truthspy | 92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
22s
max time network
151s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
07-02-2025 02:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

10^/10

truthspy banker discovery infostealer spyware trojan

Malware Config

Extracted

Family

truthspy

http://protocol-a100.phoneparental.com/protocols

Signatures

Truthspy
Truthspy is an Android stalkerware.
trojan infostealer spyware truthspy
Truthspy family
truthspy
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

com.systemservice
1⤵
- Acquires the wake lock
- Queries information about active data network
PID:4449

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
170495b53c5ec96b64ed5d85d27429e1

SHA1
e522a04a89a57961daef9adf08a0755f06fee513

SHA256
ad33ae07e831628fdbc862cb965162e90899f9e88cad97d5d488f5faa37e280e

SHA512
b9bb7c870b5448ae0eb73482c8211d8e89a88413819fef70e809fdff01294d5f715055c46332195854443246b1536a1118dbde90597234e9d23935a3ff3ce89c

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
47b1603accb6597bb2b40473d1dc888f

SHA1
9d6a983e1ebb1602443b3ca124a9a818930d3651

SHA256
5a12b7a0c10c943e5d9f35369bc100fb2d8ebc599592b3afa7ac923a61d9ec6f

SHA512
f5a301c4429e50f05d1a04e7f13103148f481d20117f2dd730193b139d985ef2f923863fea7da78a70aa5a96ff1ba6bd3a4adaa6cc5c4d98b653b60f46a8769e

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
390ee3aebbacd834b4d2fb9aa6d6940c

SHA1
c56d3d33407995265655569e131b3038c104bd42

SHA256
209a14148562bb913ba1f44896ad76454cf5353cba8bcd7704e869132096649a

SHA512
ddb10165c5103122905cdec7c048b841c7641737a3b43434a798fa42910a14a4c4972424d20b4f8de0ea2bd73ea6d2fe437cd370eb5f9bb7a139bb5f08f7f067

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
6a96b007a7e5a90e56d894b7622d77bd

SHA1
fd98c7bbcaf6ec49d40942e1fdd2df2ce1ef7c70

SHA256
8591366d57cece2873431e0ae4cfba7db573b6310d9a00f7b59770b21b0648a2

SHA512
19348db44d3a38cbc0c2216f4d65d88bb0f70bdc36cb0191f836b5c823ee90fe8f2fa3d6a8e5d4e957813a0cc2573be104acd363c002487169157dec4e8eb02b

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62ad4a05cbdca7f47b3206b7dbda487f

SHA1
4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

SHA256
18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

SHA512
0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8a77442085981e24c10b57f1a751ca96

SHA1
a14c4b29d69e4beabd63f3e0503ae5d6280ba5a4

SHA256
651aea498024fc725f778e3b0e0bd7a6e94d01e58f14d9aadae2aa9ebe50dafb

SHA512
56cbebbbbfe3918bcf756d93a5647e22a0ae99aebc6596adb6b535a1221d0d5e9692602042db9cf5505d474bf664d8af8febd82a103648cae9420ba68c9ce73b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
976324b51216811bd10304bc387a501b

SHA1
b6a08ab52a27771f03098fa0bab3f57f0d3deffa

SHA256
578cec87e68ecfc1f1ec01ca264bcea6030f909d47f6d0ed48dae34a91e82b7e

SHA512
019766dec1e8dee5747f00aac46f382c2bd0ce05908dd4d24508c4c5dde02485ce56972c94ead743485d18ccc8c20e6ff623bf0f8866cb02552d5863b92fe1ee

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d59255960742a1a18b1c11a04e76d75e

SHA1
e2f47c7370fd676e6b7c5ed8e26ddf278ea47ecc

SHA256
2f7759d90ce249a58e51f04c9d43f57b5c8862769ab700eb7b68e46d6e1f7527

SHA512
e2707fe02636a38e04edd7a6f4f4dcbffb1385ba233bf00953b708db58ce64dc1fb52220c03ffc1f6b0af8e998070bdeecd01fb1869a894bb761caea1249169a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f6a6db76c92eaed0319eacff54f38357

SHA1
cdd405baf610c8e9d9ef527dce116210915ff98d

SHA256
3e76c1c87554bb2f5f61ca92370b185febc87cb51550873b33157d99b9dc8e3d

SHA512
cf02679b6d44b4392233f485f47967f44f856b6e383103a09e1d065eccc510f3f8f5c5c82bd2d85bc7077dbc0368a9bf8c157193647dc049f923360b92ad3803

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e3f13c7d7678604e5b293f6672bc0ed1

SHA1
b16c998ac7ca1db79cd4983b207a292ac1d96e21

SHA256
486eb5bec4ec277ea7b334a0d0e431e5e62881d3462903e8294640edbe96b2e3

SHA512
b63bab85a373912587e78dfc9daf8b4168a223c7af08fb87de8140d66b9f35042052d2d25694e4ea7c9f2064107e5471318b6dcec39c4e3dc0aa352627fa09f4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
2be8f19940784429b54dec70592addd3

