Analysis
-
max time kernel
47s -
max time network
139s -
platform
android_x86 -
resource
android-x86-arm-20240221-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system -
submitted
11-04-2024 02:01
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Checks the presence of a debugger
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD5e636a8d8cf5f2c4370e4479dab8d9241
SHA1c2f43ff6ee6fc58b19f9a094ceee7a57e87f8b03
SHA25671e8771c7cd90172dd93e20e7d761757a5cb7ccc43e9a7eaccec730225dbe7f2
SHA512c438e6ad580ddef7bdaa8825420ba05f0bc0e2458ec8395dfa7fdfa9bd6645acc6f702f7f69a4041929e5f08c6ca3b72442466c6fa97ce98074916b57c7c78d1
-
Filesize
1KB
MD5fd96862c39705e861fdb81a832a2c61d
SHA124e495dc01977f5fe3b7482f0c623aa6d1f2273b
SHA25606081786fbc31acaa7bb70bef8859070199b9ee4c981843bb1d0fb0fb33ec7c1
SHA5125935a847b9c990769f50300762032ff992a5ffb2c7fae7dc3308aff13dd61b54577e0f0cf4b6c9f6ceb3ca8f7f3fa6c0e0868893ac3d3982d088c93a05f5aa08
-
Filesize
76KB
MD5247a9a1ab8a9d50b768aea16f443ee52
SHA11b8ef45ad7df4db30e70051835585e526f7fe488
SHA2566c414fa302b351eb7df14144c5c36a7ddd181615cb540f012ff67005837c9796
SHA5126285e17579d1253b10f20e00f40aa8432e58a0e7b0b080c7ed52eafabae8f339f250897164409d1bc6512359557545998042fe41fca2e7b4ead85ab26918663f
-
Filesize
512B
MD57150e908188903464868b42dabbfe137
SHA1ae1b33e004b9fb9c4c948ff8c4874b318efd8f7c
SHA25629e7a897dc2b7d018de4972d7d4f36cd86bee67d0a45f207e270112c5a7118a2
SHA512167723f6f72bacdb379bd1c7ff81d6ec474804cf801c16d5034a8b842d775e38da8acdb37ba1db7baf575d82052243eb31107c7a2c30406ab882173803f8eba8
-
Filesize
140KB
MD5094c4bafcff851db26e92d8d3cae97f4
SHA17540a50b83f06949c186bfc7edb38c349e283980
SHA2565bf2d197a13f6c6735cd5c59f70bc8fa20239e6dc24fdf0cefee155651813f67
SHA512e2bed49ed901aaf6b22af8eb95d07cf7d219da7ea72e87757690c78fc496ea32f607936979c6624487e6541cfee9f0b0f3b34160425e875b6dd4c8375fedfeb9
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD50508d3e504f05c38baba8009a8e5efa3
SHA15300ad05d9de182f65dd2fa3e4c1cb724454d407
SHA2562cab1a2125aed190429e61651b5bb4da6720fe70334deb3bdf1f77c15ad099f1
SHA51229abb67305a59297f36cb0c9a3f0befd7e49525aa0ebffe3013f81f96a6e96703fd1cb1f08e8723793a5826cfc9627e0c381ad517c7f99d809a7c258047184b3
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
52KB
MD531136036973e76a80bdd71663f959bf9
SHA12397be4a7149a0cd0e8e77bc97751b654118fd5d
SHA2562e7d06909919b4ac51fd0c8ea7838025a32b6ba5b4f5d49fea2f6374fd8a3228
SHA512c63cc3a23311057e1320cec7502b71ffba4e2863f4860f5cb0920d95d9cf64dfaaedaf1be7434162ae75c3c2daec765d94d10df658fa5164f3ef9caf997d36db
-
Filesize
512B
MD5929e0c0ca3c87b9865f7be18c165746c
SHA1fe03021aebc9aead2c25b2ce639dd682fa51c28f
SHA256d7875191f24855ded698e3fb6bf8347134cd9e49a6023468bf0d3a1812fdaf13
SHA512222e7675f3dabe158f8b3c5217ed4195758779411268a6c702abbf46c5405a868c10481d53caf26bbbc0380700e02ed374c77baeba6cd0f5efb489acb84e7444
-
Filesize
68KB
MD55c541a64dc98bf88b73dfa4174f95dad
SHA1149c172ccad30190158aa086d47bb81bd57f03d7
SHA2560b1a841e03fec198e652fef8563194b00d856d9e2e955cc17a0696f642521771
SHA512a2fcf21b5b678dfa98830abcfaac51b349d1c4f204b6f4c294c06856fabd46d6eaf88215620369f48d77cffb227d6ef5b3f209b3eaf3822c44c47d0006bd8686
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
16KB
MD57efc23f6f894d319d71c1dc4b7d8db6a
SHA154035e5642b22f18c5990a0534b21af01c3145da
