Analysis
-
max time kernel
48s -
max time network
134s -
platform
android_x64 -
resource
android-x64-arm64-20240221-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system -
submitted
15-04-2024 04:06
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Checks the presence of a debugger
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD57d560fc25157a6fc14d005455da76a71
SHA1ba8e09ab4c6e67837588f524dcd9d052fd50b7a9
SHA25633010456308c0584361cc41d5bec0dbdd9596d3d191183c5fd1e5d369490ed65
SHA512249ffe96ea653521c29cff2f907b0f3294166dac172fd179af1ff74a1ff94cbff233bafbcbb412e2a59f94b49ce421fb0e34dd52e51d5dfd7aa3c8335bbca4e6
-
Filesize
1KB
MD5f8aadcb84b645eb82f877181de0c2e37
SHA181dacf5f0556b8f0c805cad04b4fca1f25656f25
SHA25675735762ae55c529c41ca1d67535a2917f0b6e5d2c5773f6de5515a31fb4338a
SHA5126179419d25299f1f07e01c8d14cba416ed556d4b31cc01583144d6c14630a82eb169d3867180d1c6cf5629722d76afbd1b92fff94339cfa1644dd82c21a725c1
-
Filesize
76KB
MD565e41370cf11c2718cf78e9ad13f1f86
SHA1a8a58e529c8d41223840640778bd8961d73505d5
SHA256563253ea278be27154c894cb4d7cfaa4a653509f0b1ca54577988d92b381f9d1
SHA512c7291142379de850dd9b5992882d866eb50969dfe531a530f8f4144c67c7d8b39f77243cba13cbcc731658e192cd845ab817eec6c37411d7029b83668ba47069
-
Filesize
512B
MD56f4109b00042e7b1f6af4571c0df5df1
SHA102647ee2712e5143beba693518a276bfd893437c
SHA256d2efe3045b59e38eed841b58a8996ac8490cc13580cdfd4b1826afd00dfad2ff
SHA512785859b2561c7aa08c55a859cd884d1debf2d49b9b1f157e2383fdd3e8421097cfbdef49bb316b26a75d3efb1ec911cf28c5a6fb6eb332fca9b47df33febd08c
-
Filesize
8KB
MD52d9ec9f18068e687fe4b9c08be921268
SHA1f666d766ddf47aaa576111eb5fff4d6171f1e6b7
SHA25608b617776868ccf371f1aaf7071ba71ddd92954fa2cb6773f62a43de445cb23d
SHA51265c79dc395c5946205dbf5aab3bef02e25b9a129e4e405bdd7cb6bc02d015d26d97331624896b734fc4e9f49b870e50e4b2f4cff0a2a434c4555333671fa4605
-
Filesize
8KB
MD5b6eba9bf86c2bb32b27e0defd6533ffa
SHA108b7e2552431998e3486cbdc6fea2f2f07ca3f85
SHA256de1562e85b1d1d0138aa099e86a815f5a9cbd78f7cfa95667abdc7e102fdf629
SHA51231b9d130d6c83a882fa5fe6f33840ce8b1ee48599547cfd1353ee84ed40364a088ad24249e4f834cab24fe6e036cb0ce4f2a4bc2bc874c2497292c12b7969229
-
Filesize
8KB
MD55a7cd4a585cf0627cf826f5f0aea2d11
SHA198c83535efd7bc29b78420f8d4bc043ef11c8d32
SHA2567488f99a31a80ec9d9b55e6daccb01cedac20d7f9e9f2aa8608af80fc7aa7660
SHA51237a3106d33389c560df7929d59f727b44e58c00a97535f8ab73b95b22fba631948e383a307ca544a48caf38d75c05b801987d914b5f07914ad23a10f4e67b281
-
Filesize
8KB
MD5a00afc7efcac4b433d3b6c00defd9994
SHA1ab91d891e4171fc894a0d95ac21cf5a1b8c0df3a
SHA25645721dd8aa9a35dfae20a6d38dd39be38a5367ed89ce6b313326a7a955886781
