truthspy | 92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
19s
max time network
132s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
04/12/2024, 02:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

10^/10

truthspy banker discovery infostealer spyware trojan

Malware Config

Extracted

Family

truthspy

http://protocol-a100.phoneparental.com/protocols

Signatures

Truthspy
Truthspy is an Android stalkerware.
trojan infostealer spyware truthspy
Truthspy family
truthspy
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

com.systemservice
1⤵
- Acquires the wake lock
- Queries information about active data network
PID:4337

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
c3e0888c11568167cd922eb857300c0b

SHA1
cb88af1eb707090b4fafc632f0b16160fed7c3ca

SHA256
fa1f4ce91d3cbd4a4a887682c35485eae7c3913fb6b266696a7c2ee56b24057a

SHA512
4d6f497c768ee7112ca68f356f9837a9df550f66d480d985995bb595a968ab35dafdabe5f05f09fe1ba596b758a2d1f5ff7dcca3c1590e6e1ccd9f9b1be868e7

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
498fff86df1e021f0c52b5f284c59d60

SHA1
a58007430da4566ba8fe02913478e722f224af15

SHA256
72ecc3a1155c5362e910e5706bb1979eeaacafa59fefe0cb1e4e03579307e121

SHA512
1e76ec98751e4f0f191064f250a1843994614823b6415fafaf83ce3fa56a58e8e32758464d44872b8c182746833d8730b057b05d1104b77b907cf54ac769b177

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
fd39c2473b7254b63e519d2760a20dea

SHA1
ba1ccdcb81829e9b81943a0fa6da1a9c78928173

SHA256
5149fa5f4624cfebbfaf3c2c8be9548df87d1cae7cdb6072c47f898433e9ab96

SHA512
c3da376c55e71380a507cdb216b9a3b53061a7825f92f6515559e38c054bbe58ca1dd1676118888c6b9a33b01d0e998a097a387bc98e678e0f197a517c99be32

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
f04a2c43f9b5984be5d973b4ea13ae59

SHA1
7d3a2e7fe3b85a4be9aefd4a8c3b78822f8e33d9

SHA256
223536e8b1a61d4f61cc499256ecfeafa8ced3da5c20a61420cbf99e35417594

SHA512
7fc6425810f6554ccfb69b01d48214888b81b77f230c44290f1eb5f932af2105138625d66bed78f115868306cf1603adf02e4b7f08e5d5796b54f9c4fdd39775

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62ad4a05cbdca7f47b3206b7dbda487f

SHA1
4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

SHA256
18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

SHA512
0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f14de39f66623af92dab5bd86c326eb8

SHA1
ffddb5e2adc70933efcecccc9892c5b19eede725

SHA256
f21e4adfdf978fc7728b9371ea74bd56cec700cde113a614a4f445a3c3619f52

SHA512
b69ceb0368d64a3b44fb7d35b94815600eeb65b860cef2f53783a03ad12966d0d5e5417c8ad727a6dd150dca5a5ee80e24596dea5a8cf9064082148b308ad2c3

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5eea716a2fb0e9d20f9e30cbf3de03db

SHA1
a98db9998d5ec05a2b400f4b8de84d8f5d64fe97

SHA256
b8bdce629677e58ccbb04bb7f9db04ba655a18c17cd425e2829dd765de6b4f52

SHA512
8688bce29a2b98ee3beb411d58694f489d83930d24ca186072637c69514754a0c589a36ea8f6891ba8a759c06536278d1b657b0898a1c37203b0efdcd3a98185

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
921bd315eda1aa19626f896b2feb66c7

SHA1
a48e4059817367e1fd73902ca282c689be8d0319

SHA256
9b6057afa7e0b61176ba8159d40411d173c198953115cdd82203cd55389edac1

SHA512
7c8616500af93254166e8bf1f0d0d5906153ac780386700667bb5836d31a2da06e95721d1e28f34ed1ec059e5b056c872e5659adf7adc747de3671eec83416ee

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7b59f6630351d6f1c1645981c876649a

SHA1
9edac3643f97285ea33ee8865203c1d49271fd15

SHA256
d3d45aeca0b4aa4e55f5d8f60fbf8f6d1c0462dc6d9bd97ad22cdf023f1e0faf

SHA512
7a02d5521842fdfcc210d53b5de3254910054f79d7100d4edef4991a9d1e92f804b5ddae4baae11b27914c0b3bc94f71aab81f45a7b9e9b9853a5f1f9e18b5e0

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e3f13c7d7678604e5b293f6672bc0ed1

SHA1
b16c998ac7ca1db79cd4983b207a292ac1d96e21

SHA256
486eb5bec4ec277ea7b334a0d0e431e5e62881d3462903e8294640edbe96b2e3

SHA512
b63bab85a373912587e78dfc9daf8b4168a223c7af08fb87de8140d66b9f35042052d2d25694e4ea7c9f2064107e5471318b6dcec39c4e3dc0aa352627fa09f4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
84304c6f313fd8ffb5cdbd766d45e358

