easylogger | 798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae

Analysis

max time kernel
47s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
15/04/2024, 04:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Size

5.8MB
MD5

1398c9c6999be6f56f2364ec680f8557
SHA1

396c173b4c084afc3a2c89044ffa42a3f0e4dad4
SHA256

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
SHA512

49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
SSDEEP

98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A

Score

10^/10

easylogger banker discovery evasion infostealer spyware trojan

Malware Config

Signatures

EasyLogger
EasyLogger is an Android stalkerware.
trojan infostealer spyware easylogger
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	app.EasyLogger

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	app.EasyLogger

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks the presence of a debugger
evasion

app.EasyLogger
1⤵
- Checks memory information
- Acquires the wake lock
PID:4213

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
b666d3ec3452d0c63d9b1face56eda6c

SHA1
279306f1eb9fd3af567800d42c8b8b1d00f1978f

SHA256
98ec90a765d392182898b8a81e84d7fe9fb4cf7ea884e0967a6e1b9bc79269d0

SHA512
fa976aada4b7d57b4d9630d8414204ff843f146a8504d2085040428772d1af2d34844498219fac51322e5414620136169c479855661605895f451c9b22e7a0d3

Download Submit
/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
9df7606fb74c68d7d90879ec70c60013

SHA1
8d2df199108c94ff0f712135a63fe06f1d1313a6

SHA256
e37aff8ec5b56fa2b41e53193fe79033fc21088afc2b402205fae2d1168cc72f

SHA512
e8e66d72276c75e8b90604a66bb21309d1cfabc145f5008acf7bc0e7d15b33441980226c19a2559e6868bb4f50bf196480aa7b2d622a8ecabcd1a3cf2d6a1894

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db

Filesize
76KB

MD5
247a9a1ab8a9d50b768aea16f443ee52

SHA1
1b8ef45ad7df4db30e70051835585e526f7fe488

SHA256
6c414fa302b351eb7df14144c5c36a7ddd181615cb540f012ff67005837c9796

SHA512
6285e17579d1253b10f20e00f40aa8432e58a0e7b0b080c7ed52eafabae8f339f250897164409d1bc6512359557545998042fe41fca2e7b4ead85ab26918663f

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db-journal

Filesize
512B

MD5
d51ba964fa6f41bf67fcccf764bd5c94

SHA1
c0f0138ff20268c2a4089f840a5e03915bebad30

SHA256
98cf1a7849637650c16462cb96382989a7b1ed76a5e5e171c004fa798d9151d4

SHA512
da77cf6dafba59ab25df61a30a28a2fb4440a043d1b0e7796ef3654025be9794bab6a9338035532de1512ca9e1acf6586cc9e560f388ef08925121b424d25e07

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db-wal

Filesize
140KB

MD5
a17d9825f7bf7ea3f9e80efe14bcbe97

SHA1
c7b729fdc29b5f0ee6e66f996db9ba9c17120ba6

SHA256
5d92fb94771847230a98088f81bea333a57d46879ecd4ae908070df3bdf9f71d

SHA512
6af83eced655d22003e86f59d376046d64095e01df3149be22dd443942c6264a77d6daa22979bed3a47a0cfd7faa373bace9ebb63559bb44fe94c406c52a8c11

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
fe86550f290b57042d9b56ef3e0592f3

SHA1
9e959cc75aa05c4a1eb4ac894206a0d7a767404b

SHA256
e92c7b26f81ec68747f7110e5c2efb3558e1d641548bcd6d84d43128ff395e17

SHA512
7c3e37ff81dd2190722812cc47eb5322870f2347bb2402e615ff354730d3c2f8a70d19a0621e70271d8c100124e1aa5501dc47b4212e32e7a0a90f46768934a3

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
a94a0049452fc955b17c72e44efa0c3d

