easylogger | 798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae

Analysis

max time kernel
47s
max time network
139s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
11-04-2024 02:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

.apk
Size

5.8MB
MD5

1398c9c6999be6f56f2364ec680f8557
SHA1

396c173b4c084afc3a2c89044ffa42a3f0e4dad4
SHA256

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
SHA512

49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
SSDEEP

98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A

Score

10^/10

easylogger discovery evasion infostealer spyware trojan

Malware Config

Signatures

EasyLogger
EasyLogger is an Android stalkerware.
trojan infostealer spyware easylogger

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	app.EasyLogger

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	app.EasyLogger

Checks the presence of a debugger
evasion

app.EasyLogger
1⤵
- Checks memory information
- Acquires the wake lock
PID:4271

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
2e79f980a30d629b1e4bb2550097c337

SHA1
b0bd0f17e5888b6682f3b974f9a9ca26421d99b0

SHA256
a69b4466263a1f8752ece86895bd02bc2333a0ac068654a497a91bdade065d67

SHA512
952c52a97d69e1f78b481d3dd444da62b53a859d1986969fd7541ca63773434ca3d53e7b11280dd630496f5cac76d6a188c9930cd9d5d101c063b23f38724e99

Download Submit
/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
be3d9fa34174e72f409930332ceda963

SHA1
68d05e4cf986513a0ae52743a80026ad22022308

SHA256
1ce447ac47bc2e13a599a5d2baa98a28d6ce6b287d7fdb47daaff4403491a169

SHA512
5c50a70dae51c66cf7e60a66f48de4501f4f12297303d93a4159cf2ab6d6bb8ddcc391c07b74d864caa0a614459f5bf00ef35d4fb2ccd3ee7825c7b3e07450b0

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db

Filesize
76KB

MD5
247a9a1ab8a9d50b768aea16f443ee52

SHA1
1b8ef45ad7df4db30e70051835585e526f7fe488

SHA256
6c414fa302b351eb7df14144c5c36a7ddd181615cb540f012ff67005837c9796

SHA512
6285e17579d1253b10f20e00f40aa8432e58a0e7b0b080c7ed52eafabae8f339f250897164409d1bc6512359557545998042fe41fca2e7b4ead85ab26918663f

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db-journal

Filesize
512B

MD5
811575092a599802c5ffb4cc008c5578

SHA1
6dc868dd20b8febcbc404c2b2870f357fb4efec7

SHA256
2a34dbb9b2819603279098e30e2d3231f470822cd9042742efde93825aa157ed

SHA512
535b557f18587c889a4413c1a352619caaf74421f0bb296ea333b6711a0af95fed9394e7fc0de5473c0fb76c366cdfc7e78b82ba1e291caa90751cfb58043832

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db-wal

Filesize
140KB

MD5
8dc62c4989b9ee36ab94a0eed2ccdc8d

SHA1
6dd8f3d63a26736160864360e3f7f86c167ef2a6

SHA256
0330cd63197ee2587c87ab9319d2a209f4e22896a4d41a3a13b4622b242fa5e4

SHA512
2d880235fb000692d45bf6adba1fa16bb93ba9965ebc755c8749f9ce3ee84edc793ee7d145987c0d88d9bfdbf7534e958a6c64ee7014bf5e456c092b8c21f9ce

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
d230778bd95d7a0533432337ffe94c1f

SHA1
c711bfc2089fc67cd0ac655978ba90a047dd7adb

SHA256
9303488af5fae30b8e2c70aee8b64f578e8b0406b1009f31ce6f60ec9adf8fb9

SHA512
62c6f20ac0580bff7dd39fed689bcefe25ada3306b196bcf63877205900bb4999d27c764150de2fe072a8df1c2ca5b59a70a4e513e64d6cf8ace7c333ea49796

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
53985f888d2ea72b14f6e775fbeec28c

