truthspy | 92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
22s
max time network
152s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
04/03/2025, 02:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

10^/10

truthspy banker discovery infostealer spyware trojan

Malware Config

Extracted

Family

truthspy

http://protocol-a100.phoneparental.com/protocols

Signatures

Truthspy
Truthspy is an Android stalkerware.
trojan infostealer spyware truthspy
Truthspy family
truthspy
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

com.systemservice
1⤵
- Acquires the wake lock
- Queries information about active data network
PID:4507

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
9288073e3c6a714ae169a7c4e6e0da33

SHA1
2f8e4d270024112d38da401d301c756a8f3e8a77

SHA256
0f51040bed4f0419c9e2392ac8938c95fbe10d261ed4db784697424095e40226

SHA512
3acb9af828a13cf4a7e7aff09151809738e01d5a757afd8d9a9765ffa330a2e3e2f19903a0b3c40b2054fee03fbf7e66ef21d48e1ec4d35c91569c20fc6d04d7

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
1473eeb153d7870a8f54b0d2c629ba76

SHA1
780f4f81a42652879fe27ae629da7a5e9e6b474c

SHA256
4e14365b99f5b617348fab967ea1dd53705e9b2094e2c98302912943d6a2289c

SHA512
da988c8ee49e1e679af61ee60826f2e94bc08da7936e1fb88c6d6d9446bc6c5f6095fb4a759a44a3685a2df80271fbc9ace013b25ba7b5bbda003f6adde370fd

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
c6b993cdef4516fa5cbacb6e3dcbf231

SHA1
b4fb9cb901a50a4ec037aba1fcd790e78f2a3904

SHA256
390b6472c56066d3eaf7f4c50772c48b9eb933a662c322fdcf54a5bacdf3d3c5

SHA512
772940de61754083a55a85e51d5f99fb9ab873fb9e7fdc8db93eb1f5c095353a3f925a1c897f3116aa01e52bb88652f2ffd90c2ad03fa67b0c22e0f5bfd97626

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
c789a086cb96e866f12924f3e89b4fa5

SHA1
5358cca4622a3a4f4acda109278b92411c50f747

SHA256
ca624524700b9124df094a306eb38a36e84ab7d6bc0ae221a85d151c4b939148

SHA512
7aa0a6db5d0764f51628778cbe2ccac9730dcbad63d82361cba38921068ae6df7a6136e18b10633be4c360a65048d355b298c21cafe8a8f06cd3467d57991052

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62ad4a05cbdca7f47b3206b7dbda487f

SHA1
4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

SHA256
18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

SHA512
0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
88d6edc5ba923f4e3ff48efc86338108

SHA1
73bf9d7cffe52a10b96907b89b584cd27c901d6b

SHA256
21af5411b80439b1bf8e37546e498c984111f2424e3e68bc690bb4ba7ecf0383

SHA512
bdc72cae1e44b9cb0023c3e23c66d3111345fef1ce9d047e40f30311da1d49d582bd16ca357398a1b76718eb9614ddb1ffec9647de46ea91601f6bf37703de66

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
67d475fb9d2960f4d208c1b3498593e3

SHA1
95502618ac346b60bd647044755a7db7f7256937

SHA256
526ce9eeef2eb096fe02ea80cd8eecfb215366fc3580735b34251aa6cdedb1fa

SHA512
c749bab89628d08bdc5a38f5616126ce647e63d85a940debc3ca13d62115a77f17c4d37e1593be6ecad72b34d6d007ab20c1ab208f6495b052a2288c3f919567

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c48cbe132c688990ec72df5aa3f58060

SHA1
3d45408298e7fcc6f83d4454c35f4493f9380fb0

SHA256
cadc9ab571caed1eaafa85794c7a229c9fa6099abbd6d9c7616449c5aeaa1246

SHA512
388d33909e0aaf05f2396a4feffa33ad91c8f5fe64a17d6d02f87d8a25f21baf4b0e1e3b133c5eccf082719e7a82ce28ab831839c7dd6507690ad519d90cf33a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fe2a7d5fa26008dbcc888efec338af94

SHA1
6cf49d7810076b16427ca1b0816241753a7f6339

SHA256
c8a8517bf54717e4f7267075c3902b5c18629afff8a073d7196b08ed6832ca7d

SHA512
79859bf7685fecdbfa791f7c90af8a35278ffc489fef85a26bd1d0dcf5eac9eb127bee9c321f80bc41363ea9e6b82bf6c2cc0a4498bf452e59c9e166a63c2105

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e3f13c7d7678604e5b293f6672bc0ed1

SHA1
b16c998ac7ca1db79cd4983b207a292ac1d96e21

SHA256
486eb5bec4ec277ea7b334a0d0e431e5e62881d3462903e8294640edbe96b2e3

SHA512
b63bab85a373912587e78dfc9daf8b4168a223c7af08fb87de8140d66b9f35042052d2d25694e4ea7c9f2064107e5471318b6dcec39c4e3dc0aa352627fa09f4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
2b8ef8e6b2c56b7fc6c988970dbc46c3