SHA1
a1c9a135496f2cd7adf7689b566aeb9f318f4731

SHA256
b1d9baf2bd33b307540a392305c319a189a0208d34be1806e40fe30cb5520ed3

SHA512
fadb5ef6e010c05e99dd456836361aabe25b4eca6f4aabbf57b46160b3756555575f9a45ce2a5f6598550bb3cdfe29aff7ed69d02cf6347de5f72c9ceeabe94b

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
b7b3a927b2cd6cd4bd43a7fb4dee804d

SHA1
52e17a8de19e0fee04df38dcaab1428c40f06889

SHA256
9ed6c94c5d79947151bd54595a928cd80889c0d2108e54f1fdcf5c4ab9a3768a

SHA512
4083b784ecb470c5f6b9372cc3fc04b116c662200f6d78df5a06c018a66c7c54756acd4274614b2cdc06fdf665ec97ff140cabab48a78ab08366f8040d998e90

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-wal

Filesize
68KB

MD5
abd2f2e2b0cf93144db3c6a229ee43fd

SHA1
857700e5a3630315a28069700f695548a89bdc26

SHA256
d52887b00f880ef15161164908f40156d4c75a0fa17f6cf63a1ec33d8afb305c

SHA512
e8fdebe67803679e4e641426185f3c6f858ad023981088d94ba773c14bf1b4bc45ad740418f9be693b337af52ed56761d0ed0f2579f22064d6321a2753efc43b

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
23130352f371fc193a60193bc74805c7

SHA1
61392551b1a3396768b4b903ab02aea4744d81ca

SHA256
043e3bb1080b08337c02d0c8d746a8a8dd0623f3c2dbabd6531f71dba1febb97

SHA512
7f39d34e340725ce3012f922984004d74e23e47354f67bd5ca7f241d1b3dd24b62474bac66018286e87bee36e49daf5c149e5a5ac3ec9dfc5e37ca25d4bf7a8a

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7e0d9b5d613b57b69144fe38a077239b

SHA1
8537fd2e48ed2e4729c84e6a4ad58e3fa909a4a3

SHA256
34037e653fa42f94a94b6aaabcfa7bb118c3810b1465b450b7dcce511c6b9326

SHA512
86db703f549d6370e5a79fc420cada137fbfa366484c66fa22d49a094b11714f5a452185f8f31680b282ad6fb64341cf946fa4471144ef7bf9f952eb407cc665

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f1036d1466f14a6de7be2489224cefac

SHA1
4d00249184482e0e216d22661499caf5a6b45b11

SHA256
e9939680ba909c62ad4b9cbe8a0b60b3011a811fa175292dd6ce929711e6e590

SHA512
77d564f2c9350a7f4eff85f08def02dfa2806071a0e4a744033c90a1abffe466dbc8de8a14453c722a4f509adf3a94b3d8984b3dc5dea2fe54eeec1127b8ab25

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bcd87983410719d48f6c4c53a308fb1a

SHA1
4a0b520489b59dfafe1367532e7295505b3c9d3d

SHA256
671653a8ba760b37d24eeb3dad1c2d2659cf377d7f2b6f5fe9dd2f798f6a9490

SHA512
26fe567c47ccd819af598ca393997c762478196e7a5309adc400c3d1076948819c9c6766c45d4179a7c2e2bc9985f54e6ec57b019bbe86efda84a0ec7b51342f

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
87cb9139596742358c3c3c255a7eb83d

SHA1
4c828cd7ecb820c49388be23f7044752b2a799a5

SHA256
3efa205c621cf97960f5c1b691931bf0b983ceeebbf1833b6fa0f9b1391a1593

SHA512
7edce5c507f0c3efad1c9fbc7da751a2b11de32fb23e52f21d18cea525e1172ffcdf71198884a0a5c88d84e3268d8125815fe88f78743d9a2b2fb4982a841b2a

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
ec91258c85a61caf81267bc2eb466c88

SHA1
8e010368eef6f9090357b50b864b180a95abe480

SHA256
ec19a5d9f549a5c0616e03e343d88e26e5646458faf2f561024cd4c0b12be8c8

SHA512
6d425fb12f22308cde869c4a8fe7a7cac31c7a126860fc37a9d00765d8eac37195d81a3aef41693ac87e49f531cd81da6133a666664a0f3b166cc09e93fc88ef