SHA1
db04b9327fce3325c4a84d999c40d3e536973331

SHA256
2019a303999301ca35c5a4a48bf32030e979afa4bf2fbce873e0dd3a3048c6b4

SHA512
1886b5a1c1c10a8b53fed226a00cf34350c0cbd75b59ff9f2bdeb25318f3dc5f430f38e72d32f978ddeec3187e3b5bdaa818c5cb16be44b67276f75fadfbedf8

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
6a5be1800e68e71c08b2cb24644abdab

SHA1
fb9df72677080e53338aa176db2090fd82a4dc52

SHA256
be5fbb9be3d178a26954286eb6cb1697250adb7c84bd569b9dd099ca4433f49a

SHA512
0a39ac26f546801c7009093b931787ef565dad5d8440095fbf3342c438c38dc12e29b5327e8301a276d596cea061169486c66ea7f603263b70b39c78ecec4700

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-wal

Filesize
68KB

MD5
e3c075ef62ceb79583cea0deda1e59a5

SHA1
7b1efe71c70754dc8cc4f8d24ff9f47a2ee84442

SHA256
86410693981ec8b37d94e86522c54f1bbf4787824607026fc3a6a2c7ede5fc47

SHA512
8fe4bb96263e21e039b548dc3baf996e4c8ac9c7d96aadf7b110680f30f7c8d591af1f87a80ac82a19d481cdd0b9572885fdd00af4cff1adc7263a7ef9951643

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
efe7dbc795d13618f92aa8c72fba6f9f

SHA1
a87c11b974f5ee1501b926ecca4490ec429f2141

SHA256
0e28cc24330df787886eec9abe056c469eebd003eacaffc39e076eab9ab72682

SHA512
801693b8f07ebe52ec4ca924d11d93377be454f609a3e0eace090b097756f17cf9dbd1a301c6445bea036ad8316c3c25675ed700c9d4db1c16afcd4eef884a9b

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
03621fb7b6680bc48728e5fa6b89c364

SHA1
f0deea00dcc378984f8fd2cfbcdb3764c40992ac

SHA256
89443b1dd7477873c69af796425ff88fab0a80b433dc95b91b168127eca01fba

SHA512
0c3113400cba3e89b01627f409e0b781b9c682d157bc1e933b30268c68089f4514932011573d579e594bf86754ecb8068425c462797f8a68dc6ff4ce1dd06475

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6a8a0332b324382d0c4060182cb6f839

SHA1
92d70791f5bf3fd5ce67b8faf4d8f53f7965d532

SHA256
24f10cae5d7c05eaa6e3d9744c1e57918a84fb062a05e51cbefb72b39ad926e4

SHA512
f029e4e9b0ba31532d5d670aafba700571256952b35510c14a6a8ee568d62cd990b8f97133d81227498e8387fa937a69aaca38f3c273af4273a449a07b600bc4

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2515c4c38a8818057c518b181fe13883

SHA1
b38b2db03cc6cb37695da57f583d58aa8f473d0f

SHA256
50dabd362e30ca6a79ae09f945aa7aa7d68d91161437ab72564601ad033e25cf

SHA512
40bc3bac9d2b93687ddb468e3cef6d32caee06cccae18305e48b491fae5b03b348691d20b728ff3213f2e274046a2e722924ffb851a9473c3d91e62041929f92

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
87cb9139596742358c3c3c255a7eb83d

SHA1
4c828cd7ecb820c49388be23f7044752b2a799a5

SHA256
3efa205c621cf97960f5c1b691931bf0b983ceeebbf1833b6fa0f9b1391a1593

SHA512
7edce5c507f0c3efad1c9fbc7da751a2b11de32fb23e52f21d18cea525e1172ffcdf71198884a0a5c88d84e3268d8125815fe88f78743d9a2b2fb4982a841b2a

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
548516f99a2cebb91e410ebde7c09091

SHA1
371c5a8650f6db50fe95db9150236968fff85c92

SHA256
089890ab7c47ed67d6beabbf20fd78ac858d809026cd6265e75871ffb3a2c60a

SHA512
dbc8df0eb91ae7524d3deff35caa6aede5052dc84a4b2e8a63e789462a9e5ad302f886c7a1c22eff32e09b829ccf512e5b6c70e50a1e3d8434321fd6401f9bf9