SHA25648af929ec863424d16c3d5da4befdd398f1dc874b752531353003687330869a8
SHA512b181b9c9a97813c1f98520d486705ec0d266241e9509aa7ffbe7f8ac0497f4c2115e3cdf714341a3c002e062e47a4e4df5955f0761cdf029f22d3ba1e38e180d
-
Filesize
16KB
MD5a826ce52a307dd7303483f376807866b
SHA15fc7888eae524cc154a39ef4791aef82034c6f98
SHA2561fee3ef74dc328236dd4fe25051b008ab1080ba752e300039f812bb1f082bb0e
SHA512a4cb26725d9e4029eb1a72ab21e0c96a74d863154bdcfd155038c3f54840442a663a685450b24f0803c7ce66146c7526e74bcd23908ced5229ceb8a8c98ef068
-
Filesize
16KB
MD5f817a5b4fefa20195bde043911feab21
SHA14a3d2f03e6076d476051d159bec557e845d57b23
SHA25657e85778cfacc82d4477f3630555455b93386bdc25055e000f9350431a02bc1d
SHA5123b42f4ebe0a721d71e4f04106343a593f66b7d07468bf8b2cb330972b64e4e6bdf2a483c3227240fa5d670402859b7997405ec9f84ac1fb79bf2a3abdf85f104
-
Filesize
16KB
MD55f6e7c3419852246956dcdef013a9ba0
SHA134cbda14ff780a7ba39df02bbca25a73cc41a055
SHA256306c188a4b099a6d646e2fa95677dcdc90b566846ba3b853d9aed9e3e06cf1a5
SHA51243ebdc4612b81bac55afaa7bcb428be0b34119b453b84f3b4ff2ce4b9d94554c6225a42fe4d4037518b3336ee6b99a7a586bce0b9b50df39bae5d4e46d2a7aa5
-
Filesize
16KB
MD5ade57a9892c105eb146676b760e41e1a
SHA14ae761adbe22de8b6979c1e3b6f9129ab8ff2c11
SHA256273783621ede4e3a64953b0f7bf0d9fc8ea1d76a0d3d822f94f568a1d9a36eb6
SHA512aeaf10d02cc568f8f5a09a713bbfd0ebe83d7fd2f66903bc8a64e75ff83d9e438fb937c2f76b5424e540b10f6260ca29477d8eb7370f35cb3ba74ddf7892d8fc
-
Filesize
512B
MD56bf72aee0175d04a7195626552dd1a98
SHA1f3c23f63d4ac120b75f5ccae55a2bbacc107dc76
SHA256877e15dfe8e5ebf5441cbdae51580bb7686efacec9bcc4b8ed040432451806cb
SHA51254120ed2170635023af6c70b8dc280f77d6ad34f067a85d348a9b159b20071e80cfefd224f119814b4b11f4adc25c5b208a300f0dc1efbccbf0f18f412094bf5
-
Filesize
36KB
MD5d3e206382df4bab4a364aef013288fd8
SHA1588b380c7ace2f5ad41c54f9f6d116361eea0678
SHA256491473fe627e9376946a8a577423712767043c0f83c01df04962bd489e783d79
SHA512b4893679b8b6c02828fdc04e19c9323c4e27a5758daef6149dca336091bbd5715ef4a5cf5db31da57ed368ace73057013657fa049ebf260d79a0003455c21284
-
Filesize
4KB
MD546ee0d9503a61aea93b8377539b86185
SHA1eeb52b55ae5fac1201daa4b67ee4cebbd870a33d
SHA256e2c66d95682c5c020fca37f8d6750f30dfbd5d63156fc3b3f011a433e5f0b405
SHA5124f868a13a70c1b75c4a50b954388709daec53e3361eadc00ff4b0baa9e9fa9a791c60fc7261e2c911b8c319439b1c73376df4cf840fb76b72d7e45a15bdadfd0
-
Filesize
4KB
MD56446f559fd9dd8962b3e2e9efdbeee9d
SHA18f78eb27bddcd074f2760f5fa269d73df5f8ab43
SHA256c430aa049fa3b4ed6ea055ce5602c99c29484b0cf3b3947e4b0ee33741e09808
SHA5125d0310e370852f1f4541f1c99d348ec7157a6983fc5369c5ce8eb42cfbe93f0a994d1e0f789ec606a863a018146488d8904fb8809510fed09053f4f051cbfc11
-
Filesize
4KB
MD52b08e97977f128222f1783e8b039c648
SHA1cd9619e1e1008aa23cf4e22f38c766f3a96ed3b1
SHA256cbbd5d8056430c66b55f37a047a8f6d3dab2cc00bf937ad26067d240f11c6ee3
SHA512cafd2c6494ea1d5a92a932d4371ae978619e3b6aebdcb00feeed66a02e1f6d1d4a7287858a88cf7d3f38b9052ceb2bf414f48cbbdc4b1ccc6a2701154f34d2e0
-
Filesize
4KB
MD5cfeb7cfcfd33576c0b05efbda12909be
SHA1b9bb30c4fb6cb3c4c4b65afa89c66d49c807be36
SHA256f0077d0fde84381166984cde9387577ecc9cc712dacfede30be5e4abe9cf4b43
SHA512d093599ee4ca6c1bb76de50caac533ac93045f3ef3ee20a63dec39d5c1787d5e56050ef104ca4799d6957e13a4e8ebaf9e028c2edab12cd3504bed15cc402c5f
-
Filesize
4KB