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
7fc12b0aabb6c80c57209cf19d67a0ec

SHA1
82ce4ebd29ca9fc16f4d22c6416a06a63d3b368f

SHA256
77b7bc8984b5b1a625669da37333ba8980e1ec0c7e620fb0008aa79a51bef3bb

SHA512
2baea99b602349811aa18ab9979b4a14ca0036fbf157f67c15b26683a2871e84df1d75a71be74cb95740cd5e5c312bf47838023b8a1c447692243c58da97f024

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a0678bfeee8e29e85cb78bd31ad35432

SHA1
4943a8619882550bb4b8da3c663256c08a79b466

SHA256
e42d4752fb7c6fdca8f1696cb7353a5ef3b1e9d147e3053bc8ced6741e5c9cdf

SHA512
47133a0e66d9f0768a04b09d9295e15732146f9fd589c25f676561df188d6fdc291343d85f337b81841ee9b7bf294415d734db62a0f243d43d81533404f39910

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
02ae893693760a843658d77a9f31104b

SHA1
217eb665919385bdab87d4c788e1e50ffdb5e867

SHA256
1ebf9a17ef1db5aad30a70b448a5e78a27ec01c3e47811b080ebec44cc0ab50e

SHA512
981d1e2866af5bb924a372880a968c3c5e7a17953d30d3678ac3826f3ad0e995d7743c11f958d8df4dba0db89a015dfd12f7f6cfa2ead91843397eda517cbfba

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
b6750a08ba4851ead83e8f2515918bb5

SHA1
233d9811917bb0b983adc8e11423385ec8013335

SHA256
b9c8cd063b4f05f7fa69f4b17be3ded4c672444a13ad2a2474ead45380c3facb

SHA512
28de6e29b4518647f83e4edbf9c801160e0e06b385dc1c6d33b1f00a3d66979fd45195be992f3d5f18326dec0aea5009071fb4e7b410297f362cbcd9fac6c3b3

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
29a0e1522152c42b76577497dd943de5

SHA1
cbbbfaa53b87f9e8e491661470547fdfc18f10f2

SHA256
462435c15b8c7c1acf015be71f0afe24cd53cd7e9b7d36b6ea196da3a3d948d4

SHA512
0dce4bd18b95d9d27b2fc6fde59635d9bbf2432a28a8353063d2bc39d944d1481bc3a62d019bce97b0e675556aacfc05caee5537bdf9910de8204222cd9acd5c

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1590b5e7b9c3b635b72d630af9b84978

SHA1
e65d5e66d1a7d8e47a376f98685a36f5d98e580a

SHA256
943ee27c0704421a24e20c7229720be606e8a89f9c4690a5b0e58119a503a66b

SHA512
9e3f20c7a43605cff7cea0cdb4d6b00bde74a60c0696dd6d837aa4f4b0aeefc208162b635eaee970796adb320908af23947a5ca991ca28e08b79055f60a50e86

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

Filesize
710B

MD5
191ac72bb40af68f4c2762ad17ee7684

SHA1
f48c8ad79e4644b3f6f887fb72245a6391ad3ea0

SHA256
1cb80b28ed3119639ca6f0ee19b236a26daf102d4b2b2702db0e0975242f965d

SHA512
fb2848b2d6e53ce28d7ffa3480418cecce3b4f2ab59c65f76b8b573243acf76357096e9ae72f2fb187af0b09212d1d6ee3482620e96c8cd034bdaf5b78da6090

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-661CA7BF0398000110757C85CD4FBDB1.temp

Filesize
438B

MD5
b5af9e1478e5d13dbbb9799ec572a015

SHA1
1de6cbe4e40a49aa836456ef0612ff7a8f83f693

SHA256
90b43b80127a3d16d7f7b0f6a23273d86a49a971d732396c31454b28d35dd4ab

SHA512
35b7d8da446a03857f97951707eaaf8d199d697cf4c09b10c04c89ecac195030eb3085074530e93a0b011c0ef1f222c7bcafd8c4f954838c42545c3b706c7ba0

