easylogger | 798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae

Analysis

max time kernel
48s
max time network
141s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
12/04/2024, 01:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Size

5.8MB
MD5

1398c9c6999be6f56f2364ec680f8557
SHA1

396c173b4c084afc3a2c89044ffa42a3f0e4dad4
SHA256

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
SHA512

49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
SSDEEP

98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A

Score

10^/10

easylogger discovery evasion infostealer spyware trojan

Malware Config

Signatures

EasyLogger
EasyLogger is an Android stalkerware.
trojan infostealer spyware easylogger

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	app.EasyLogger

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	app.EasyLogger

Checks the presence of a debugger
evasion

app.EasyLogger
1⤵
- Checks memory information
- Acquires the wake lock
PID:4187

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
8f4f7e860561817678984f8e2e50c068

SHA1
0f9de3d9200c3be33dafbd4f111e396a77a781bf

SHA256
8ddbbb7678768727f3e87bc17b998648a07efef52fe6a8259d864ebc43eed757

SHA512
aa88737a7eb282b4128f45ed4c2b5f52b30dd2af125eaf00fd199cc9c0efab5e213fabffa458d7f173e0761f23b6b4e4ab5722d62b0de7939fae6a5dcb748460

Download Submit
/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
32f3faefa060162d9c9b4a71bede1f05

SHA1
ae3e908368c711774e3241f4edc2ff77eaabb442

SHA256
07b1fc060d178ef2081875a771013f59bdc47d57661fa668f3431ec4e5af71e1

SHA512
97cdce45a3fb405c4e4d8f02e7f070d7becd3a85fe2771b150c98d573cfd20c3d59facc96007fe1395d3236ea433885bb5d1aa39809f8dbb59cc3f175513d149

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db

Filesize
76KB

MD5
247a9a1ab8a9d50b768aea16f443ee52

SHA1
1b8ef45ad7df4db30e70051835585e526f7fe488

SHA256
6c414fa302b351eb7df14144c5c36a7ddd181615cb540f012ff67005837c9796

SHA512
6285e17579d1253b10f20e00f40aa8432e58a0e7b0b080c7ed52eafabae8f339f250897164409d1bc6512359557545998042fe41fca2e7b4ead85ab26918663f

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db-journal

Filesize
512B

MD5
ee729d17f07105dae8fdc6e6521260c6

SHA1
19c81b61a337ce4ff98ff19648513aef1c3f64c6

SHA256
74e6dfa2690405c259b83545071c4e106b0b1822999f79d6ce1764b45d0e4d30

SHA512
8810e952d3e546fb687526f229886ce193a9ced9a3e91a37e8cb490152270c5d4335740f371c4dc3dcf1f775402242aad6c3d50f42c6f111d32fada092d6984c

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db-wal

Filesize
140KB

MD5
9258e157389537842268eaca612d8896

SHA1
3eeaafe687a736e9f13ca4651cfca0ff338a08dc

SHA256
4d57a42e363444a441c2489572124a9802fb1a17b1cdd51c8950714aa46fe2f3

SHA512
55cd38cf1dd40631969f79f13b3c8e2b962e1dbb1e7dc3d880dad5953ea133795b31b935be13b5bd32c17a88f22eb3677b35a3eb2ac98e27ea26dce207c214cc

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
ef0f589109fe0979e55e6461a9e8c2fc

SHA1
5cc7e1daf6566b6ea36bafc8b7d5d768c5484fcc

SHA256
9e65313ad9ecb876696731bb63028330bf8b1c6c439966734dc192da1f646372

SHA512
bdfe6a25545a67100a10afba4c6ac74450badae108e7236511110ef0df99c98d35cfd28cb94506e4f0b09b54cca57e5e8568d4f9cbdfbd24d65434489c522ec2

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
032c9b57600fa9a5acd2891a938fd6ac

