Analysis
-
max time kernel
16s -
max time network
157s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
21-01-2025 02:34
Behavioral task
behavioral1
Sample
92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Resource
android-x64-20240624-en
General
-
Target
92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
-
Size
3.6MB
-
MD5
0366ae0abf0ada8aed90322bfe07dfd5
-
SHA1
2f0779ce64f02944e87674745cb446c5bc620607
-
SHA256
92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
-
SHA512
52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
-
SSDEEP
98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc
Malware Config
Extracted
truthspy
http://protocol-a100.phoneparental.com/protocols
Signatures
-
Truthspy
Truthspy is an Android stalkerware.
-
Truthspy family
-
Makes use of the framework's Accessibility service 4 TTPs 1 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
description ioc Process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId com.systemservice -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.systemservice -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.systemservice
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
56KB
MD57d7f02d3562c3bf6e66060419ce934f7
SHA141954b42f78e7b6ddcb6a2fa8c395d75e5abf29d
SHA256727dd658b7f9a4075d05fe06b1826e9afb382ab7cc851d6c6d53628181c16ab3
SHA512831264081f9d824279b24d59db969f06f3445c63e719b7f77dfd25d626d0dfd317063f389bb7659540b1f5fd1206dfbc2ff83e67f2915526c06f244042dceaa7
-
Filesize
512B
MD5f0796f70965afb6b27ba146f2b8c7999
SHA1f5a9eb64a1fc608a55b299658b486bf0c29c3146
SHA25619b5a27fb7fbaea60fd72b70608f6725b660b2154ce86e34881bb28788faabc1
SHA512c73be45c9d79d0b4c42e0b48a88ff3659b0dcdd85c21884ea6b66a3ab0334d6020387c2ffd5a23975621d7876f3459604fa44844dafcfa733e5f5cf8e4dad2ca
-
Filesize
8KB
MD5367999899e76854c96beebf9eb5081b4
SHA1b6575d70fb69dedd53b1e71391addc1f8f3ae859
SHA256e6cd27c73b58d39cc0b775730367e7d6585a74afc2f7357fed3ce313b426b53c
SHA512c2f5b53c586acd847b60e0bd2bee7365d22fcbe51e75fd84d3549725d52c606e923ff06d68198051a18338ce8bcb49bf0f45f358d765538265edfff5022fc5cf
-
Filesize
8KB
MD5610efec4fdc12420fd3d513a593467cf
SHA1c4359d5d85b57b4105b35858b15878518639cbeb
SHA2565b4094dce1049fb71f22fe16457ee0270f9a4e57b9f39bc275e6d5b42d1c26c8
SHA51209be682f635cf92d3e926c3dae4d56fc314034133c3818ccabe65fab4831923257e3a84fcf1251ff3f5ed8a48cf94eaf5e49baa6f9f00dc6185c724f36e3773b
-
Filesize
36KB
MD5045489a0639eee27bca52f48828cd93d
SHA1436e7966e7c019273c44faa4d8c5709b816dfda3
SHA2560151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e
SHA512c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e
-
Filesize
16KB
MD5eb52a90bb70b76e946b62f50b6f7fb85
SHA142d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA25648472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c
-
Filesize
16KB
MD5bdf8d56d0df9701882ba40c1b7c59e73
SHA16dd582a2a41eb3d0c8ef66b69c6da020d7136c5b
SHA2566fd77da7621d94e97da2d5d430645c4efd5ff90e3256d888d402f819d085ef7d
SHA5120f5af98156578ef501a0ef0b379cb4f74581c628426ad93c73ef5c8fe53f43c8cf3cb5bccbeb03c4e9e37eee7ea9a439acaa8c69f11b47f8193e92a5e8ce024b
-
Filesize
16KB
MD54b4fa516bb38da061491b9c9c67952f0
SHA14e22ec73d082124f6c31f4bd17e20492343c0ab8
SHA256632bf70ebff2a0d748bad94e6a12ff46378c90fc5fed9fa38ec4112f506ad264
SHA5122ada1519e851b4f20fdbb6c02779548bfb358b51ef97e2ae1ba35d7821b3e9470082673f4aca534e3359e6acfd9460c64a333272af0eba279aa7e97caba228f7
-
Filesize
16KB
MD5b3706150b4e0feee54f0e2fe0a03206c
SHA13f6be8b2e71590555f0b0672e635790e679b4868
