truthspy | 92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
22s
max time network
152s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
02/03/2025, 02:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

10^/10

truthspy banker discovery infostealer spyware trojan

Malware Config

Extracted

Family

truthspy

http://protocol-a100.phoneparental.com/protocols

Signatures

Truthspy
Truthspy is an Android stalkerware.
trojan infostealer spyware truthspy
Truthspy family
truthspy
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

com.systemservice
1⤵
- Acquires the wake lock
- Queries information about active data network
PID:4487

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
7303f5df396cf55bea187cf05cfa10cf

SHA1
13858652e393f349e183ac891a0982f7835af168

SHA256
48e12828fa445805770e146fe4f47f26c5d04ddf2fccbd6cb863f288d86f3025

SHA512
aabc4552e459e0eae5745aaaee6dd11e0666201d44be2ff87cf3724ceea55e99c4b5f61155e2057785cc0397207178b0b2161dfe7a8474b31c864a2d488a5806

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
fd20e7b1608ba4b03cab51c33a3337d7

SHA1
0b395ed4e19a5d0a73dcaaba81bfbdafe02eca95

SHA256
4c931da1e42f738ed127aaee5cc1c3ebc00453bfcbd668d2ca530274cfcefef1

SHA512
0139a4cdd0adb71df38fec9ce2ce1f3ffcd888ef8d2b3c28dd54ef5b70e019be9649186a76dbb51b6c31f61c19aa19af971d7eeae10be5f9768d4a1830bd8403

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
aadf9ec9bd6152dd586d8b1eda172e87

SHA1
4fc08728123fdd3e063352d9d5c00e3ef912b4ff

SHA256
be46227c99d04aa44cefee8b96dc0250bdf35f3955b1852d829bf18a2c1c457c

SHA512
9fe6eb3976bd3eea46c5316c727c05cb51fe0745a45260948ea721422e3f39dc16aada584d26e68d71f95ef9c9756587951de37a791582b125ec7e241b2431b5

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
e939e4b84dce9a86bbdb5deb33427927

SHA1
dd599c7028ca0da4cb45b57e07465ba64dd4ecb4

SHA256
2cd2e1b1d6255058e5c70282d5a6ba8228a38e0a7b911f349cff1975d16648cb

SHA512
6d776d2beab54c0dfa934d261afc7805fcdbd47fe36fe76c3d670109c0a3fdda9629571b67cf160d09655aa224f6ac98a57914819c2ceed3da78273952e8c773

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62ad4a05cbdca7f47b3206b7dbda487f

SHA1
4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

SHA256
18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

SHA512
0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bed634fee3d7040dc1f3b3c5e1f9db4d

SHA1
44d069765d2bf0b9fb3c067b94c40b5d265fe528

SHA256
f98173c0f79605b952392561edc5ec6211b59cda5a7ed9d6fa7f999e12b66b63

SHA512
b8274612fc537b3dc151b79b1a43ca2b4c47c61dad064c29f2437b11a437dba89ee5caf9ec914fe53db9b3aa6a52748e3964ee10dd309a63298bc6bebf187b8d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
17d2a51c9adb9287cf383cf0d5c392e7

SHA1
3d4f19dc18333c2a4e62034bb6578e60e6421bb2

SHA256
4c4174e6c6eff7bce03e8967075ac1b8970e00bef81c5c8ba9601409a3dcd441

SHA512
a683a9fa5baf04a9a3ad0e5d2e3e358287a5aa665055ab1cfc0bf2324be278675eef141674b10386a2f04879580efa46597e438ee049805dcdf6d1ded46cc9e6

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e733b79355355af8183d76d3e51e8714

SHA1
b2daf6da06ee7f1ba74fa3c23b3d5fdcd989b17d

SHA256
1fcb617e1ef634090be2850969ec76ef7fba99c1d077f44b0e7f577c0441b6a2

SHA512
ea164cb5b71573694b7b82561b2cd17faa0c163675e837d71e595c583c26dab8e72556de27067a8fbcfcd41ceaa37785c7c1bdb079660195712eca075ec49d8b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a37e806a31cb8963d9b93e6050e6ef4f

SHA1
23339d66421d8fbec2c8081fba5fec9b18002e99

SHA256
cc65c636ea8869290acf7f1b6e2506301bcff8415cebae206b7fdf541fc726f3

SHA512
2da18a2319e897b642df7e9da9452fd5b97d28a24e8a76490b6e61696632c0f8cb9e52837b21ce27d2c493fd59d614076878a9790636455b57c98d7bba17c4d8

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e3f13c7d7678604e5b293f6672bc0ed1

