com.ispyoo.android.activity.MainActivity
android.intent.action.MAIN
General
-
Target
Dilshod.apk
-
Size
2.8MB
-
MD5
84e73c6c1a69ac3f3dedd5119080f19d
-
SHA1
65fffa7ab8f7a3ff5154b6c69a3ee31186c9d012
-
SHA256
41752e7b3d8374ec74b94ebc258a0fefd3d41a44bb07a43d85546701afb50e36
-
SHA512
ed3678dab2f80bafcf4c80bd095829cf54088c72e6f32bac58031b0270e06d32e4729898fab250f194113bb3046c47f97965f8f728f292d33ba8e9acf6fe0e30
-
SSDEEP
49152:0V1yqxc7abNLn7WvcWgEhaj+10GbHr9wzWhcAqL4iR9YO791fWFwGOLV31+snp4N:m1yqxOabNLn7RkKw0GbazjL4ZOOFwGO2
Score
10/10
Malware Config
Extracted
Family
truthspy
C2
http://protocol-a.thetruthspy.com/protocols/get_synx_now.aspx
http://protocol-a.thetruthspy.com/protocols/getsetting.aspx
https://thetruth-db94a-default-rtdb.firebaseio.com
https://thetruth-db94a.firebaseio.com
Signatures
-
Truthspy family
-
Declares broadcast receivers with permission to handle system events 1 IoCs
-
Requests dangerous framework permissions 11 IoCs
Files
-
Dilshod.apk
com.systemservice
com.ispyoo.android.activity.MainActivity
Android Permissions
Dilshod.apk
Permissions
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.PROCESS_OUTGOING_CALLS
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.READ_CALL_LOG
android.permission.RECEIVE_SMS
android.permission.READ_CONTACTS
android.permission.READ_SMS
android.permission.RECORD_AUDIO
android.permission.CAMERA
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.GET_ACCOUNTS
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
com.google.android.c2dm.permission.RECEIVE
android.permission.WAKE_LOCK
com.systemservice.permission.C2D_MESSAGE