truthspy | 92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
21s
max time network
151s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
13-02-2025 02:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

10^/10

truthspy banker discovery infostealer spyware trojan

Malware Config

Extracted

Family

truthspy

http://protocol-a100.phoneparental.com/protocols

Signatures

Truthspy
Truthspy is an Android stalkerware.
trojan infostealer spyware truthspy
Truthspy family
truthspy
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

com.systemservice
1⤵
- Acquires the wake lock
- Queries information about active data network
PID:4474

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
c66ac8acff41ccd1a16a99b7e72883e7

SHA1
a65781f78e20ebb96f18fb913803ddfff28e94fa

SHA256
b99db609c8532bdf4b4f7c451548a82109c75f9518bb058a05e2af5e97560fd2

SHA512
31ba20e17f7926c3beb0e04f89c79583c3e883d88c0ff056b0c8f3f02bd804243d86b00fadf5f2d5f0c53e1bb7389035d52fe2b415f3b0455bca98c5b69e0dc6

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
3f30a1f4c2a55d3dfd9ace335ddfba0e

SHA1
cf0ebb21ae43e13f46f248f75c18b8fe7d5241d9

SHA256
cefb6497b6ab4852ca298b3ad8f2d5c96b36369f57a9c84374cddad77a5e33ba

SHA512
0de65b8639ea1201b31cbf3d1920a4762face33bbabb18d2a6fb12c5e94331b63ac7ab1525cb8024420224a40a5355c501dc82ecdaed24da1b361046caad8573

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
643c85c829504111dda1d2b39eb3531b

SHA1
d97ce5b18c24628ba10c8944ce91f99c972b33d6

SHA256
0c5ebaaf60126f57586b3c27c05807b98619277bd4db0c60d0662e751577482d

SHA512
13eda1839987155f4daa19eeb17f4b6f587662ea3512cfa22579f50968c9541f41f8f49e8b2e8d442e3702a69d2642e2a0b97ba021c9d0a19d2dedc2f48dc4c0

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
e8f3d743f4a5101a66c4b6a1a4eb1986

SHA1
84224a0e1e252d708d0679cef6c3f0d85f1f6cf9

SHA256
b6bf925f3555b7cc3b48cdb5b54822dcd512c7ebee86bf4861cb1b6b58f78f4e

SHA512
3b2b353d5153f489e71fe3087a8133130f1937ec9fef6c234154638a3a981c7227b013b618385cbe6ef278b31bee99ce9b64381df6c7146d4535931de22843c4

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62ad4a05cbdca7f47b3206b7dbda487f

SHA1
4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

SHA256
18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

SHA512
0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
63921b5e1eb0be950eadc95dad5bbb82

SHA1
1218986d2acd1a4fa53e4081356caa4774e56746

SHA256
215cb5737b4619507cd716f1f475a85eb677c0963a92b8424b7b8929672dde2e

SHA512
4e05c61a1ac206c55ec601fb9e4b27cfe70541e1be1253fe478cb772f8c658ae9a266b2ba75f6e35ae6011600555c8d9288874214b2a71471a9d5fb155527a0d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5962bec24614012a35693e0b9c17cbc2

SHA1
755db717ba1f68c17dd26ccae515d87e06f46257

SHA256
24cb07b65198c953d1e23ff1245053aced039acfaf2d4108c51a91cde06c6478

SHA512
9495fc2614a4877c9e4f613454398950f39e3734aeaa7c548db3f618d18aad081719c9350754a10d24ac3b8a8021786bd2fcead0ac0f2896bc8bc07ed3f47919

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9df5544cf879efdacb2d45b2e0ce1495

SHA1
4984daa0427f91405fc58ad37e37528734ddb1e5

SHA256
99b03a1c071a7332683c08c5d3537ffb29ec8255af94b92b260c89280e706569

SHA512
3f2c446a15959c34a3f6b722879b5fb405f798b990d7606eb766418d448ea35c9897db992dbbee3c9a0b5f1933b2acb824f3c8f65601cfac69f15c1e9032b890

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4f4d5175c66484af3b743160faf38c01

SHA1
71cdbe0697348a57e8f54c6debfc2861355f5e8b

SHA256
1222cb5366ccdce1e64429200fc6d411dd1f47e01df73ae24eabc17fb8fa6f41

SHA512
5389a27b17a85ac5898802a64cb7ee81834dd8d89703ce30e2a4990a3abf7d9fe44e444decbb4e8eb6f618edac47f6b6cfd2caf9fa7745bdcfd1a24b88b20880

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e3f13c7d7678604e5b293f6672bc0ed1

