easylogger | 798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae

Analysis

max time kernel
47s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
13-04-2024 01:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Size

5.8MB
MD5

1398c9c6999be6f56f2364ec680f8557
SHA1

396c173b4c084afc3a2c89044ffa42a3f0e4dad4
SHA256

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
SHA512

49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
SSDEEP

98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A

Score

10^/10

easylogger banker discovery evasion infostealer spyware trojan

Malware Config

Signatures

EasyLogger
EasyLogger is an Android stalkerware.
trojan infostealer spyware easylogger
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	app.EasyLogger

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	app.EasyLogger

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks the presence of a debugger
evasion

app.EasyLogger
1⤵
- Checks memory information
- Acquires the wake lock
PID:4227

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
d09519c86233b8fdf77489209eb1944f

SHA1
9eb4905aabd948a804de95c825602be7ea11cfbc

SHA256
ce0120e6bbb9e2cde1026e47e37fac7ed12b92813475aa15fc1e036e676e1d73

SHA512
227316090b563d8500bb441724938abf506f6cdd17f76557ec185506108fa869fcb25e60df4318f22907829af0b7ef2711ef452fa3376b47556c07bb3b6ded8a

Download Submit
/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
d7301c43dcf2469928f2ee7bbdc3d3fe

SHA1
c215021dfac33c05d55e006620908d84c1dad100

SHA256
a72e6bf09edef3b0c2c2736460eb1f3ea155f02d96d07b1b240288baa6b137bd

SHA512
710e4e7e15316a20a4f9af8e4245b1a9cf5deca1f98e68799b011d06f1eafc383cb431c7487042e12ec0f5b9b966f08ceb0e8824cdf24bf39c17bd12d81ba6c1

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db

Filesize
76KB

MD5
247a9a1ab8a9d50b768aea16f443ee52

SHA1
1b8ef45ad7df4db30e70051835585e526f7fe488

SHA256
6c414fa302b351eb7df14144c5c36a7ddd181615cb540f012ff67005837c9796

SHA512
6285e17579d1253b10f20e00f40aa8432e58a0e7b0b080c7ed52eafabae8f339f250897164409d1bc6512359557545998042fe41fca2e7b4ead85ab26918663f

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db-journal

Filesize
512B

MD5
5a7d15c6421674fd649bf79c00bc18b6

SHA1
37fe3324ab9461aab9b770f4b108f6290d1f3dc6

SHA256
f3aa9b706cd3a49a8cc076554419b211a522aef15656d5cd25a606839a9c03cc

SHA512
4ebf4d74c503f363c32035190c9ed0a248b311974a162b1d58e8c8dc1beae60ad5c5b31d7f881a635f73f2a1a0cc24b9ce77850603c6a09b7f4d14feb20a1ffe

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db-wal

Filesize
140KB

MD5
25ee5422bedffdb5b0b9abe15ecc5352

SHA1
311893bda2076743a321c8c9749918300cdf47c6

SHA256
a5c1de4256456e1caf02537c81a3c955963576f5f258f4a5a825ea4e017cce7f

SHA512
c46e2eb598a8f44db61cf9fb45bfd9a91cb25013a5b05ab0f886e4daec9ce72081105bde3f3e5ab4a001b8d8dc222e23b4f4ed6830b3acd6180752cf31fe49da

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
eeebefd7a20742b162ab219c432af4f3

SHA1
b51f2f396396a1c2465a12be2ad1b8df7c7ec28f

SHA256
f11f785551ef011d852f927d11d68fdc5d49767caac21996ab40ca82666a144f

SHA512
25b48b80e160d283f92ae2909ab4ae840bc428fd117131768f46d5cbb5cda89279afd86c1297d4c68e8e82daa46cc5e6a7229febbca8c42bc7a2b4eb5450f180

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
9f98ed05bb30919acf676c1e566fa6f9