SHA2564860f6449dc4746c4df291b62d30a3897d439ac4604a9618a205ecd8353ea9ba
SHA512850b9b1a55a7fd1e527c909aa26e1c12c01ea9f99a7f31c50c6e2bf8202df00cfdfc7b3385fd99d52d2bd6d7dd19cccd065dfa5ab42effb6785c160995c5e7af
-
Filesize
16KB
MD52a87568ebf6d8be3026c5278b2c68fa5
SHA18063a54dba37e3290ed9866ac50935eeb6549d75
SHA256198aaf969a0df12867cb39f2fea6c26424a7e9c297d734a3829b1c35956891fe
SHA512f949d54455d1adfef6cc299745931853b760eab18ded72c6e97a164eb3446e25c711beb9a057ed9a2dfbdec969aaf283203c70a84e96be35c39501d4a208ba25
-
Filesize
16KB
MD5f871ff700510a56a54fdd56bc41b7541
SHA1481548c8bc3254a00f497140278597b915460c48
SHA256ab18f3bb605f3cbedaffc75b2d5a03fe21ab82179d268331ea907bdcd32c23fa
SHA51212e3d348199566e137f02b63e4c8b4c722aa086128c0f1cea883d512075b8573d40d889d2b4452d9e3d9c02f523716da9775d93750c242a1a2d9e62f50f60fc5
-
Filesize
512B
MD53bb0dfae3ee2c6c4a5d1d97d14b5e7a7
SHA183b4f7a9727eb4a700fe0b393e2f55a522f7d715
SHA256fc75f25d669d1a2988fdbe01a9ef37bb9bac3a88dd24b80413b867141cf81655
SHA512842fc839d18f5635c68c322964e1c176d501d7a53a82bb450eca364a1671b310c8bbb0cf5a15743255da260cd7a6604e258c5a79b6145e7a0024562226c158c5
-
Filesize
8KB
MD54f233480c1e8256e15af86cfd31254ca
SHA18f734927e4e4942c576591e3130433b088121bf9
SHA25667ebea4962bd34db49b4c5b8264f9e769156d781de060c42536e706b7e82179f
SHA5124e6a84402de72ebaa446e818a2a7f742f491cdc78f5570c59f8e952864a72fa5ec6b4eff48569d14952c05f40c828b258986239d356971fc331988a6c507d240
-
Filesize
4KB
MD53b3d651aba14b54b967934f70731e10e
SHA1fae3147c17e56efa5ad5281a88a6e29412fecdf6
SHA256205387833bfd21dd906bca1817a89009f78788403160e28e65c1eaba155e6d93
SHA5128248b8b2847ae2c91097127d37df694a593d54b978f3f0552b0c651d15075004fc1b5b9f75d00c16ac19527f3b222b0ea69a1beebc9dc0d2d75ccce7e32cb102
-
Filesize
8KB
MD57b3eeeec8b21f72b41d511f5af815f99
SHA12692a06bc5535d5e5f5415669cc22418639b557e
SHA2569d75e4480970f63f9731ffb8e45abb019d5a11b2ec9b07faf720b760d2e957bc
SHA51298e6fe6e4f8c969fa6bec8702a4cac185c61b6dd34951efe18287634fd2467a6175f5057c713ef15fa5627b5c251bca25ee56b2c597d943a99a1d8630d6cc300
-
Filesize
8KB
MD5e8dc121eed8eef64957a1ed6613d9256
SHA1064d9a1e2a8ecbbbc69b6feb2b9b790ffde5f432
SHA25650fdb1179ac47e84221d908ac90e8ad2bf2fccc64dee23c9a8f240357804e6d0
SHA512450ac54984e6ed6f1539cbe12fe37aebc2b3a62a9d63ad4ccc994296102d958c8fd7e0fbeef59d20a9c33d3ef17c1c1b0582f06108004afe4847ca5824616b31
-
Filesize
8KB
MD51fd270c49d0e690bed3950511979afcd
SHA1cdbc40635d01c639e5da9860179c3e1061a39485
SHA2560d6bbaa5221bf9e102229afa84b0b1e23a091af2cc3c8fe8981fb25f3ca4c8ee
SHA5128bfce2a4de2200c45fbd0eea05b4dbded12e36425bd8ceaedf1ed9ce9f1c6fbe350b9577d700941bc8aa6351b81fe6875edf3b024452ddedb741a1190cb7398c
-
Filesize
554B
MD59b1cfe6bd4e5d18bf7716232b1e06806
SHA1a0d7233748a3a114f97de7f8a4e772394ecb8cdb
SHA256b3b5ba95b29fdbc92a9f275bb20ad4f5d6ae726aafc8cde8729f96b208fd764f
SHA5128bb8abff774e83c06b17d95237d3152481eaa32e145eff0ec76e13317d98c78c68350ffc244b3214cbf33ac82c34f1ffe1929367e572cf9d2505e021a82b3e91
-
Filesize
90B
MD506276be571e3683e088dfe2306b020bd
SHA1ee3cec0e372536efca4ac69c2891c332d8b039ad
SHA2561ba83696e85d9bc077466deacecfb9cfbb150ccc3c6adf948db720a8a62fe17c
SHA51251ada9278d2939e5b50578c0d66b0c2b622870afb3497f4554f27beea19495d6660e2f3fae1417aeb98f73c83fbec080232126ea0f7f8e1a727dd88602ef2612
-
Filesize
6KB
MD51d8ec8faf50ca3e825d9f0c0fd1d0703
SHA1386dbe8fea056c9f24e2c00388507390e7eef059
SHA2561c6a2f5c36c03e3e309358378222176890b878ff280353f6c8b9309fdf3acb2f
SHA512375c019c6e2c6315090b0c824afa00565c4e6f8f467ada75f925686a8f9bf47a38faeb22246739bea1886e2a191c8c39a010b68785aee6afd174e0fa7820772c