SHA1
40799134e54c7f5014e1159fb64ade1bdd7e6c25

SHA256
b2e3dc54544ec493b0831b2d8f4b6ced691ece3ccd7dd25b40ba2b00b5d3f06d

SHA512
88a0b5f7839fab51c8e792b2507303e0c54c2d417da5a8620b5f217c6cdcd572dc0d946cb51041b22e51074e7e1cf066d2e4d97625ae096643244302fea703e7

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
2c97de50d87ee7c497797ba6d8970835

SHA1
117982ae11e9d2cf0befcd878393f137905d5275

SHA256
b30408f3473919d43731fc8383b839bef474deaee8067c53811a43920d574994

SHA512
5ee29cc7b1ee5989051396e9c898efc2bfe0135fdbddd058ef161ba1a5d96cc95adc3fdd25b74d4e2ae40edd7223e46d77b701fc32e493dfa224bcb9489d214b

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-wal

Filesize
68KB

MD5
34e6ec04df89740baac3ccba6f0b28e9

SHA1
548a624f8fc5e475694b9c161aecb77b2a78f1c6

SHA256
f68ae4a46c74621c1289c1a7b3a95da7b46bcaa573fe64dc90fd61042e0ca8db

SHA512
370b49b4e0bffeab69476d239e4885d32a7d053f929196161f76eca241170838e23339a1bec36d6a7e9f10cec692b6351ad645f0ed5dd8a9cbfe2021231f00ec

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
82344b5ec4b0e109206115cc40a06f58

SHA1
85ecd3ed5ca55204aeab8c2d96dc536d7d8e3af8

SHA256
b09c421e14c5485fa4bb6eabcffe63de63fdde32bff1838f21b6c352b6a278ac

SHA512
4eeb8de5d9040f3b59d878580befb15909b7e2204015d4d84aaf32673b98ec97988a07f6c637102760eb2b494c96f776e84e94f87f8d4f511be3dc4780b9817d

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3d9ae0e09d2d7e914a387a6f0ba8e248

SHA1
993b06da3c91e563cc2b07980df3bb88318350cc

SHA256
62f692543a5d77e32ef3119784c0c2289ae1d818d91f9ad9cebfe8b9491c2926

SHA512
be7754947e0d1e5a8a05ee58f85faf02a1274402b8820bee028862c6e433a80f91d5f8dca234561a7e2a1e88b83a1825c025f859ad49478e8e8b8141b2377152

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bfccae39b64b671fac553ead4f7c00ae

SHA1
e60e99789591223bfb7245160d64e801186df063

SHA256
faa68462430e25a3f05af0c8c7b5daa218c868ea8fe49e2380c5a8eaa5849152

SHA512
4e4a64a1c10d2e121ff2941715770479b462a8f92ca4fef3c62df613234da9b38a11ab196b8cc021116288a383b97b2afb7a1ff66aa2a9e1687ffe1b082f6824

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b9acf658813a014ab92e08786d77dc02

SHA1
32c12e813c65d34dcfd64c51ec8fed29ac6cfe65

SHA256
12e7f6e9aeb2f3838b621442b76f5349c798edf48a7094e6c3e34b65b3a45ed2

SHA512
3fd9466af6255ca6025f97aee5376f8e1e3d91432e0b47f01e3ac8d45e024fad7702b79fce4af63f4774a97e295dd96a2476db3c74b0842fa100aa0f5602ba7b

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2a12ab0e4891ca8740f9c81d88141492

SHA1
188afa64dc133d5cddb44daaa5ed822fdf3ba371

SHA256
4581a1d46a9334171ae3dd903d5769adf4948557830121accda46359da39e583

SHA512
f74e441f6a9132426015c0f0318c5f2d0b13ce01f5d8ec4744d72535102104c9b3271786811ced454626877ed7ebb20c5fc50c105f55e79811b03c466e633135

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
8fd4a3cd0497dd79ce1b2bb1e7a32d9e

SHA1
c680f218668b9e0bff7110a9767a483031e678e9

SHA256
863e182643e716997e5915fa76aa7f9c8d7b771199e73ecf72113c1a2b97a7dd

SHA512
683f64d5eb4e29d56f045ee87c067d080ff6d0c00d84aca50d3177f768f00b314340d89cad5a6e4486763e31b794f271b4ad91ae34c9d953b3e60f50e2102326