SHA512228f2b49b35454e0826914d563d19409b9d3811b40261ea51a2124077163d7f07f06c245d04a7d33b5da5aaa23f311dcbfae6649d5b72f775d35857655901352
-
Filesize
8KB
MD52e19a20bcba5a03c4613876ea19a8f2f
SHA10788734899858dfd2596895b96ba2ef123f10c35
SHA2569e4f89e1b1d232b7138296691d73e0ea8527730c27064eee5a3e4c18dec782fc
SHA5125bcaa09e85dabdce771196be1c830237f9444554976d1428b33d636af86dcd0c65e927d8e2e330423a436d6924697dcf22599bd3c5812cab46ccce04c60dbeca
-
Filesize
40KB
MD51cf3f63c021d755a21623e6d0e86dbc6
SHA1e40e0f1faa61abcca7ba3394c54c92ff7334b49b
SHA256100c67650ba652d547d8a1128edc550a8e95541a1d9268a199d1b924294d0895
SHA51238d72e14f3513ffd26989cbda3df46ed3dd6e731bdfae56440eff6b64760cc13f91014281c9add61e018fe3529e49c63a6892ca22479515816c768b546244466
-
Filesize
8KB
MD5336b2cf0f3acf599bcb166c0a0833e45
SHA1b594036298e0f51e683591e4d2055d777d53fccc
SHA2561692db089dd75e3cb706e443d4a9c38f2d391a7e259a3cd44835d5f43b483d6d
SHA51233e89be0c8e4d5995b17fa2fe351f073181f32fae5220d08d0e18a0666885de32aa9c1fd8c40ce4bdc902a4cdc9fee720f57736a63836a9dce5c8bf9f8cf7f6b
-
Filesize
512B
MD5fccd56d79f28c2e58d5c13f042f01c65
SHA18b76aedebe7afae5e2a9cc28bdcc8c3801489336
SHA2568fe652d938ff6b94a6e407d03b3ecf08bcec5b650870cf7d16a043c0ef7b7769
SHA5128a537f8f19fc7d7902ee95e8d1956a204ff33b725b13effb32ae9a8c0794be64603fbca01df5274e4eed690c65445dff1547197c5a9f376ab5fc2861270a6ad5
-
Filesize
8KB
MD55372147a44dd5d4a81a69f13c1d88523
SHA18432cd52db01eea4b9eda0aed795f223fff2fe7e
SHA25627a0e4bd0fbe6688e73aa6730a93f97bdc58cae50d3d0d8706a147277e9a4459
SHA5122b81b443555b8a9fc51b7c375b7b3ba324cc9e44fa57dd425d43d35685d05d6d8ab3442819d3f50174822659a7ecaa20d547adb879a33826a4b2708faf55c6fc
-
Filesize
28KB
MD5b8800d9015a9b8d3089b2908df0bf67d
SHA1fc6c4eb21816cd22397374087ba782b23c479d91
SHA2562e5c0e5dc11e4a6a289ad76319c15a9405d8aa1c45531fe4d2babc6e676e4420
SHA512acff1ba17dc65ce9d5cd458fa09a523dc641d6c35d2ac8c2f5414f940ef81710ee345bad40e340eb08f1fa83619b73dcef8a48074bca191c552ffd6297c6b088
-
Filesize
512B
MD5d7b87f220c1ba03600117e23a166d327
SHA106649cf0a495cbe65f9d4299c3d5e321d219b86b
SHA2568ba5e9554a2c765a7ddeeb88bd93575feacf52bd9d49aac62876b376f1513d70
SHA512cd2ec2ee47a181c5be8b2907dcb20e3aa40ab563f92152bb485a27a0bc8e0ca678c772d33926fd5ee22a79952e4bdad4441cb132ded2c2fc569fc9bae1ce0af0
-
Filesize
8KB
MD5ef0f0e3d1b80dd7bd3527242e61b318f
SHA1c118104b2bdbc2f09df5522e1f396d99c64bd9c6
SHA256fe32aa0701e8aaab64a5c5c181209468e8dc411d05351d9e4075378b529e10ec
SHA5124833f81e5eba3e7ed29a892ed0211f1798d92e1bbfce46144aac630fc3c828852d87e9bf303e591830fd750e7f3847669d103dce07dbec1b40c06f1a4c4c384d
-
Filesize
4KB
MD592d75723f485a6df5008e910d41f99b5