MD54df9c5dfbe5a627cb9cb50ced41fce8a
SHA1dc71f37d5f2cbd36f55c23c48cd98026d250319b
SHA25673c98535b549b21fbd4901c8c24b6b15d89de1fc10664ad5453277094a72cf4f
SHA51265c94d80cccfc14776fcf511c30231563c052fe54533f2966d6b2f4930effa41d933ba89f0897d448981eb8d26f2b4216a56ce868ff278237c6a69e5ed7762c9
-
Filesize
710B
MD5435cd56779f3b672dfe3d811c45b46f8
SHA1ceed15376bfe0db0b32cc2210f2983d3fb0d80b2
SHA25688750cfd9a726d709d8e172374090c5c8c0fbfc78ec7d468bb02c565043fb7cc
SHA5125665138193b40c70b48e0a13641bfb5c13382b240ef0b48c9d490950a964ed927985c3d55f5362c2b7c30cfdfa48b93a35c954a18df5349c8fa276115c7e2fd9
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6617447B0281000110944948330624AA.temp
Filesize442B
MD5d12d13739326a6659c1dd9cf3227c245
SHA1bf3cdd4ca1ce04a30d372048d033a214ae30f409
SHA2561d5987646acfd7cfd59bbbf4c27f0ab7bd7c634aba5b2192b639fa501803a479
SHA5124fdf0e7f1293115102a4b6636c66311128298ba941866db6fd28fce90ac3dfa7a2ca8aaedf0f0daf732715fc2790d494d373dcda2e09e0ca9e8e9c8fe5fe1739
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6617447B0281000110944948330624AA.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/6617447B0281000110944948330624AA/report
Filesize732B
MD5033ff116748e4b233d021690fbbef037
SHA10b0dd79502950c920fa8314a77098984a1a31488
SHA2565c01bbe1bac399041f563a63123a47e7427197433efdde7821838fc070e93d06
SHA51211ed9a21a3eebf7eca6db90ce1170b6f3a7122f858c8d3698a8807c41f4b8ef6f2545abe80445c1f0d4766f748f6f175e136c1015e01af89447732dd9f7fd6fb
-
Filesize
564B
MD5cf48fda3feab93c24765dbfbbaceb90a
SHA15e4c100b0f8db99b6bf40e9bbb67c61d066a21a3
SHA256dfe3100857f0661cd86765912ce382e499ffcd2fa60c25d48bb03b83802bb2ee
SHA5125cce8870508849b74e0dedfb5b0942cc6b75960259711328b40a964a977686041c67fbe76e2d91cf2cef6a00cb014ecdd94a0ebfd0f956f1f8c39da19de21dc4
-
Filesize
90B
MD528184439f84ec3b497a65f1e16aff075
SHA15131162f6c7915b63f9fafea013be7e8f7c2b866
SHA25607ab47bdcc861f69f806c5efb50197e786abdf5da15e2a6d10922b8cf37c352e
SHA5128e5c80c99ad965626313dc5c6a66fea340246859df7a12b727e22e287c6592987cde8d29100ed0e36719b0b68dd5ea5f127787df0c9f196febdf674baf55cf19
-
Filesize
36B
MD5bf90ce5d8a9ddbae23ad9e3f9354d319
SHA1a9b7655a733503baf75369a9a6df6d9737bb308a
SHA256580ea834b9a76db89fda177955dd67c29df707ca1c42a890135df75f3975972e
SHA512b8407cd1f023453db507c43b963e181d5ab283784a4a177995351bb7f34f2346f172450ee046a052cf7aa95ec6f524e213af1966a8ddb6a90bf79d1216ba341e
-
Filesize
512B
MD52a864bb58b9a04898d90373459bbc8b8
SHA17d143de83157dababc238aad3fe3d72934119c24
SHA25619e88209b1cad1e5b27746de5c0c186c9d027cdeccc3ae7b28d3a4e234ff1582
SHA512f242f1f87d599b98fd0eb8250a0cb42ea6b3e4d3adbe7bdb81ed5138868c014b5a207cfe0ad112ac1c90706e9c480f8fa1b371501645fbe3c876a0f71c588c67
-
Filesize
16KB
MD56d51a00fba955028699483e65869a477
SHA19fbcda0d3395ce259bfe50ff50fbef427f12a7bf
SHA2561e6a011fabbde23a564e2f1a3582e493af3f0bca7b746856d34683f9b9ce22a7
SHA512d4d3e3c6310c3515a38e50be9db024ab8d78c1233fc87985d1f721b010817518b106dc656455819f0d0d819c646b2a372e544392227a16cd92587333d7c5c259
-
Filesize
108KB
MD554a41e133a6085774ff0810909b662cc
SHA11646224cc495ffa0f00a3dc23e8402cfa4a7906a
SHA2568d8155bf8e8a071695484d5b115a02012f3798935432030182dedf3a44ebfae5
SHA51280321ac90e27c420b5e7083c542cccb3a4d0a616211c2918a034bb348020f654c99ef8ff7aa6c6a38848beb7139b8a49a63a056006e3ed96e219921f6749633c