easylogger | 798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae

Analysis

max time kernel
47s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
12/04/2024, 01:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Size

5.8MB
MD5

1398c9c6999be6f56f2364ec680f8557
SHA1

396c173b4c084afc3a2c89044ffa42a3f0e4dad4
SHA256

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
SHA512

49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
SSDEEP

98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A

Score

10^/10

easylogger discovery evasion infostealer spyware trojan

Malware Config

Signatures

EasyLogger
EasyLogger is an Android stalkerware.
trojan infostealer spyware easylogger

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	app.EasyLogger

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	app.EasyLogger

Checks the presence of a debugger
evasion

app.EasyLogger
1⤵
- Checks memory information
- Acquires the wake lock
PID:4233

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
beb43443e095c17af92e48e9e561a62a

SHA1
54e8d39eb0dca13c8630d78cff706cf1418d0ac0

SHA256
9d9bfaf8054928b511517b6fe6a650a1dd1537cf7ff1627d7d219c4341bf72a8

SHA512
cf9c1d3423ebef8b3b26e8ec5147597a09a492a348167be58712650f8e7e7016d138b9b3ef8182d1da39b618f0cf74d39118e627aad9a04a8cf1146b71e9dbd7

Download Submit
/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
4c1d2ce28c641ce6162f8119a4ec8d64

SHA1
adff8e20d5b395a31037539375670f3df84e3ff5

SHA256
dcc7a0b30d5fc9ac2150b27d3247a2a59aa1ab20b787b36de239ec7a560f3b97

SHA512
01b06a74c7e93fa1439dd7cfa97a62fa0a33f9a01d83b1c2132e06efb88071416cbfa65d26ec29543343e95a12b736076cdd4fdd468ba030663d0e7a07b18f25

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db

Filesize
76KB

MD5
247a9a1ab8a9d50b768aea16f443ee52

SHA1
1b8ef45ad7df4db30e70051835585e526f7fe488

SHA256
6c414fa302b351eb7df14144c5c36a7ddd181615cb540f012ff67005837c9796

SHA512
6285e17579d1253b10f20e00f40aa8432e58a0e7b0b080c7ed52eafabae8f339f250897164409d1bc6512359557545998042fe41fca2e7b4ead85ab26918663f

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db-journal

Filesize
512B

MD5
1a0f2cce140171ec4afaacf18ebcb62c

SHA1
40862fdea8d907bb2e228bdc7d4196b0c26ad85c

SHA256
e2b80f68f2a17b1abea8701b210a0af3a89a8918a4bd482e87c61b67bd10b96c

SHA512
7b888be89350f98814e0403bc3310dc571b78b03c8b04bfa0641eff4664b3e6410778577dad99bf136e1893f7f9d318338bef0fb0e5341f21b32d91f120dd1e6

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db-wal

Filesize
140KB

MD5
9379ef516cb038b1252fc41c9a551087

SHA1
18ece039922c767ba19abca2d1951a4803efa5bc

SHA256
376697847c4f3c0ff1b99ba63b0bad56777dc49762d7314e1613d1ad5f33e523

SHA512
a4c174aafa423a376c890ec1c75f05f605c46d83f46a046a679a63ad0f6448b548144592bd60185b51f6f860176cba296beb0a5acdfb6da9bc11e75bc94033fe

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
ca17b92e532e6cc53d08d6b28a685f7d

SHA1
180f2e1265a5a441bed304bc063019081ea80319

SHA256
4e9987dea9ab60bf7496bf98340a38c10c184b1332037adffd628b61ba605a06

SHA512
9fcb6c925d6e6e5a59352ef5e1d2158388f335fbcae3b65d94e7de04f95910965ed28a6c3be687fe714623966ba51a2badde712e21434a2664dd9639de088322

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
9db7894cf695c4768950e9f3386ffc4c