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
02aac125c01519403393207e4151ec0f

SHA1
59a092d50ba8238d8208f4cb5ec178f672e10d16

SHA256
d111f5dd03f51010646b0e67a6f1e68acd5e8e600532d4b599b821722cc5d155

SHA512
274ad4253d5e435d826979be4917bf011d0f2e30bc8c97f0480e7dfbf1c5944c528e80ac53aa48c402d7507880d12836772637c8e38a51108f00eb7b8adb209d

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ca379cce14d3cf61e250dbcdb21d74b9

SHA1
1ad6810e6c4814d15f945d948949a182577d15b7

SHA256
8fa5045224fbe6ed58f17a47e824773f4198321597f5a9bdaa386a28f50a5f4f

SHA512
a1017d86ec3257ef3243771fce5887cd2545c7857c8137cc1a084b697c5dbbbffc03f78f9d0de18d2cd4f6b1e0fc4c39e55d293fb9369bbf279c54b6827f7ee7

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
6d210cef79c580616deb377212ff41b8

SHA1
db58d4cb4188ba9337648b039df510152cd50bd1

SHA256
09a5c02e2ab6a44dc5cb0abf1cfb7312336b79bfa95806749b12ec2c52845b37

SHA512
1a0438663b3f7c6e072a2652e1b4d89c61a16d77359f90d4b5a8356957d6801a323d2f53065727bad19ed4482fb7d7e69f5a5e4b1a4ddca28aa0dee6cf185831

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c2921c3576397c4f461d0f45688caa82

SHA1
89dbce54e970a9738352b22dab8fd254bc766338

SHA256
e4727efa0fd31638a59ce621604b29d453d6f0e06761a1dc11438f1ea971e81c

SHA512
e489f187f44fd890436aa2ffe0deb4af3c70355fccd32747c3dc32cb80caa23d91de4c00020bfcd8c1839f62aac8c07bb58f23cebb4fb1bd5b6400f897d1d0d0

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
aea28d598897de42a37b44c249621ff5

SHA1
a49c5f69c13884bbc1e9f8b9db8dbd4cf0be3563

SHA256
a8634b7d89b45f91e53927712302c523f767be4a33086b847fb99230f70c5304

SHA512
d200d17f5af2314b2a05cf9c973efce17a6ac348003e491d24830cd36e87720e30b4a00e045cb1188cc15288ed042779c525d72441772d9d3846276daf72b8d7

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
6caf1cd9e4de94bfda89b1795ce7421d

SHA1
5f3dfe9923ae72ad405b93db7bf0d3558f68a31c

SHA256
3c5526fceba2b408da6af69ca4d01e6ef0714661ad41e562eac33ee1ed02d9dd

SHA512
aadb22c3760c28087b448dd99eb6d59153d57f391e9da6c725ad377790acaa00b7c99f0223e24a17aa37c3d0291a13ce93958002c6458222ac50be7b7cebffae

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

Filesize
710B

MD5
40e02b095439f31e8c65d5db48d07bea

SHA1
269eeaa74ae371c01927452b0e83d501971de511

SHA256
80640f514c51efd14592e835ec2c3596c0d2fc53307dfffadad86d2c4958a849

SHA512
cac9659662ca8ad2f01f2aa4028497f0b964bec7996378cf3a6f95c094265d871899402613657cb697d08542fe131f5f93c067dacab245c97e523ed6fd2fc8f0

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-661744A70041000110AFB482255A5DA8.temp

Filesize
438B

MD5
6d911790d810622bccb808e6e8e5a426

SHA1
fe43bd607600910152283e8aea6e551579b38e86

SHA256
ecb6079081199b3d15a0c087a9d67e907ce64219c6113133ca8b0dfec8f5bddc

SHA512
d4413355f34a1be29cade2afde670ddf54756cc845c42d4e3a6e14ad6a58834e0a318b84dc78159a2106656ad975a90e65ace0da5cea83b10fe60f5471e82f3c

