5842160000ed6a1d279eddba9

SHA256
a8ecaa5b903f0445d86b26eaffa62bcc319e8db0952d9e3819a3592556060906

SHA512
0c04a9f5156baa64a1b987ceab97a047881d997db6130ad3ec39c0e9b4a8741a36f2dccc23af0ebbb640b693c36580210046ecaddd1736ecb49a01db35e12851

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
2c8b4f76f9f2e458145afb44891ee0d5

SHA1
347fc70d6d61243f9b82326b0dba82e2bc802071

SHA256
a16e326b0c5ac22d8c4061ca131a52455e6f64aaaca4137d5d8c4df15db2e30b

SHA512
d1aedb5131b6eaf68968fd1500ba26ecf72c5a0ee47751020c5f4b33173a1db69eff853e2dab63a3eb55c409f5ded30e9370f27e925c67d284425f3d535958f0

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
a48c0cbdf9609598ff8f2e9280b87db9

SHA1
ba8ede5a8ced2f2e53c6de25af409a63716fc2e7

SHA256
5f992a638112518ceac7500a32e60e7d2692d58c618d00727ca1a25d6ebd1dd1

SHA512
41ae7efdb4c99b35bbf47bd29789984c52ce08b7cc2ad38697fb7d193cc4674b379dca6619895e07403e93f2f3bb83492033bf26174adf3eb6f2a9443ee148d9

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
471b76869ec1565bac93338a68dd2425

SHA1
f000f412750cdf017b1824b48ab2aabc2d8c7a97

SHA256
e16c1804956c298f6025a60cc5f4f70c5060d60f89e33d91adaa8a522964fcb0

SHA512
41e5d81683a8a0743e26a20e556fd524fbc23f4f36fc8d1d24ecc540d16f0835928ce00d5f89bc0419cb957147b3137352578bd4c10df77ebb013a49aeab4ce2

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
1c12d654f8548b7282148c7488fa68dd

SHA1
9e4bb426bae2cb00585b35bb184f8f147b591f8c

SHA256
24cb22a02be77e8c4fc6a08869ec4b9feed0ed00fb5c71146829c95434b5a65f

SHA512
d3c2c7d681fcbe8e24d225e2c16a68fcf8c26ef99c78ccc8ce5897a259b02ae8829537693201f25596c82d4c3933cf83eabc7dc0ae060e27c654d0bdd9828c8b

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3536985592737930940tmp

Filesize
556B

MD5
00d24333e7359b5e20f2c4d0804538e8

SHA1
9c7fb85b8299689558b7189c73180b8e0855390c

SHA256
20af863ce5efa42d1f8d8faa509470d9781916287ec56952b32030df88858dcd

SHA512
e24b1ae8c2ebb975295d382c3bfe8c8185207866f77acf358720e375f90a9513d7b9832b93a83ed0f58ce4a941b072cba5799acfae224b9d167b2ae63780c21d

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3549179376556700133tmp

Filesize
90B

MD5
8fde7687a5d878e215535ff7c33c2e23

SHA1
2efafd2b5cf3689810e7daa2bc64dd3d58a18a17

SHA256
f286b544ced40974b627f352f21577022c66a792d5b74b4d2a0d2b01dd129707

SHA512
e6430af8b99ce80827326996162f1b60d847d31039be8f2dfca69bb9d8f89a1a2f0aa543a9fa2c364f9234ee4046c8d4cb3b4e5bde44b7eff2c0b27a44ed2228

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
fd73ee824912f82456b4b6f8377ad4ee

SHA1
3c7de05c0cabb38a42dd18f9a0958d4d0290d9d4

SHA256
3cce9d29b67b241d1cd603337ebb1f34d88416a334ddfc6200b95e5f31e8a3ed

SHA512
18d98ce20620ed22819c90e9049aaf5dc4af1dfd7c30ad664c3186cb5448288570ca510a2354552057297194b5a263bde44a54a1d8b38c0dfbf547f35f49a90e

Download Submit