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
bf1d26b5710bea4e17e0509f06335ab9

SHA1
ae0ca2aa34a6f7a8e5ece6674f13c3cad4bf522a

SHA256
0eb23de527b51c984d63fc2648cf66504d08c97aca2bcef3a60150af7f8403ef

SHA512
2ee9626e51c16080118815148cfa0be65086855d155f0bf4d003f1bd8c1907a79fadd9c0b985b59c6531afffbcbf7e9dd12c7509766824c2236df6ac294f01ff

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
deef94e4234fcee45f6009c61304e6bb

SHA1
a05a475131e84ee0847b37aa38504c8e1423a0c7

SHA256
5267f56cb785d2d7228a8ba21049c27c536126c55edeea94f09734883ef2e41d

SHA512
8e92d164ad266fba3354ac07863f87dda513118864e50288e11a07c90e7b765ecef00230c067a56cdc7c23d0cc7d6afbd80b12b4479a1880bd494cff24cd73b5

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
7c3b99e56486c5affd84de3ed5b1bb30

SHA1
61c8a53634bdee3347c7128e2f7a9f7969028ca1

SHA256
a1b1388a5b551c72abc12ee5d0cdddfe1b983726664be6655054d2ac97de3002

SHA512
cc5912cd70d8af48de631a35c7ad12eb192fe4852b892e6e754a72f2824ee37a94d72ba1f461183babfe3900276508cc4b702766133d8eae2608493f3ff7796c

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
83754ce7fa68ea72ac372c2f8dc502fb

SHA1
d17b909a9a973681361ff6f639ad9e450a76b886

SHA256
30debad71e37f6843cfe915bcd5630926e6dd1d3cc1828c3a1dac6fc49926f3a

SHA512
3278c2e6e2ae28110c49cb35638d40d2c7f1252576ad5d11a9ae6059d0094591d29d3488b0c283f56c4b33c6e1b93d93d5d2cadcd6e8db9c9081c3a1ea4a449c

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a01135f0eb7fa7cdec0090e8a7ec527f

SHA1
3bb98aa76381fc8a3a6b0617f699d998fa86c2bd

SHA256
8dec51ac747d6a3fd30a4422b2a3b9b69238100c92b7fed9346f4d737e0c3741

SHA512
4fb667467676f879e7bc824b00b3115398dd6cf1b1d804ba6e020a7abd900105c28f6b1111edc01464be76d99ca3d7e6a2628f2e3972150ecd711f225d1ac343

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
cf08cc2132315901368ad759f55bb4c4

SHA1
d2ec15fa0a80fc2d86f84120a55002f4b7b3daf3

SHA256
f077dc90d39352bf1ebb46a8f8a458c8c1f2c52b55070c6d4ff4af6cda1e6b2f

SHA512
ee4683ac15cf48cd547035be4412c163cf6f99c68a0358448a7c5f0e7b398c83a9a9e75aea907f26a87507eabaef4a2366feb5b6873f9ea176269e2ca4877358

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

Filesize
710B

MD5
2a757c05e9a08694c9381da76df279ac

SHA1
d7a140e3c93558f89da6e4eb2207e2998eafc285

SHA256
35ae616b0cb9b958ba6da298a6e6f3fb1232f73d5503c19fd428279f65a0334b

SHA512
b541d29560e65bec78fb86acc1d025320924c1e9a89b6d255142f2a0eb0b09f47511f7655623e0826e9cb75f83924f5c9b65280dc2f6a08f201cac37f72e5d46

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-661894C1002A0001105BDF947F5AFE12.temp

Filesize
443B

MD5
b105cbccb3bf8bd353320ab3f5e035f4

SHA1
37a98288cbd2fff7f13c5bed3e8eda99b990bc07

SHA256
c948ad231e7eee7d3e023a27608d6f4847308dabcbc2111ae86bf8b9e2f4b04e

SHA512
68b763f8fe3fc2c503aa6bc6ec90855bc65811e4f15b775331c130ec5903419d80879029b5a3429118097affcaa7b47c2f5cdd092dc9df24340aab0f5247cceb