SHA1
690e6752f5a8344a7f918eb7e3bf5adfedb4b4db

SHA256
a35ba0e9c711d83d7e4aef1574a8bf349c7be4f8c25994f882eb75767f165c86

SHA512
bed8903e36dddee37c8a0ce5730ffac8216131b2bb1205946f41d59bfa2c0b01a4a362b4eb813142512adc4e898dfdd7e6c721a8a67d4fbf96adfa11fe927b21

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
a62203bfbabca108c2f38f171fca3439

SHA1
a185fba4e91789264fb0f2f9c351d8709cd4de79

SHA256
6ffa5a1a4e30416927c210d11a496735088a49dcadfc42247596429bcee928de

SHA512
91e906177557918c78057f2915583cf5540989f84512c597c2ef6614f77960cfa251309e9f20f80f0aa5e517377d6e7ffc906a9269b359f25495a90f9985a3cd

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-wal

Filesize
68KB

MD5
8310226a1afdd749670b9220daeb2375

SHA1
22d54345dc9f431a10cda50295710975db4f9e78

SHA256
64ce573362458a62170d3a2e58bd55df1816a57485c11f542a18ed1f245f111b

SHA512
618b1d6c32ad1e40864f45e7ab00bdc87330063a7c83aadea0fcd7b18a19ce08209a99c463d268c9bb6826545f06cc5ead86d2f8b295bb997b9a41c7071b404a

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
51890e096ca42c88256320892cd91314

SHA1
d2e0db1bf2f3f6a036f2fa67190c4523c9467d02

SHA256
224c8f6c16faa9c8e608f44e669b4e97c982560e325bfbd0052488aa07c3d636

SHA512
bf1f25233e41b569809f94b49c11ae157954ae3ef93a6d0f8ba09c1c8f11c34e45062974337d74695d2b3365fedcede72dd9edaa7a689c24b28e6d0d6153b0f4

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e0bd5d76d24f5b0a0b5942f6944b181b

SHA1
86e4d8ae7b59bb0d461a74e2ac986cce145c8446

SHA256
a7c0cd485443e5cac9f5aea17d344de27de0ca5653d77a0d88a9a2ea3366aeeb

SHA512
3d6729030e9d54a109e380b5356f5ac92ce98d3582523f2c41a0af9816c72c2110f933f3d65fd80a179a7288a41275f1d3639026385ebbeafc8cccfe897161f4

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9a2a95f93b00a8bbf1f0292dfe468288

SHA1
ee04d3d2ddfca6b70ae548c4476b459d030e7797

SHA256
59b991b3efc0a95daffc04d1d369a3fa4beaad26fb751887c8639b053090f64a

SHA512
de7fc62fe67303ba398146a7828f685b3c4fe606f52e50f64f89bf983ce43b6cfb236984d56505ac738d3f0fc54b86c3d42ae9dcfe416ad9395b1222b49d0223

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1e8a32bf64ab28828e9baa57d5c4ff9c

SHA1
44f69ce91d7509fd71530c3252320fd8e9ef8f78

SHA256
17ec0e5fa713574f558a5cd609f3bdf1a4ac1dd1062c287617d68adb4f638cf4

SHA512
67c375c3f4f3268ffde81bbae78ced3fc3a1fe466956f94f2b87011c9ce782ad8e86da786a9fdf8b1ddf1356d1b677e6ab121faba3d90f725701321220008c24

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
87cb9139596742358c3c3c255a7eb83d

SHA1
4c828cd7ecb820c49388be23f7044752b2a799a5

SHA256
3efa205c621cf97960f5c1b691931bf0b983ceeebbf1833b6fa0f9b1391a1593

SHA512
7edce5c507f0c3efad1c9fbc7da751a2b11de32fb23e52f21d18cea525e1172ffcdf71198884a0a5c88d84e3268d8125815fe88f78743d9a2b2fb4982a841b2a

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
412760c4602abfc26f96f361a61be45b