SHA1
27b77a2fc9fc55173c70c0546414b08ebe7396db

SHA256
99bf045a6d2b2beb4d00a7d54404c260bb2804e8750ee72a63bc49029d9db1bf

SHA512
da8af3e5f33db58e7ed495d90d49ea42ac1ddb6cdbd27c86a7557aeccecdaee6a1b583b91754941df60f70ced8234cfffea3923c1520889279ffd0788f0910b8

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
da936e265fa184456e63cd1bc3f37e75

SHA1
97ea02872248c67f7a1715ffa93287535ed40852

SHA256
7a253e89fa9c59f2c54d12d3b606f48d8af0bb536d6cad41de4203ed27d9f875

SHA512
f4ccf0eab16074f13a87c2b8e17ff68a9c96a046bc6cce5d81b3565679dad51986979c862b58a905376cbbdfbd9a1e5c9042363c2da14d49066db5dcae6c7b50

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-wal

Filesize
68KB

MD5
978b550e83f980aad0d039a7a31068d1

SHA1
869c9d8a604d359ffa2eef85be7470914ad300c0

SHA256
ad32bb42d69fde610f72ed8d0ad7d45a24e235a6403b123f4091ee8381691cf7

SHA512
963bf666609894ef3f043d56789a3288af3b57784047f666240b9f54d448decf364fc867309f33eb5b4382f4739a75a49cb054226ba33fe2a8862bccb2d000b4

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
47e30f30177867301bb1f1dc9cdd048d

SHA1
eac8f280ca0a87f498e3331e876c1c1a260b6cdc

SHA256
84b241cee017ec0c40e7d1bb5cda8297aadc2cdcdc43b168f3d65e8859563d15

SHA512
2de59d4084bddec0cb894352b8c1a22eb96185493843bf10ae8889de0d7f1fded9b3353aa5694c5348f123ae05a03100a7f90ec71f8219635504e59dd810c901

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
cf16dc05c5adc7e05073357cd6cce70f

SHA1
a1a7065dd1ba45ae3e543cd719122bf1f9935614

SHA256
c672a1ca5279e2b9c3d193c01657d969e46591f5a0fdb0f9905b6e0fc3f2f5b2

SHA512
18ebf3fe129aea41fb4015a808328928a66369547067cd4e274b3a4a9ab7ebfdbe72f074b649636d67b03de57e3f32b725d40435f8ad73c86cf8950a202ae899

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
07d1b8694ef078fb9738f0f4e11e7e38

SHA1
e1b989d05f2424cbfc5d712b19c1b9ad25178850

SHA256
f299a846c3a23bc5b3bc8cc7787996bdc677cadb1f7cd639024e88b557cd5f69

SHA512
a89312f28ec096054d989d41aec6553d9d8cd63e0fa39f15b4ead89998a4ecdf40055ebe619126f8518da69e674dcb04214853ab186576935a5086d7277937a6

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a21eceab295e18e96e1733810d41195d

SHA1
586fab8e1911e148ba04621ff33dc9ea37a4937e

SHA256
eaa027e095436aa2a1ce4df318b1f37edbcac2d67cfe8a4293c8c3605536fbb6

SHA512
3c2d763ddfcc3b8440ee02fa2ddcc7b11ecacdea583a4fbccfd44915ea3e3f2a9516dff0ffdbf002d68e76ae85af33a63b810941e30d6d8d2a101458cad3696d

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ade57a9892c105eb146676b760e41e1a

SHA1
4ae761adbe22de8b6979c1e3b6f9129ab8ff2c11

SHA256
273783621ede4e3a64953b0f7bf0d9fc8ea1d76a0d3d822f94f568a1d9a36eb6

SHA512
aeaf10d02cc568f8f5a09a713bbfd0ebe83d7fd2f66903bc8a64e75ff83d9e438fb937c2f76b5424e540b10f6260ca29477d8eb7370f35cb3ba74ddf7892d8fc

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
592de8e192e5e73dfcd34576624cd171