SHA1
b16c998ac7ca1db79cd4983b207a292ac1d96e21

SHA256
486eb5bec4ec277ea7b334a0d0e431e5e62881d3462903e8294640edbe96b2e3

SHA512
b63bab85a373912587e78dfc9daf8b4168a223c7af08fb87de8140d66b9f35042052d2d25694e4ea7c9f2064107e5471318b6dcec39c4e3dc0aa352627fa09f4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
73e03c476a11e844e1eb42f3e243417e

SHA1
5dabf504d5974269cb77fd8c09d3b459f6706b88

SHA256
357787bb68ab53369c1ed6d824a0edeef97f93880367f6a9bc195a0e3a6a21d7

SHA512
981cdd3b3c043cf0b82e2f0d1787ab8d4f2c005596a3eede86d2e824a6c713ed96175b379d07c565fdfa01195b931a7dd09033d259aca5a0f5330059967f6e91

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ccee9140df2eb7ab2050efbd8edd35f9

SHA1
22049f695eb52d71621bdce3d23680e309c2c019

SHA256
d8a40dbf29b61fa7ec3d67c598f664fde54ba75d4437672b55db6b032745493a

SHA512
f24b4d1d16e61bb7e9493999efc48344f0d2dc78f9573b5ec93cf2f489190fe95d85376487452746de23bd3fb5444f50e45c5d7da3f2b28ab5e1c1a1eb93f6bc

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
5905e1eeacdc533f22e963e1cd0c1f59

SHA1
71230ac5ed49a36d85660f42bdac9d56e95c0458

SHA256
dcc5e466c20cef7ff2eeeb4a74b9565f2826bd18050b6936fedf18ae0c702f00

SHA512
b0647555c0703a607711976a7c7e114943515b8a4245fcef017d1ccb7659ccaac4c3671790ca119d0e89f787f5f24745879f8f0d371de4af42986337d699f3ad

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
1e0d1644b9abb113e6faa67ed28b593b

SHA1
f4dfc8e486f35b8d4f6943fc2ca71d9634971ed4

SHA256
dbb5d7c80a491cf254fc32185d88b9d54aca61ed1b6d7985e0ebc12ec4384c15

SHA512
08bb08f8cf4e3aab4d7a5d6a1e7d2a67f2614d8cd0ef2949a0ff4f475d2dfd06faaa1b0af75743311d24a6f41bbbcbdd9b07d6694fc9d6cd2a5b93754bc92d15

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
342fc43733e5e83e5a3755154c24ce44

SHA1
a3e19c2da65d1b50373e742af0d12b305ab32ef8

SHA256
00b7917046b76fddc7cb74f8c4f052d3cf88569302d077c45fa1f4f117249c87

SHA512
abd5012475ee45d49b45302fc8226509da622367a02665247521a3298c38cb2980f752d973910f1a300c516976f7b05f9425c52dd2aaa7eb0cf58dd730e59d9f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d846aa33bdb1a870aeecde7f12e88b41

SHA1
c0d8441f1e2d55500ce5611bfc63b52a1fdf6431

SHA256
a6f88fc797c644efd1d41c6420f628531642cf448451eaab22422da3b83c6d95

SHA512
6e2cfc9a47e05729e7000011e7854c0ae4de73ee296f3ceb02bc4f81b10e32ffbf3af22e53abdeca35c708b728c23317e3b29573b65abee3dcfd6b2cb2ae071b

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3237573082702042018tmp

Filesize
90B

MD5
69704acfcd5535cac75911d0291128ca

SHA1
a5492a7ac00760c0b9e81401d93b8a9f1b721be7

SHA256
67013d030e0f13595de374d29b286e32c1df321cc65d3b26acc02da40655993c

SHA512
9ef934534a93ee2708dcb640e807879b4d0079e262a24c937af60ee2d597f1f1d2a05250c3f44d583e7ef1c0725aea55c9301eba5cb3eee9a1dfa94a47442e5e

Download Submit
/data/data/com.systemservice/files/PersistedInstallation4047112172924546362tmp

Filesize
556B

MD5
c09b278cae9d45d328cbb64864042bd9

SHA1
b3560f4c8dbb39c3ee03b471d6ce6c87c68e517e

SHA256
d873d22b672d4c0792c59196211a39ac7ed7d409a55466f4fd20c31f0f8232f1

SHA512
05902fec2c38ea25e90595b850ba56c9c9c825d0efc5b66a5669d9cc5a1bea2f13a03a34b26138a359908fc8ccc858eec77b6bbf6262dfef3d70c27d2b40a075

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
928B

MD5
46cb8a4e647598a82be55653eeac72dc

SHA1
0d7e8577783f0c4fb17353856c2da488e6283dde

SHA256
c122145e253dcbb6f2e9637b452398de9d6318688f06345b06f4e87cef4095f4

SHA512
61b40a2d1096f75747ebceff522de4118cb831b5f903d4af08c027e85d5ea62c0ee14d01c22341cac68b04a0d5fb3a2f430b5cf1925e9363a90fadb407d859b1

Download Submit