truthspy | 92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
22s
max time network
152s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
16/02/2025, 02:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

10^/10

truthspy banker discovery infostealer spyware trojan

Malware Config

Extracted

Family

truthspy

http://protocol-a100.phoneparental.com/protocols

Signatures

Truthspy
Truthspy is an Android stalkerware.
trojan infostealer spyware truthspy
Truthspy family
truthspy
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

com.systemservice
1⤵
- Acquires the wake lock
- Queries information about active data network
PID:4507

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
6c611698400ce41033f5fdd165a36585

SHA1
858ac7bb1beb0379474fc111e2333b8abbba9c01

SHA256
373f75a354675e6c65c34ee126c9524f80f85c9b2764fa5c7501526040d5ce94

SHA512
d0a00910f1d07ec4bed5173ec2dab2a5cad426fc17340bfbd8e3b4ac1ca1ec18feaae7d0085a0b2bf2a1fb83c591951e65846d121929fc547cab81fd3944beae

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
83c532ffd7fa8c1876edcf2c88b3a06c

SHA1
f994a8fe4c82a08eb9240098a8dd8e6f237d38c7

SHA256
6467813e1b8461e49757a3d539453a17e284454f79e2cba79a2093ccb061f85d

SHA512
f2b818492056b802cc7cbe422cd1ff9e7f13f7b232ad345aac12980d1cde94c9a631686ca2f941ed12aba112dcb575b3e05efb7bd91fe3e98e6ef12fc3d69979

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
a4ab8ea1538eda436e66ec6b1e3633ae

SHA1
6a5cfc8b05b6cb897dc0e26cab78271da327a2c9

SHA256
8c19d1e8ba5989757659e58ba90ad6f5a24d95b7085010ab6911efbabb803447

SHA512
c8a46d250e2daf5ec27d1c32555d4ab66bb04e81719217e85431ce8134c7e6deb82628c32bec62f1d1dd98d33bb8683c492de2035e6b00ca03e6b63d1cf2a0fe

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
b02e381adeb0ca37d6e6e85ba34e4a35

SHA1
c61398a246674ff15b60b10a0d775eb7f8feccd2

SHA256
ed2c59ddb424b8da09e6492144111414d3ed7b96d5f265a0cbc4b57c81b0c934

SHA512
e6e44c0ef0fad0478d678631c21d3a16b94ad79eef0ad4d008ebc659d181e8d5c2cac1dc1eddd85378eee9da59c5d3f1373fd0b30cd4c96c6ee4e47d81a235f5

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62ad4a05cbdca7f47b3206b7dbda487f

SHA1
4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

SHA256
18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

SHA512
0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
15832e1a0094c5f6c5a6dbba27133852

SHA1
80b5a47c714d6712a62f310f31f3d0c45eb5748f

SHA256
091eafe792adaf16c08aec19bf8c5480ae4ce0f203dddda7726fcede6234f589

SHA512
ef8788dafd0259e5140da01390e47ba8e602d2b5b04c5f9e9fa201af1ea94410c07a98dbb26e0902bafe26c8556566e2afc6b62ee9d56d62a4751daa7a44ce6e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
872ae41b9652e1169339218cb25aea1f

SHA1
52659780830e285930ca18e2627d5bdc4267da56

SHA256
7242806edcfb4abe04a9f20c0dfdca35eb258ae91e0471dc810aaa232f35f6cc

SHA512
4dac4ab52d351b836f77e02be8e05dcc16f480b1d39f2ff26ef1227a6859e0e7e21b781043a65ec348bdaba0f28729dc54c3f7ac2ac6b36c7d06f621e964dc1c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
59365f29b56ef396847e0175f7a4f0b0

SHA1
0c55445cc30aceb050c8968a60079555ded71c08

SHA256
13b321a49e5311f441eefb121e5070f9d39cc9bfe4683a5c24b7a23e59cd18a1

SHA512
ab9ef20f73b9c198ef489f4be287c3c7566afd6f7f1f2fea2725f4da6e645d13907b7465caaa352c3e6f9cb47f6d66ae148b66be5585c3ff49412b0198a7f2ef

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
942d563d5653c7a1b25e6060f3d18780

SHA1
36431dfdd4a452f37335b1fa9686e24139b33584

SHA256
fa0d45475286f824cb5538bb83e51ea49c71f773f81073aa501676713e230a05

SHA512
bbc1b67ce7f31ad4ae15735cf1d54aa2c919893d6bf1326c255134b9de9ac62bad9e2f649ec9213e03aec06b593f7085fda996532ffb4591b0cd8effb3afcee4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e3f13c7d7678604e5b293f6672bc0ed1