SHA1
51f680654ac37311cea9556ddfe79fb80f99c3f1

SHA256
559be1398dcf3c4b181f8d6fb9ee46fb69190ee350142b818ad7bddf35e4a424

SHA512
afee14f16947c30d56639125957346d9552f8da8f37bde5f36135809d7c6d2e85bc0c1fe7d5a594cbc91a90e3e302b67c384de15c8b65fecf3d938fd995b58e0

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
64ea1426bba89a78a2da35b29be82515

SHA1
ffa60c5bac1b7f12cfea0cf2ddc007ba0baf6536

SHA256
f8b03c356c3e3776b58fb943ad14c284523bd2f7ff07ef00579a4fed226f45f8

SHA512
56c9e3fbbe2b2b33358e9855d06e2dc1ea64984c19ba036cdf2523cd9a3fdd317b18fc69a93d7252b9312d18341c01f0e9513352191535c88f2eef5669d59832

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
911fc22a6a87a53e06c5969da78f21fa

SHA1
893b921b5bb74ea38496871db390e91b70e73ddf

SHA256
b53fe763a734ad9d5290ceb4173dbd23e9f56275b23641100b3dc8253754760d

SHA512
3214325382b7a8ea39cc11176bb8edd4389843947a90ad0c02de39cd8d72fc3d8c966965a7f6651c71b2169cc45ec6887cf4d29a5f428df1973d75b963059e83

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
bfb484566996f98bb368bf9a2d2e9a7e

SHA1
8e66f27129eedf9edea5c937e841e279a5a16420

SHA256
3af339e9bdff0d789738a5e823e6bc0605e2a589f0f1de8477e294ed4a2f878d

SHA512
1d65c3879bc39c01d9f943ea0340bc5cedf8edab371b3e8df506f974337554645bc765014146a9bd9db0672753092e2f455b84047f2a4cb2c3c3b0dbc21bf748

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
9ace560fe4eeedd743d08cdffe05f300

SHA1
563be7936682bb35d64644539b88f1b5586c3df2

SHA256
b894ddebcab6a4f98f137c35d617471cef433fcca362f7b34d78fa2e80bdb24b

SHA512
1b59fd1c74d4e6a26d3e33f1161c81a36ecdc326347d7ee98dd2d437c3e10ca5239f747779242b017f9a5e93335b093459658db5776a330e2b7385610e0a71af

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
aa0ecde1986349612f58967b1e869c99

SHA1
40bb8fa001b53953b627a8c73ec6930ae0e9eec4

SHA256
7a682700384bf31cff84c85753aa3aa23b1944dc650afb6ba02794fec8073b45

SHA512
d7026e2a64258b7db6a49990e9c8dd0dd1fcf339c8176ed872fdbd3601e211fe2e317601561418a1cfb162e2be41da274766ea5e59f6ac2f35248ca4b181e931

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
dfb4734c1789dd2fcd84cd2309447bf8

SHA1
64561d6af3ef86e9ea1c4e29742a14e01f679027

SHA256
8d7ae9c3cabbd091a4b5eaf524b93beb47c836336f52477fb8342e70952c72e6

SHA512
76efbb0108b1385cc91b17c4be6fbbac41f165c24256cd0b4579054f35807c6529e03b37fbf7a25f78473f2ddb3fd67e57b3d5131d9d7858889dca69dfaf78bb

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

Filesize
710B

MD5
66df25a2c8f3a1e13c3a455af60325ea

SHA1
627521527a6c603b4aba0cf8a94e0cc10a99e0fc

SHA256
08cc8d86e9d3b430a16aa1fb90abc4ecf9d8541374e83a4f8bdcf67c3f3e7778

SHA512
8bc23731dae79a2ccbdfbbbe12a1e9b215b3f234f391d052782a35f3cb5e4306c67112b3f94760600ebf5a711ae6c009f392708378d7874cb680aede65d8eb70

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6619E463013600011083FF951ACA737A.temp

Filesize
438B

MD5
7517ff6c0f6aacd8bf675bb2d6db0c5a

SHA1
127dc53494e979f3c259791e927470250bc2a1d4

SHA256
0a336e9c806547597a7a2de531103907e0e367dc2f619e0fd420e9ed08a175a4

SHA512
2d6d276d703f678515facae012a0d019bc498add28870d5ee07c07ae62b4d1193c0f9de6ad86e91a4ee5af397d1d03e8ad210c22f557fbc35d21a8c6a946d56a