SHA1
b7ef436d47469abb4b89ff8c772183ee205f2ca3

SHA256
d877a4123609388024fc02bdf0d0f659a745fa33b1658df29684322190dafa99

SHA512
8740eaf9a61dd3a2475da3f642c5db912b4ef3e200e100ff01a6367d558caf181ca0b09fe4b5ac44b00b7410f944a0cbe78864a60b86b07939322a1d66118648

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
595dc7197c11596fe50b427c50077f3c

SHA1
3b4ff0f55f47d12113ea21ef43287b328ac8c095

SHA256
0986cacc2cdf07fd3204174ee89ab21b97167c9d7471ea0ef6b7b21a29f4badf

SHA512
9f81f791cdefb36f32fe12942a656a1b1af7c71b9a7f0c88d3e18e27d0858e1d96dd1ea959d074693b90b5901e09ad7cd714b8a90f8f213dbc585a2f66dfea6a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
73013499d5198b404391992dd2aeb2ee

SHA1
6535b8c28200b6f8a35ad7c40d136c31fd815dd2

SHA256
e5fee8fa8a86718b8359b058e8799ee7093b0cdcee04b8d2d046239c8d48d511

SHA512
95e4eef1d11eaff5c76b3f708fc3993f92b0f36ce1b837abeab3972bfc70da0ce8bd36d4fca74f6fd76f4b68e6078d4dbeb81643a92c2c53b15639decaa1fc34

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d2b87b284827819c6c0d361b9c097843

SHA1
1f87afbeab47034bb6bfb7a0a270b1b4bd317ebb

SHA256
181cb549c6ab695cbaa4e453a7ae00715d580e03b377c0090fa88f7d677896d4

SHA512
9246c87c37596418cb57b8d146e8199430796ade8d91f5f0ddd548c0878160492d73f02408e017eeb08006db791c4181bbf1db48f8ef44330b06bd368a16920c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
f30c02e26c8a5faab25222411773cae5

SHA1
cb2940fa5e664440e8a3e3a5a6806436a4be6106

SHA256
5847c6791b69f6bbc8f4969c3cda0ea45232baa4b4b81c85b7f0d5e46d14f351

SHA512
ead57426486c9c7d5b224f2cf115fa1110155b158bfbe862ad5bf7bdb1a056d15cb22e5ebd9337a840d65a31e8edc036b05832549abb381750fe7955e30117a6

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
308e57ad7e2d8e1a9b6d49a4a7388ab6

SHA1
abc6fdbfe07a68f92cd5695a0201cada1e73f298

SHA256
9407a84e7b07c9150dcd4eec49240eb25128b5a5b551c6b2a3122254a5dad4e3

SHA512
1072916a902c584ddeb14a42bee35ed2f35dff5534ce4651e466ee6c9ec07e782c7eddb9a8e5c0df58b50536bf9f29ec1f668eee322cefd9a8eca1fa543d2508

Download Submit
/data/data/com.systemservice/files/PersistedInstallation541249592374059291tmp

Filesize
90B

MD5
e0864131c007652ed5428f8b8f155964

SHA1
d48c6da5a7cf64739153b77b67cf24bb33a51da0

SHA256
6a0753097a11bd538a8a3c401adb75d26ca7bac59269756219ecf37b1b177e72

SHA512
30efdf1ab07b5c2b0109bcc8c6693a6f5e7342422e802a74b96c955ae1e13161ccd513edef9d52e80d6f142ee8b3182ac331f669a53f0c11c767f0e62919346d

Download Submit
/data/data/com.systemservice/files/PersistedInstallation5929227109249000528tmp

Filesize
554B

MD5
bf59b84d120c41db812cf9f7a8b15f16

SHA1
547e2e7d0ecc5aa4c7ba8bdc54f0c4ab3b1004c0

SHA256
518649dcc6b9b3942e4b774e26046510a703ef6cd2d1e491d3519c051b15556c

SHA512
3a5ba70b8619ba5451dbafea6933ef4b851765c6e3438e44fd3ab73e4adcc385330c3f1e25150f66f5ad253b9784ec9cf5b4022f7f1b9711c8b6b3faae59fc4b

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
3a8d30f5370e8f0466a9b5f3c70a0ae4

SHA1
59102f19104e516cc9c56d81b7359b500e3ebfac

SHA256
11aa503fde46bde1d30e5565584611f97150fe449cc69710c9137fc746f03418

SHA512
fd317ca4b64525fc8bb5bdb597777633f7647298133eb4a557c1d682f7db62d010d8480dd24b2f0a0cbcb5781c0c4c67461a1d763d8da0d11298d86042df6bb3

Download Submit