SHA1
b16c998ac7ca1db79cd4983b207a292ac1d96e21

SHA256
486eb5bec4ec277ea7b334a0d0e431e5e62881d3462903e8294640edbe96b2e3

SHA512
b63bab85a373912587e78dfc9daf8b4168a223c7af08fb87de8140d66b9f35042052d2d25694e4ea7c9f2064107e5471318b6dcec39c4e3dc0aa352627fa09f4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
bf309a53f24af64fa8fc240ef6dd7959

SHA1
134ffe0b557b3c3ff7ab4fb1dd82082044fac5a6

SHA256
bc46a56acfcaffcac792b1d8fd09c2df5c3cb3ef013578376827120c5662a70e

SHA512
e43502841d64b12bb61d3e0b4d179bfab67cf7194c553e4332ef3a62600b3300a0482d05bf9d31882eaa6b1cfb4b38187bf6b0856b545f1f326ab277ebfccbff

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0106b43735a84c40205d82b97506b85d

SHA1
32e11a6ca0669fb321d416f8f4b0509ac17ac0a6

SHA256
0b0a8c192bdc7c1a421f3c61a4b58b64cc8a2275ec30eabfe5c78e7ea057de74

SHA512
a96836da17bfe937c409204454b00e32e7bf9ca2abb008c69c51832d5b580236a4861daf51e2193daefffd0ac3fcd882113be12d7afa919448fe567cadf3583c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
916284c64f9529c0c7274920d27a01e9

SHA1
ab1d113bcdb5b53e7f2159c24bb34181662d9903

SHA256
dd5f9eb171faafeeccf285917f18bcba0ed2991046c5933f65d0be970e425754

SHA512
3700e7ea6006083c995071d351f422b10cc612f9b852fa42480ce31c53887c41130442451d2aa44e317413f340431961bd5c480489bb689cf4341fcd86e9fb3b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ae0367ce54313947e17f76611ef2d690

SHA1
bd9e5881c7eae967a1b0aefa8bd080d3a78da2d1

SHA256
d19849d20028ddfdc21a4b5b3c60efe96739ef217b44512bcd15f778f55f57da

SHA512
d565e2605dcf3cd80d25d755b178a82724f4088676e1c3a21fb064abf487fb4d2d8638f91cfbbc7695a3daec014024288b44b574364b98ee7780bd0a9b3c1718

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
225deb8bc0ec5d7e2be1c04bde8b354e

SHA1
bf5fd93ded900cf1ccbcb642156b37121968a896

SHA256
cb02d6ab9994c5dc52216b12a3b417d3e7c4229041a3ab84e79bcb762330211b

SHA512
5214917df39c1a19246333aa604cab7cecf67df90e28d188b996e1c17bc076fe7dcf9c0956bdb5347cde91fd676cbb1b0ac57923edada45e028b5a20161f5150

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
222e44c791d8704b718b5267bf523f6c

SHA1
d0bbf9ebcc9992a9c7423251e64c57da14426d8d

SHA256
f3821122e7209af79f125d55bddc5ecf2a67fb2d78fe0d22492b231c8c20b3bf

SHA512
78b8c905e6e78799e27beaee19b6c11cbb48a3ce53c87a8433fa6a1b5e1c1c5cdb296f346312def2c467b4f787b1c24f53882c12072f1096d48b8d653ecac2b3

Download Submit
/data/data/com.systemservice/files/PersistedInstallation6980809876115088489tmp

Filesize
90B

MD5
270a42ec5589c5979d5c954aac1616ec

SHA1
6cc1b90d73a9776ed50102a1e35f4fdb8760fdbc

SHA256
4bb4fd5e3158258a2873406b05bf1535784adc2c1292b6c9fbedc0d34fbb7035

SHA512
9cfe7ccb78d9e071a51dacb368851c359a222820a1b1b786e2b39e24dbfe9fca68f2788cab53718f255771d68179d46b08d57e985b610c869ca4ed4c284998f4

Download Submit
/data/data/com.systemservice/files/PersistedInstallation7716826373079646240tmp

Filesize
556B

MD5
7fda6bdbd4c320fe5c83bd3549dfa0de

SHA1
379dae5deef046c96df0b7107217e26bfaf206b0

SHA256
c27568b72e8752e905d80034dfdb934920476c40d63a0e968ff6701d11bbee95

SHA512
f99e30c72e8d75e6bba8726cf642a61486e4456aabd8e7333790e3c8ce5380627635c8e590e0015c52061c830482237a6ecd8d8517d0853d4d7fe9c3eeaf81de

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
928B

MD5
b99c6eb1cb0ee8d6fcdf89788fdbf611

SHA1
fc8fad44073237b4ea18a97dc59f04be780aa030

SHA256
9f8a5856e00fabd63a861f01d17c6f2cb87c68b197faa1e1f42b5ab3a311ad4f

SHA512
c57b6a6de91c6025451f14155c4361ca0810e9b527e590d418d35e12ab39adac93436deb0c6110356fed222a5d1ff327f29a59b971fc3408fac807ba217ea3fb

Download Submit