SHA1
003187da30d0ebb341325fd0866b6b6bce6758ed

SHA256
671c745ee54a3b33b36cd8c6971b37927a1b59ef2dad5b27365da99bb9b08ddc

SHA512
df0d95e160febf0b3df5ed381359fc7c1979d2e6fae9af1805c4a693a062808603024dc0edb6084cb71361d8e6e3ff3857bf69f2207a2aa17e9efca676f17a42

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
440c265b8689765e2c10c05eb9ba75d6

SHA1
80404a04f0546546f160a53b64caaeef1963c7e5

SHA256
eca0d4c09f3fca031e5f91924ccc3fc960e9ebbf8a1aafbda57e6627c370e800

SHA512
65a8c43b5527a368221708592732ba2cce497b9013e46ab3a82a6b56627337619407714e3c45f6c46e4f6208afbec2d334e17f9d2b1cd3c8ce995b82e0899bca

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
709d509b6799faeea7d78b0af192fe4c

SHA1
01460cf9c8fff8938b3ed1dd6d8e46c6904a92c1

SHA256
6d2f46c2ed293524f3dad3779ed140a7f00eb36f2ead59ec293d62acb388502e

SHA512
4ddb47e5636526cf7e155312dbb9542679de0753e3cce7f3c7374b4ce0eb6362e1c1e4eb438f9e22bbc399b997fedfa2aa6b4b10be035257cd51ac66a76eb7e2

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
74be1318ea9e4bae0e5209c1eaddeccb

SHA1
3f43fcb4538aa1533e558dc0cc8d16edb8be7df0

SHA256
30e34f05b0e56c3c3e27d6b71752e18d6cd2dcda78edf531ba75c56e369cddab

SHA512
cb823da74066645272e8d876694fd2d66f7abfc0e9ad2fb22512bf73a2220e58fa823dae830472ff9aab54c80b3df11365b2a7ce567deb91566c80ea312d1293

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f0c8c8bbf13fb4eceeed4b6074f2826b

SHA1
b91703348e8dacb2e0912e92e216cf19dada973f

SHA256
416d775e441ff8606603439bab84723e7f35dc62aa2681d70d2c4707fffca917

SHA512
88dcdd33f0431301c347a0f92d154f1563d58a569a809fc88a2cd0f4ad7361ed882ea204970522547f2730ca0d843910f468e7ef6b88c0afadb29e46842e1b33

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
673614508d75b89b6f983e53c1f51596

SHA1
9d34feb2879144b59795027cf6695620926e5974

SHA256
b9f746c3a61668756ad99310d4279a90d0ae5c35e2d9248b6a415bd4dd10bc83

SHA512
92b9407d7a0d4689e3bff64886bf6cd54b0b74b084c6b302aacdf688cbdff853f216de26090e328b01a024cce8e45450dc7a549d79186406fa34d87d4df3edd8

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
2fdc7c0ea15d7990c217dddb7a3fb4c3

SHA1
91616a352875f07b6e0c318d130d05141a2eba31

SHA256
362ff74ec921902d269389af25cdebcccd2ffab37202d478e9a215e2af15a56c

SHA512
d471308e77db8bcee17f68a66592e685721fa899286fb4b056a2455e2b535f16055205fe382b6e5d537552beee9a730c41b0190cf9f7fc8a63d0e1ea0b2c7ede

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

Filesize
710B

MD5
325cfa97e6bfd3c4e569ad705ac29ada

SHA1
5ead4d85370d2451ecbacab98a065afd729a3c6d

SHA256
c36749f8e04bfc3e9dd5177d7924e261e023b3ef41f62b64f30b0f2cab399c8f

SHA512
67806cfc4ab67f19ff3cbccfa786bdfb42584da67b1f2281364de97c74b3da5e1f9ca1f3f275d4c6fb118363b8fd52872bbfcbfb4bf8690748ae4a28c4a44e7a

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66188CD8013B00011089587A0D2E6FC8.temp

Filesize
438B

MD5
c884eb1bea86428749355e9b8bf6b688

SHA1
01c52a502851016f5f2c6c601daa6d511b506e1b

SHA256
cdac2526283d067a20e7ccc061d6b16c00ed1161d9e892dc78c77b628ad4e4e3

SHA512
87fd141e12bb294232e7d938c8f274d7d44108a430cecb5ea9941a2f38309c8e04ca48a91589e6e3c21710ed326e9613f6e839451056fa4be41c6db69768de26