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-661744A70041000110AFB482255A5DA8.temp.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/661744A70041000110AFB482255A5DA8/report

Filesize
732B

MD5
af1236bc3e3c4ecdccd89d2d5e6838f0

SHA1
7780c3cc62cf6934920bcc851ab9846c26f0a42a

SHA256
bdc4a9dec5c59b3c35c77dc2a74fbaddfd6ca100cb20223d849eaa2d81c460d4

SHA512
a38862cea46b44832dc0d0137391ade89b79e7604caae526b601cb679146efa0c82f1b2ef4143b6e60a46bba8a253f8229b4f36a778ea89900cfe9da1f60f1ad

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation8375333544108387797tmp

Filesize
90B

MD5
2ffa2200fd3967737615c3a353ba9791

SHA1
f58544c77658614276afbac56bddb71ca3226d3c

SHA256
b065bf94a443248115dcb6e52dadeb03626ac6fdc42e4d66a0178e1dc1e36b3e

SHA512
3a5705dd18051f3a843521a6a811814945f3f03fad22448fb56faaadb5279a6f470b8c47cc973e75e919f88b33cce8e06a1ed4d5c033c0925ed670824716861c

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation88927201656361730tmp

Filesize
563B

MD5
6c6298514cd3900386cf4aa0d26b850c

SHA1
f90f541f82e00ec82ab662f948977dda666b7197

SHA256
549640aa821d07a3a9f6e0cd264fef87b34ab3ed8d4d91f5999fe3c546d88d7b

SHA512
d4b4a98facf33a20b9690e04ee9495fd342c0e5a1306138a5bf30834482c77f57d7cea2e0a1a49f4c740c151ceb93ccbb0fd64af7ff876a8090e9c5e7d57cc14

Download Submit
/data/data/app.EasyLogger/files/gaClientId

Filesize
36B

MD5
16dca5b1b40dc810f9fc81ccb8529051

SHA1
73980023da52374058ec70f19146518f50fb5905

SHA256
becbe7918157be8799af90444fa5fa2ec2f4040563656df9d2dbdee0b2deb279

SHA512
8381b0af40b1e5f3b70372d2bce54da534e7ded7744e4515f1d33b57311292d085224a38b591b3ba3f9bc7a96599526a934d817c92dd73b0a9845ab82eede846

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
1ae9738c9b33e1a5b3a489a8c753e419

SHA1
940b188028426467db4341ed04de2d4e6372fddd

SHA256
18b2559a7211d9d8e80dec7bdcdd6a996096b5573910f6444c60eef42db0e260

SHA512
2311fe3824df25253158ea4978cb3b7f0a659b5677216b6630a41a94195dc620e4b9f18c156cd72c4e39a10fffda9caba011c95532ca0b71d1b720200c30bac3

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
8a5900d6822342eb9fe0efab11bec8d1

SHA1
4d89f95fdc683f53b18c544aac20c4373f32322e

SHA256
a561c413195b6bc712b7137b616eac21ac1f001c7328788990ea3a8ccc96a7b2

SHA512
35fd4f9f39fc2d237c0f17534fe20296b23fd111b4b6eaca9c47cfd85c1c6d9a03e180e466cc31b172fc3c837355f1c65eb2017dbc7b764337272473be72052e

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
b975280d6ac11a1159db0dc10d96ff09

SHA1
05a28595485301021a891d26ba6d240df7fd51fc

SHA256
212bc4adcf6c85792dd71ac9ad2415d18a7899ec46db7351c7b918a16268f875

SHA512
8b4064add125f0b91d7c9a55ac7674c07b7e4573a6eea2fd4aeb44448ddcaad7f15f99cc895bbc3e4338d77636ba79fd713fcf0d80c7f6aa8cbeee3ccb4b1d91

Download Submit