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-661CA7BF0398000110757C85CD4FBDB1.temp.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/661CA7BF0398000110757C85CD4FBDB1/report

Filesize
732B

MD5
03b76d797bbe5044c19ec8298adf0d5b

SHA1
e02947a452649405cb4db76578acfd1eb1562e89

SHA256
b1f8daf0056001a33e1ec43f16695846eb7269cc5b270f85bc9bad134b90889b

SHA512
f11fdd9d2c083b79c3fa3b0f37ae8b6a50a719aefc744891952501b011056a55c0f9dc1ab8968ce76430d52e9a52255f7fe606d177df632d366f6344e7894b56

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation1846084656374593520tmp

Filesize
90B

MD5
a75d2c49b795f11fcbd3062403b46f14

SHA1
38c1ce5b5fc20219d842d8ad94d27e29ef63e71e

SHA256
84bcb6a731add35bf6384d625d03be9cb31b6ea514ec5c5d18a0678d5f8f322d

SHA512
a9358131ae389c2115104161b844fb0671bb75ab3e9609f41095fd58dd4a2d3f5c9f6ae9611a3f64769d424cea95da7bd42d2b5e29543ebc9b6a49be140929ee

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation8817745427555290983tmp

Filesize
564B

MD5
bf360919fd4db69b3093126736291d5f

SHA1
ea64e87f151e85b82442868a32becb1c0c074884

SHA256
c800711d37e4d2e9ce7255d474a8c189c7bfd393822dbf0bfefa499f1b69fe28

SHA512
c02e766f447a4fdc9f3252d4c4b88792412998978ca9cfb2e122502364e5d744cb31896425459742143478af8fce79b51a6896f2f8e43507daff5cbaeaf744cf

Download Submit
/data/data/app.EasyLogger/files/gaClientId

Filesize
36B

MD5
fe24029daee6b9c4f0aaa10f61a6b5d4

SHA1
4341b21d802e39485db8b33105381a1805f3e3ab

SHA256
b8ecda262a7380dbb2abd65a9125f0db41d7791a914ed755bcb884acf69be148

SHA512
faea330b16509b6117fb142e7373de8008abbe353298ac85d7b526c0309320f7469cef9798a5c226b3731c98d2d59d6e69bab92d210078429f28666cd3f44b69

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
bdfbe0b4142ef72bd682ec3be1a970b0

SHA1
77595fb1495431dec9860c11b546c23e95f66b20

SHA256
f7e16c4f20df6fb7e60faa3b932b076a1c5d975fcc42fce5d810fb49a808b1d8

SHA512
5d428dcb86af714203872c7ba8d829c9e8a2899826a6f345b65eb0ff5bcb291bef7b65b41d6ce6d2ae651e4fc1b6cb1dd3dc7b47f1587675cd6564cf408cd029

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
89ae75913f0b098278d4530f9fa0f450

SHA1
f200ea54e81818274f4717d21e56d13d9b61cfc0

SHA256
0994e73ea733756eb94a5a198c2a4123fbe653be3432884ac7f3abb7046e9fce

SHA512
0dad2828a8e96f0882d81f114e852fce3786cef665793b2c5acc97a43987f43f5a624b9d062ce4e916a86438beed4748389bcb1191aedcebdc320290012ad46b

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
b26a73cdb53715c98150bb3a451ec421

SHA1
bfda54a38fb307cae00f1209c77e5da938520ba2

SHA256
e94ae4952d67c5d253f55b31b1dadc8dcdcb5e6f80661b09f69253385efa909d

SHA512
1830955aad708b6d727535f29d168d910d5145dbea91e65ba0a524796bfdcae7d245ddd874082ca622b1e294777dff78a3e4faf1894de05b7484e9a0be1b066b

Download Submit