SHA106f18f90e27f62b4a5aebc595767cf7adc7687fb
SHA25607ed52f33b1492a05446fea7e222f0356a0f7f6683affad97d673aaaea9dec40
SHA51222778641b4e5f75ab08fb520e453753ba706d400238ad6091378c731d63f378140137c887bc5c491dee10481a652564806b6e1c4ec8abbf77cc1a7229514eaf4
-
Filesize
8KB
MD59b9101bf66d87b71451b54965314ff65
SHA1d18236fb8a08b7faff05404711f1523e61e83d49
SHA2565967930c61e92eb2fabd63ab717e62a7f5bb01b934dcea9846c1c209b87746f1
SHA5122302ec50251404d62b4d1a2b7fdbc87400a646111a6f96d68c33a944cd05352d6917c07e42e4656fd2690b5028f67a5346e4a930d830b7196afaa8f206ae914b
-
Filesize
8KB
MD50ac3b34e1def86978cde4cc9ffc8c5ed
SHA1a6b2c338d766b1c8d9314bcd443c4bf7aa81a41e
SHA2568002fa1760bdfb607d61a90eb5355f7289c3f6fd9ffa5573c41318d296ce11ff
SHA51269169399a71b91ef5e95c97c57edd419049f7c4d924b29720d7088cd62f5a52744c5cde0e04941dc104125976e6e94e296d32cf1523e5283edf903249894b651
-
Filesize
12KB
MD516bead66593b1c260a0cb92afe79eab8
SHA10e1a7ddf25c7ee01956dddfd771ef31732a20c83
SHA25669bfba9d58c25e06ebee589dbafd4c33a37900193e3ec55dd94058f6befb6a6c
SHA5121e621753f0635ef8d1d4113747c811a9357073081905a3146e9d4409f81e44f80efbf9482f215504195f2b1df5ece1f89c87bd2a0277e4ca6aa1918c8ab3d040
-
Filesize
16KB
MD5d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA107ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA2562d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb
-
Filesize
16KB
MD58dc4d40b40ac157d3a677d0983ed42fe
SHA1361bd1f3d580336fa42acc1b3178bbd4575d9557
SHA256df19ac41cfa18d32564172c0216edfe2b4cc65325fa9cf22ed5b7d72784e422d
SHA5128e4b1219260044f6cdf66fdc40c8fa9774a8f0345e8ca2d9c17d50fb9a465e0954665bbbb8a9b9683f25091716e12690aadcd29f85d5a584f6ef0450b7fa0241
-
Filesize
16KB
MD563f2038a28bfd68aee9a8e09e4721685
SHA1f76d82adf11191a5c1ba44268c65de15367e5eaa
SHA2561f03dcc5c0ce5aec12b7c4bc29cc8c0c621f3a1e4a4c5045f5250c07aa12810e
SHA5129327a5c54e2d20891df0a419d22b50741f99b0ca80a1912996f6b1c07f644fb68d257d6a87db7bf3619ca10fd1dd5d021ec315457f2f7e72c8d8c969f09b325d
-
Filesize
16KB
MD5674aca97039792909d6c7e1a0a77b4ce
SHA1b0d4f68296e05fc781d15542834afee78486b855
SHA256c5cab51c8f7887e21621ae449c69f9b82adff6148512433c88b9efd81c56e38e
SHA512f099f65cc46fcc27d6d54b2c61febc74c364aa16e0e5d03f2bc7132e22a26641edc0db7611d01f012694be3c8f895f7afbca8be20f75ecccab2818732ac7f2e8
-
Filesize
16KB
MD55e8325a0280d6eabbe133f0d3874ee67
SHA1462e50e21948a6a071e87c153c320707ed1babe0
SHA256d4d280e399342c77c792a297cdac07bd82f9756bfee527a63b0be29dc0ad294f
SHA512f272aaeb3450f15eb06db03fd3504bd3330e85a4ceff5cb00db7e4d02c5a2caa58c71cbf935c97880ac33c28f640d3561aca2f5fe29baf3000e005f655c87fa9
-
Filesize
16KB
MD5a0325ff5668f4474177bf7958d70a597