SHA1
b16c998ac7ca1db79cd4983b207a292ac1d96e21

SHA256
486eb5bec4ec277ea7b334a0d0e431e5e62881d3462903e8294640edbe96b2e3

SHA512
b63bab85a373912587e78dfc9daf8b4168a223c7af08fb87de8140d66b9f35042052d2d25694e4ea7c9f2064107e5471318b6dcec39c4e3dc0aa352627fa09f4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
25bdac8b85fa23c16466f143cbdea310

SHA1
33d0cba6def10808ddfc4e36100050758d06b6f9

SHA256
750f4510ddb6941a68b423191a504b1678c2da9ef9621c4ccb3562b2d478b8a4

SHA512
6e9472540f5ad475789dd3541e689437c93116c38f4e108a1f7cc91ee0d04a1603ff1a0bab7b5926a925b23f66791dd762de83863d7f957c0e0e43396d33904d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8ae94250adce6ba502f3e870bcca8246

SHA1
935a9d624aa50f343ec2ae41d7f08684cf17ceb2

SHA256
d6098a6969696556f561daf9c7997089f32fda40315a78de28515f05eb339416

SHA512
fff9ab9ac12e2cd7aa8c325ba3d70bc3f3f9f65dfa289e176627fb5498e91eec658792f41cd704f234b884f30b08f1719d3890d607e256a84f0ff3afc8d8a9f8

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
e9628e74c3b1a17fcbd4070283bc3e92

SHA1
5fce10952409d4513b0c830815d2d039a0949dda

SHA256
32233016763c7a677b2b2b3de84055ceea2adf362a66e5fbbce4a43610377b05

SHA512
6fbca310b8013702e94f6782fa6d65f896cb678807ecbfc7ec1bdd3238c56ce0491d9df21a13e201d72274c430ca056aae5161fac622c4fb712b47590f5285a2

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
5681d9f3bc7aa42311aff3b63c34a9ee

SHA1
61efae4b3f1141947df2c7ec222a371f10193928

SHA256
79ffbe90c5931f5e31b97ad7ed2531b406f8a3a80f18e094485076932ce008dc

SHA512
2c560387d87c1a267c93a1ebb5f2eac95958605ea236cd42eea84942d6bc8b757858a9e421520f64e2d11868bd4be8b1d00686923e848d517696aeba879447a9

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
e86bb17b0d6857b278ceca12928be432

SHA1
68988ffa5bdd9b94dc88703e771150c536eb7565

SHA256
e587b9fa2b4134d6066cfebeb1539aaf9884f270fc98c26d9952d4283f1113e4

SHA512
77bee36a78909e8dbad8f3531344987444d3bd5bcfe36fddadd9c4c02c7473023932ef0c0919f88761b199994ee3dec8c6dafaf858b4c9f997d9470985e88d7c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8bb321202eb26bc6188417ea4ff6f6a1

SHA1
f7075f52572c10e3ec9fae96005976a3a9b355f0

SHA256
77ab9d653e188b1da6c1a2b06deb8f764f0e55235cf11e194884535831d35c23

SHA512
1c93a5d0ab2bc6ad9050d72a2dcddfa9f141f71204ae6c7cc2840cdc4ef48e232a3471f2bf701e41a1f9f7c2750ae7b9b27669182582cdc41c7bd1a1c8e101e2

Download Submit
/data/data/com.systemservice/files/PersistedInstallation1322795685807138425tmp

Filesize
556B

MD5
07e2148df190feaf6badb9c6f83ef00c

SHA1
74ff28c6b8b98c88e0f7cf5cc7c72959445ebae1

SHA256
bb6eecb39809d814a52012edf3f5ea60cb6cbbda28e93630bfab7e375621700b

SHA512
0880a8c5c402f802813e6b480e359c1d77b17105d19fb169069da4487fea35d20bbf1138c5ed87f5afd23ada2ff483c34d2d5c115cc9351bc6644ab34d9f6bdf

Download Submit
/data/data/com.systemservice/files/PersistedInstallation7342289211445918507tmp

Filesize
90B

MD5
ff56690eae3e81d49df36fdc7e2edc03

SHA1
38f5dc063dddb2039e9d4198f8db88a82a6b2dd5

SHA256
9d15c70c3f7b35f5767844cebb79ab18622a721a7b044efd66ffe97e9b2a52c9

SHA512
115068385a4a763862492ef0dc40b3e1504e038765bb498c1f50441bbc3c36a17bf66204c017bdba7717dd101d0a1c98b24237e15245fa89c3a319a49283a736

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
f486ca798d8b144b0f886c7380c03dac

SHA1
6b625f2fe334b1159fe686e9658b03bc783bd1e6

SHA256
81408bd87871103cc84783e04a1c0325d71ec8c315b0f8dcc69eea133b5487f3

SHA512
dd7ad8693c7d74a46084e0b4d1f95daaccf324f67711127412351d82454da49c4ea15ae528a3820ca5c21249a9ade8e48e25efa173109030d08d971013360a00

Download Submit