SHA1
9441f6fc83763221b0f8539bc74acd7d42fa4668

SHA256
0fcc0895e58b255729b584bf2055697b9590dd87fbb026ba981f7943e333bb17

SHA512
1d8119a0ae682f1e9ebd7abd37a351f60af33f3156404141b002a11b79c76ce7f5a72663d1eaed0830413f44c41866e3802d888cfa3d0e90cba1fab47aca5b8d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0342080d5ee2609d638048abc3ee485d

SHA1
422d290624bb127dbd33e70f0954c077a9710a10

SHA256
b735682e4677c13ef811679339f7408d0a906d7c81883f737a93ace766531e25

SHA512
d9ef10a25111629f27e6a5701a8f434e2bd7682aa864c2e74b5d48f8623196ed5730377e90fbe5d4788d75d6e490785795d6f05c7d2b745cdfcc4457c25f238d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
ff541bb774557d01e2df82ee7d0223ac

SHA1
b4242afab8c02a198fbb1f3055fd4702b9b94c96

SHA256
4c802bb1a3f0c70d5bb0b3e40f2952f14052d8c5c4aac7c127a92e5daad46ed0

SHA512
cb0b90bfa3440793b5ffe5df1a05d5503ef8cdf839c2da4006786703c56dc1b48a761712099fa6efc980b2c4037971b6bbca5725e1213f92d6ea7c95a70bd8e1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
57f0b529af68eec68c4e380358fa2738

SHA1
7fc213ea8d648df4a910e348df6b0ce86f8fdf60

SHA256
fe60de4bc44d4fabdd08cca328735d11cbd2ab0e9ec4d6193a1d5b7bd4ce4319

SHA512
d5f7fd0f1be5e9332df451d7c3e7a99bfaa43982c2cca01a1daac35edb693cec093a0432af2a705345ef6681f3d2142ded1dd14ce49a99f831bdf6da5b909364

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
cccae5783ff7dc5ba95530e176fa9928

SHA1
48e651e4e8166cd13d58bd4b0b7051afc724317c

SHA256
2985c2331032ee87400b4054b6cc798b43d7d10bd433cc37743492e00dbc062b

SHA512
985204488b88bf0b33b8d932e83831240dac94bfb8099d13dc807bd95999f8f8312f5811e453910da9dce0b07c9fcfed70517ed246d4951c9c389895c9a2a330

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
803582cc777446776798fae5e998991d

SHA1
9e3d8f1924a0753eb265a4f7cbafab69f7c48abf

SHA256
d735d81d3fb66c584ade922c7cd749117f7bc5539ebc18ac21ccbf8cd5dbf1f6

SHA512
9fbfeef27fc08f448a732e8945e6379ef79748f24b47585052cb3f6a9ecc825248ceff3fe94fbeb5a42f444bd87cb6ce2ffe478cd11c861a64f0deb6b8ebc8d6

Download Submit
/data/data/com.systemservice/files/PersistedInstallation1077489320089588818tmp

Filesize
556B

MD5
cc0edbc440c7ad3b675375f41ef85d19

SHA1
d3cdf66add1114e8fc96546d1553dd2a9dcb1c83

SHA256
fd294eb02d6f2331595af8f017827c3e9b437b52916d154eba9f6779405c3aeb

SHA512
32b18d531a94c4fac7fc73c7e38342f7ccc4591afbd6d76b71a039f19005a7e08cc0eccf7b28dd4cf4087aceac4e37242ec83a0a99135a2e7e932c4a4065cca4

Download Submit
/data/data/com.systemservice/files/PersistedInstallation4105003504589999435tmp

Filesize
90B

MD5
255a566a09682c9e4e912e9058bd9f93

SHA1
4f9bb909c34319bbc6870eb01ea003c8697f222c

SHA256
665df71f5b18adab24360325fc764f92ed553d1cc24a2cbf4011a43091550eff

SHA512
831e6497e5b8e739cc620302036c7fccd3c0b950837ee5dcf08992cc3b4ee20c3d3e36d3e381f60046fb7afc0a6119b77aaafb480698721d2875b2e75b870c86

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
94d179b2ddf2f166db89dfe3815a8857

SHA1
b13c7d00268a08176cd350f08dfec6b3e0f6bb37

SHA256
3cc7b44962c81fa0adc51db8e48257f3d9458a01f918f19d0111d2384d79d072

SHA512
519c3322e239c03d7ffb9fae25152741f6be2dc4e022ee505c5041e58140b17e31712bb129d72a7dbec9b0ff61e57369b98bfb9a169d0f0a64508c3004615d9e

Download Submit