SHA1f9471cda55083be6cbe3f62cfb230b2b317cc4de
SHA25671baa9bc34c3832c1b0a51c8aa3bf03424c6696ae37147861da52fcceaa0f688
SHA512c8365efeead343b31fbb858caae4f8b1b6c9fcfd04dadc3bf4e39a600eda4fc4540a727a023cd06bfc28374a21e0655cdb14a680e202383710823032c8fcbc26
-
Filesize
512B
MD521bb7ecea52091477705260e5f15ff9a
SHA1ff477f72e55bd8791a52bf780c1cd11de4a3d92d
SHA25685af208df7ace1378af3c8b99e9eb088e73139a1fff1ca02905b1e5c366b5a91
SHA5126978343ffa2193b2fbf031bb1ef4860b67a3f71ce7402465766f56e74d7a5629c3a9ccde1e4e66f10f00e68e374e7f7bae2eee85c914ff5da13ae73e98a91bf5
-
Filesize
8KB
MD58cfccc1bc3a77ef0c4760c9c303a71a0
SHA1361b354c356021fa460f9aed87303ba75bf4c6f4
SHA25690f2940330a0f344548bb5bfd29ba79edd537a61dd8d97ee092d7bcdb09fe1d0
SHA512c5a76a9deb067a1b1349d8d2e9fc5e6188b42f12fd8da1bab6ed018c1fa79a2ab40dcde08e5d1e1a0a9e8a8d2bf075814313f2f4b5fc934dd30126c75344144e
-
Filesize
4KB
MD5dbf0a5dbeae6416b2609dd4c35f1aeed
SHA14fa8f27999c29f7ba58d5fe691cdf9c68573b9a8
SHA256a0ecdbcca53bc6ed8940dc66f9b0149bd98448d126ae3192288c2e6d8a93fe04
SHA5127ee0f592478fec1e7ae40a152a3faf5f3016a64484774f0f91f37d06bacea7aa3c1faa20085f132df4ea468fb75e346009c7a78a78b4384ae6cdbf4b34764601
-
Filesize
8KB
MD5f9b34edb6599c35e74fcf52666a65884
SHA126ffaea42117617d408780555debab196950d951
SHA2566167ddd5f0f2bdcf9aee17b6908f7a1f2e559906f5894c05118950b2b3a3cc93
SHA5124098dacb7bc1f4702ba82528ec81912696a619853a68f3ead5423b8acc7bccd037b4459705628d36d7f84cc8093130a892d9d62834b23703275542d79f5b46a0
-
Filesize
8KB
MD519872733e3bfb96a24690503093f901b
SHA1bf5662c99a380e05ec7c7ae244948bf1b498ca14
SHA256904e74e5bf0f7417c12496d4fc2d8582a8272360ee4be70ac62878eeca541ffb
SHA512dafd8580600d2ea6db61107dab9f7168c019baf760e4998286f50ed47efd330c409b4420d3949d1c62664fea4aa61ca73dee04b0affacd975dc21adbe917a023
-
Filesize
8KB
MD5379080d25a124ef6663c9bef3ba75fd8
SHA19a47bd116970c89b2a835cb9a2d20e1aae4b02c4
SHA2567032b2ed76119f169399a4ef47d7443dddc80766da4fd0a2f931b082cd29b87b
SHA5122962e78875cc308273342fd4223e0916544323cfff48c9cef25a8cf853ce1ede234ec02bb95d262d0ed6c70f2c722f4079a0a4a28317fd068ad734365f8d95b5
-
Filesize
710B
MD5e3a8da44896764e4242fa0e3dacd2381
SHA1ca73ff5c0f05c2539488c3a083968406f2ff3f25
SHA25641e2347dd5c23c3067409297ae6573f57665e664c6b8fa3e072ea462799caf71
SHA512e3f8359647a5031ccf68c1c269621402a4c0039105f0e328e245df7a1bc758c36e785a7cfd3936835ee0292b726c94d50057da697936d102fc1d15e82fc7c149
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-661CA7C103D50001116266AD19A61CA9.temp
Filesize436B
MD5780b757747bf57c95f10dacafba2ca1c
SHA169d21cfef681bb026146f08bb7aaaf01e8f0bc96
SHA256906fe36f933e6dad34101d321e1eee8e8ec3193dfa6bb8f0bc48957ab6b59f73
