Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

7c44519e51...57.apk

android-13-x64

10

Resubmissions

27/02/2025, 17:35 UTC

250227-v6hlravmy7 10

14/01/2025, 05:44 UTC

250114-gfjt8szrbn 10

14/01/2025, 05:43 UTC

250114-ge4g9aykgt 10

14/01/2025, 05:39 UTC

250114-gctj9szqep 10

14/01/2025, 05:35 UTC

250114-f993vazqak 10

14/01/2025, 05:34 UTC

250114-f9l11szpgq 10

14/01/2025, 05:31 UTC

250114-f76yeayjcw 10

14/01/2025, 05:30 UTC

250114-f68evayjas 10

14/01/2025, 05:29 UTC

250114-f6m4xazpcq 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    virusX.zip

  • Size

    32.5MB

  • Sample

    250114-fxv36axqay

  • MD5

    a58b72237a14d709c6eea04b73049210

  • SHA1

    786a2d070ea75d7fd858ebd93869063fedd6d705

  • SHA256

    51baf4bc48db631e887ded88c0beb05b7a2f6f26ad2d122ee7c6cca6678752f5

  • SHA512

    978b868d4ce591570f722d167e14f2b6533d3b341bdaac1048fb3d1196ad26b2009269514d29b5aeb12aa75697ae556ebd3c88af1ed4ea00f8c83289fff7a9b9

  • SSDEEP

    786432:xDWCPFc6LHxrdAxglUJMtJg9GzAl8g5lf/F9M6GvHzn9:sUzjxrdAxxJM+l8g5lDM6Gj9

Score
10/10
slockertispywipelockandroidcollectiondiscoveryevasioninfostealerspywaretrojan

Malware Config

Extracted

Family

tispy

C2

https://auth.familysafty.com/TiSPY/printIPN.jsp?screen=IntroScreen&model=Pixel+2&osversion=33&deviceid=787b156950dc4fdf8da6d0edde78dfa4&version=3.2.183_21Jun24&rtype=T

https://auth.familysafty.com/TiSPY/printIPN.jsp?screen=Signin&model=Pixel+2&osversion=33&deviceid=787b156950dc4fdf8da6d0edde78dfa4&version=3.2.183_21Jun24&rtype=T

Targets

    • Target

      7c44519e51cc203cdd23f27cefe7cf99de34abddf947ba55951721725f15aa57.apk

    • Size

      3.2MB

    • MD5

      2f73a6fe62a8ac27d658f15b1dc9a287

    • SHA1

      a40118f9d9a54938e6e261ee242716ac3a761e89

    • SHA256

      7c44519e51cc203cdd23f27cefe7cf99de34abddf947ba55951721725f15aa57

    • SHA512

      480a6c820664ce78b6284678019671edacc4cf98865e335f9816ce84507c2fe42b765db5103e27dab52605f95c5302f58c6691a869e24876df1f396c4d966d89

    • SSDEEP

      49152:pVPh+nACbPhX9CR3WHZn0/dwbDnog36hR4F41RemM3zfhVzsv5w:pVPcnzbPhoZW5nhnnHVyRtM3znzQw

    Score
    10/10
    tispycollectiondiscoveryevasioninfostealerspywaretrojan

    • TiSpy

      TiSpy is an Android stalkerware.

      trojaninfostealerspywaretispy

    • TiSpy payload

    • Tispy family

      tispy

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Reads the contacts stored on the device.

      collection

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Acquires the wake lock

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1

MITRE ATT&CK Mobile v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.