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-661894C1002A0001105BDF947F5AFE12.temp.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/661894C1002A0001105BDF947F5AFE12/report

Filesize
732B

MD5
d3e30d13d24bf4c758c469c1f3360afb

SHA1
797f524f34856a04bb28a8b7ebb53ca58116f8c3

SHA256
8c1df5a4c86f9e7bb6e4ca2d726c2861e6268a689c6dcc98644adae8dec4ab40

SHA512
5f5cee68d31307d50d5d52dfd81b4dc2e647ece924c03308276b3880fe1c457ccb173a83f41fc44137b09a826d0d345472909a0eb2f03249cc4f8500e2ec76f8

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation3321799837166211426tmp

Filesize
90B

MD5
d111bd339c18ba9c7ba72eab9b15f93a

SHA1
8b8e8ff8a87c9c62906362e32ecadfdcf7f720ef

SHA256
9ed72bb5fe9cf2071001131082a587f65909785aa6c431e6fd13c03ce4fc6661

SHA512
7156cfeb958d526dd72ad92af9b728349858104ff94eff2a7fe1ac5bbaa5f73f0d30b2dd2f6d62ad7be80c024171f6beff146ed2c04bbb0cdb3fcfd1013ddfca

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation9109465160091643894tmp

Filesize
564B

MD5
f2ae279531f0b04ffb8135bde1e76399

SHA1
7e5715f8a583f9b3c2b71abbf256623c7c8a4bd4

SHA256
2746df644424804543a56aba409a2544ac39f8df40a831c8fa0482694f241733

SHA512
de6a4997a242dec28d29ae2fa8b1b59abc80e8b8fc91d7319c74dd32b5c8cca3e8c41a3a5324756171af92632d35339084a65e6889b76e5413f4cc1e87fe79ad

Download Submit
/data/data/app.EasyLogger/files/gaClientId

Filesize
36B

MD5
e577c7e1c53189112ee50eff673a26b9

SHA1
8c5af883769ff582d06882c3c765273ec5cd9552

SHA256
9e946feb488e60ccd029f413efcd0bcfdd2c4fb6979095fbbf3932119b28e8fc

SHA512
a557fa130a50e750d0b9b9e1765c048bb7b0f2b3934a5309c7934f806ea8fa952dab5e4cca473f08ca01ac2d6faf14755aed5bcc1ccfd58aad0c89e1e29a4ed4

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
00b2bb7688e71419fb789a07ca9f6746

SHA1
664286e5b99e9e88f3f1603faf699ab83b0acc82

SHA256
5025a60fb5f6bc897820a9ee76ba5e1ea4239663d6a369cf8b49c70d9213e941

SHA512
42964bd822c9ad31774f007b19c69720645434afdf3ea23baa22c277d4259e5aac7ada6e1bde6bf786ff12f1f6a777711b0c496564cbd058b0f59e96947c183e

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
ec88938ef4320070b44d75aa226f3d84

SHA1
25435c6f17ea4d1df48cb1e3cc08cbd93bd85c90

SHA256
bebe21008285b50083238d5644b8aabc434a70c5b69b1cfde47c5b37050f523c

SHA512
c4cd446e7666ec53e0bb2dacebdc17bc28addad493f1d1bc9ed812a472c0e58964942adf587c940b1c438d851e72cbecf9a0e6a4e178901c2b67e5c2ff13fd12

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
c2aba446db45ebf57ab2d5e949b304bf

SHA1
ea795e97c51d7bbbc0c05b96d54e789885fee8fd

SHA256
ff10331709472f387f708c55106267ab21f6eac32e8099d81e8e2694271a521c

SHA512
eec68ef2a6951da2442120fed94b02414c89b579aac0e284e8afea30e49944eaf0af623c2689a2f077bfaa0585b233700afe0a94831518175a95994e2c927f4d

Download Submit