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66188CD8013B00011089587A0D2E6FC8.temp.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/66188CD8013B00011089587A0D2E6FC8/report

Filesize
732B

MD5
9f4ae263e132531ffd347e8dec4a244c

SHA1
547a161957015f7260ae6535736c150e3dc086d7

SHA256
bdb54136896b47fa055fd7fd0137a9de6e557cd1db4980511cb0c7f44c36503c

SHA512
6239e7c07d94151aaee44ed952d9e514ebbc86145d8ae2aa58e7fdee0fb215ccb8153abd8a6af3819ffed0cdce85521f5d8e752095965767061b5b95cb064390

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation5055938087492145390tmp

Filesize
90B

MD5
c3cf58771c1f3daedd92e51807ddb9ed

SHA1
daa4ec732b41571e47ea28c316696a5a06cadf69

SHA256
ef3f15429e90c0333b1a30c8a806b6095a479ff242674cdd1484c41645e1241f

SHA512
d9c0a8030e77f21cbc9a4acc30db10ad89e0dd11e3aa31594470837fdeadef4dcc46ef0126a4e3a5b7efbac2076998fb04fd8716fb7df4f4ba13e62d946e5fc3

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation6348265830780496406tmp

Filesize
564B

MD5
978cf5ec459a3eec0930ea5e5dcc2ef7

SHA1
91a3e3516550453dddec5f2743b834426b609bf3

SHA256
d83eede337d7d1366cd122ec88360c171b8932d873dee3c81917afaf4c741dbb

SHA512
6df66eba6fefe6647efe24d533d6f5ab8538103e4bea98efa203c3adcdcd6e74eb05fec176926860da83256ff26e3fab58a7024354adaae1e7024fae81cb61a7

Download Submit
/data/data/app.EasyLogger/files/gaClientId

Filesize
36B

MD5
7171bab5f6824d265acc6d3687083849

SHA1
4a144bca0ed940cc097f014e748bc22e1f903359

SHA256
41809e4a9e8909293d27aac5f4dcc50abdc118018fbbd195ff9da2a7aad242e5

SHA512
134cf44e4dac23a9d4bb0d69a1bdff30b3b6166a060926b332c13bcaf85a5269af4de71cf827ff73b7213ad15f7740a384b1230d42d53919d911b67b7abd716b

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
28e7141d302df0d23abdba87eb130e89

SHA1
da5a9311715cf4f27755676653db97919c1676bd

SHA256
d7c392487d341c116ac29515b91fe7c52c1b439f6a350d422ad07b9ed29ac582

SHA512
d7ff5af1d3fa44e017fbdbac919c83fd8d4a654c7722df536e560241e7e254a24f0cdd6db8eb6b5eed425c1f495b3669ce09daf0dec56a1a4f0f3401244a44e4

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
4b61ccb6c31efc45913aa9e607b08cfc

SHA1
a68551d1a805f1a8e7cf8ba828fd050911e6bb93

SHA256
5a3e6cc9c1a060b64862f36bf8f29d9361045a1ba33e1b90adb5be4422b79861

SHA512
2994ec8653bd6cc97cf7da6a51872b3fbb1697c083ce21d093643187f7119098d8414d737e87bd8fb21d0eae751e174716c3390e40dc1b3e25d2c63467073c41

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
7270f0220130586e771ff62781b558f8

SHA1
56b68dc8eb4d4494551a46dafba5b7f91276b1d9

SHA256
ad2db8cde83e771ec4d0cb19ddee30fd761db15079852d5f22f1ac5fbeefa843

SHA512
202d4d2418e32c4302688fad425fd3f55402a1101bf501f6f61e4dc26e826bc167958788130308a8d0825e4ec1c79573c538cd2fb5635c2a8bc1ffd996159078

Download Submit