SHA1
f9ba6442f585cad081038ad6753442a91a4cd511

SHA256
c1248984638d89dc9fb7d358d14a12b3bd10d1d806e628a2d4573589cead1462

SHA512
3dcf0ae3ef47b9b13cff741d26247759b3f6ff170e8f8d8b1a1c8dba2ae2717585183dd7cf4a1b2185cbed54a4937eb2f2fedc667faac6161143cb5cb13a3e84

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
fb41d81253cd6942de4d2d4638dbaf47

SHA1
08d2e25a1f20e6f5baf3888bbda48b1a53ec9efb

SHA256
899800011f0937152424d390ee98a0bd6c652b6fc4c8b58d3495b20f4429eb98

SHA512
772af2a68081595b66c8c4a9e56b6ad7ae42849b4b9cfecced2f83f0b07a3ddd6cb3d44083306d856007f7e4d3586cc792f2f2207f43a1ba9be4ee993df87235

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
00b32e3ec5ca6a2413f00fa6a2ebd4d2

SHA1
fcf78b2a5d1574638497009c22b47f1bf36c5b8a

SHA256
336776d52d25da26a0ca1158e0fa19405d715613570d7b97a066000fe4ea845d

SHA512
eaacdca7b0cf7cbc898df36f63eec8da56709e317f8b110328eebdb5fe781693bd41a8ea497c8e2f4b4b43c834da07af441a2a3e731c10817889934344251434

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
4a8f8592df5d05e0916e8bb451f2eb99

SHA1
7736f711e8bfdeb050d5e82f09406147abd84ee4

SHA256
2e5a1cf447e68c18c131144ee09cd82084add38e17e2828fb14a626e5479477b

SHA512
59f9b51f5a286e8e4c5320758e3b74fe4cbcb404204da20ab77027cae1df4f478c17149848677dc13ff0b3a4f8cd1dc164ecb4cb7778669664799d17e2e2402f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6b9b129e38ec844e4396931039055d3c

SHA1
31669fc051a7658241b41d043e077d683f72f510

SHA256
e747f144fe62e0b1ca6bfffc1eab7eef4275d00954968249410eef696345e7f2

SHA512
c2836334ee7a513d53eac1dac71c8a054ceaf1cb6403e25fc102d13e8cb5b5e4ad978325021cdb01b5c8554285e6ba7670663a1b2e19f6ac6698907a764104f9

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
61965ec82fa250cc3dc002cd2677ffd0

SHA1
e18ff3bed9cc6c6b6c59487175d2fd6e3236fbad

SHA256
3acb5943984af10bddc9ea84fdb17e84b29315c342209f68676004c0f55e608e

SHA512
e7354a225edb764f7d148f17a3f4187c5c532b7345ae23bbd5403ebaedae853a1a83e3f4c4a620fc9918b83740430b944a512ffaca8a796c1c19b96142b12e51

Download Submit
/data/data/com.systemservice/files/PersistedInstallation1053555981498287038tmp

Filesize
90B

MD5
e498ab2f8dda8c09df30c4bf6d582e60

SHA1
2cf03050dcb6719843e8d4e80d3a77444607a334

SHA256
8b99032f1df72e86b3a300d8e07757dbecdda0ef791f33d897b44d3de89a46e3

SHA512
8a22a1c477249e4ad2babfac9aa6bab4b710be4290177d556a643a6ae81fda08a771be8b5e4b1177fb94dc65c5a5d39cf74f74322e7489e49a17b2ac7ccc3bb4

Download Submit
/data/data/com.systemservice/files/PersistedInstallation5040340422131392074tmp

Filesize
556B

MD5
0313a954f036d7e641b572a5da0387e4

SHA1
eeddd88bc3b2765f15a0f49e4d1d9fe822558c8c

SHA256
5e11784ace5acdeb5f8715148c5af57faa5309eb2568a418dff36a15b6769551

SHA512
e8d0dc0d1b2a3272f20f15a2e4e8e74adc050b46b8da864bbb867117727126ad4190226cbcee3d61bae6b6d33ef67a7b87548c81f756e8bfd438dc9f7d24f83a

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
6361e8b363b1a41bbeac460a3c162464

SHA1
66532cc10a3c64753097d3a6d164e300a55bf2df

SHA256
4e86454db427d732e3a5fb3ef45d01c63aa3480c78e6980aa03aaec2452e62b8

SHA512
e5dcd837a129bc3b1efc5a2ed9bedd1824df748349d257c047a8168f81e95da2eb86e329ee79023621e39cdd598c925ac11c245b623d60558d3e6a20373685a4

Download Submit