SHA51208d8900aeb43e93a7099361182ffa1ded51c7e74635e2663d35890bbe14c0e91b27f9df1340653c59c06ad3e138f8d144603ccd4c13f91c904db1810b5029e47
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-661CA7C103D50001116266AD19A61CA9.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/661CA7C103D50001116266AD19A61CA9/report
Filesize733B
MD5c42d6060c45941bacd9450a5006eca8f
SHA1af9b8c967298cf1831d11ae19916493fd1bc2f0f
SHA256a1a19b29b9d7013935b8539981e68dc6b5dde193ecbdeec0b50084e9581ee17a
SHA5121fd2d4e58aefb465535696293ee5ab6b05665c6a74a548427c922931f0176122e025303122925998fc8a13beadc917610d4afa57c7450e2c44532f7b2de84cba
-
Filesize
90B
MD548909fc8a901c83aecf5d898655cc1a1
SHA199763260c692a0c1097a5646ea448a82a1093cb0
SHA25673ed7caa0c9fe9c1f643db901a1548b540ec2d1fd681d1283b9a37248efd9aac
SHA512046c14bacf5048c595fc038e88844fd22ca0c17b874a04f2b016812cc001da9f248c7d4f9dfd08afdd99c528090e695a23fbceabaaf715e3ddc939a207d8f926
-
Filesize
563B
MD52b03b8fd091bc80dd407020ed9149dd8
SHA1a26eb280ef2321a6581990efb79b9d98f011c161
SHA256c143f5f1b9a8b2ad38ac587f0aeb188922eb08d817c671050ea61da9d338aff5
SHA512164d19836fd36424003e71cd051fbbed7e70c44a36e8ddb90088cf96fea5b9e183a953dc3e4c3c5f8c7eced1d66a782be40698561a526e80a20d7cfa28fe230d
-
Filesize
36B
MD525eb80c10701e3a689845072a2cea099
SHA17780e0d7d878e681d020fd3c980c1645820d2752
SHA256fce06dd83851ffde392ad7b51172d80a2b4b85059daa4bbdfee34a3211ff5e46
SHA51211b8ba325f13155419cb89b2d0b20b408ff03417a6fdccf8eb0ba1a7212402767e8c59b8d40e832420c236e5dcff54175b51f07e65bf3a0344c407485dca898d
-
Filesize
4KB
MD57e858c4054eb00fcddc653a04e5cd1c6
SHA12e056bf31a8d78df136f02a62afeeca77f4faccf
SHA2569010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb
-
Filesize
512B
MD50b2f854de9976409412a84a9d02f5f57
SHA183840b49ee8558f87a2cc99d472c5b8699d3521e
SHA25695986a829517f4827efdc18b6c84c4e8c0f173ddfda0db423f4b64f15b4f4abe
SHA5123e8075aa62045884c353b52e6117732273822f068710067fb0728d3288e4ca1f1ace26787a77c81a1afd26ab47de81fd63fd3ed55755ea12bce3217a649ec1d3
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD5f4f0d9e3a62f98d5aad03dab1eb0a999
SHA1ae65dfe41b4c280679480046289ea21ff70d2969
SHA25614ed911ab9e34ae421f2d012299a473f87a9e31aa2fb3f48e9d61ed5c4f7aaf6
SHA5123c11a0513658d0a7cabe35eeccbe010c99349d63c2765725433f0dbb71caa481b5f048dd47e5386b63fad636059833eeaf33eaaaf52657c852c040f1022dba33
-
Filesize
108KB
MD58296a9a03a45a3ed5fd8280393bc4abf
SHA108b978f0517c2eb5b1d66b5b821567edcf80e932
SHA2569e3dab5bc05f0fa9f35cc40f0cbe59a938a4474f7acb504e30ce7b81bbbdecd9
SHA512a9357e9d722948efa69ce93bd16b923792878efc8d85aa2c13786386efefa5486b0bcc8cbda0003604a211847f6622949d3e658aeb7295480c90a9e9b0c6746f