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6619E463013600011083FF951ACA737A.temp.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/6619E463013600011083FF951ACA737A/report

Filesize
732B

MD5
776eb14559162eff56e587ad31a9b7ff

SHA1
e1c49404838632818eb0e57f48b7ec97de89ab45

SHA256
e3f483ea107b3944b2c07e004106ac1690b58fd5467dee4086fb23eebf4abfef

SHA512
3015e856e07660491fffef644d7e7e12706de761151579a3fe7c5eba5c34a9e17fc2409543c5fdce6b21a14920d0baeeeffa59576b9ab99a7796bdbc88bb730b

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation1011216479051321202tmp

Filesize
561B

MD5
923cb17694ecc715c715ba2b21c6961a

SHA1
08f9d1aa80b755fd11b8404c05ec79234d83512c

SHA256
40d48a0b607ebc64e20f05079eb16c8eca252876e7dbc1d61381c3ceb3380c8c

SHA512
5b670dff74765455027cdd5bafce5f80696eb05408cf86f8f340a1525a449e66812769aa8d1768672f0cddf7d76170c2e330fd6177f22377597a4d8bc328c840

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation7252602882066382179tmp

Filesize
90B

MD5
3864f3729a5b5c2fd126e2c38fb1c163

SHA1
35b0df748dde5cad4db7dccabc1003e80a712174

SHA256
6906296aa11bd5eff9aa74b1b88e20b5229065bdcad30f4307d819ef5608a2c6

SHA512
6e6d32e3ff63652f8408a4da6c92fd3ca45a3a2bcb90549e67bff1e7e262a2e5645a85e5d926a23d40dd24cd7bf55df57c3c1ba373d35c41d99e630220ba5cde

Download Submit
/data/data/app.EasyLogger/files/gaClientId

Filesize
36B

MD5
e187476be3f7107d8b348e9faf6d4b2a

SHA1
b7cc4e90e2299f5b18c5657243610ae87fd8819e

SHA256
494f47d2b1782ccd6af53827f56969dbf3170c431d9e38e8b96812522350c031

SHA512
0351c0cc8c3b0d283c42174d5e799fb962e670e69e2ab8b0d42d3e4ae07cf23995b874c695f78d0d15819b3c10287079fbfb26ea2a2951158d55b205089db5e3

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
50a9c3d733b61ec87981eb136b51935a

SHA1
553cc70452ec992d47ae085328a4273a834734b3

SHA256
82d2eb37bf0b55e7c4d1d990668ab67dbb536c956c26ad18b4b98150580ebc97

SHA512
65dbb9e9481561acf7d513269f9a7e91ae479a2e735dac226afc0e607fa493f3892fee70b6646dcdaf479e9b14e6615a44e464bc8e4b565ea60a92ae5eedbd40

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
e55d11ca3a90896e79c23acf14ff0082

SHA1
b3e3541775de4c38defd737d69c3682781f3b528

SHA256
22d95055586a3e390a4e4c7faead3a4b3030721ff3b60c9cd0f62da1f3d8227e

SHA512
fad7a689d3131128538a861f2cd701990eca6fe109ec4a3a06e4ab4ce5c70dd8ec58a270a518836754d0c92840014e8572606ec97f7c46d162b2614627991e31

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
d6a8558b3b58e2d452e3704bfceca8bb

SHA1
04b679efa353c73e6174ff5b1760112ccaea6dfd

SHA256
b3866faee0932cebdab54ea69b8b6ac136aa8e2625c5397a80916ce0e686295c

SHA512
bfbd7ef15813397448dc3b5352035fc491559d0488169b1aeff877bed8c656a1b4db96497c4c46d5f8593d002834207840f4b79145cd9dc8d063df57043ab6a4

Download Submit