Analysis
-
max time kernel
48s -
max time network
139s -
platform
android_x86 -
resource
android-x86-arm-20240221-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system -
submitted
16-04-2024 02:07
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Checks the presence of a debugger
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD50dadcab0ebc58e0e41c67debb4f3dabf
SHA1bfbd32dfac5eaf838f5cfc507f525e40234a00f6
SHA2567eb3398febb0e04d417c443b376a290b177fc4da46d56c31b9ae0c916d5305f5
SHA512e019a6811821865515f7c933fdf667f66b5eb6463ab05c3c365de730a43ea2853251380097ad051f7f66417104de9f369f06203069a4ecc73c131a3e1b894e43
-
Filesize
1KB
MD5065a1a405d45c626bc06973cd1c14385
SHA197e5fff9897b0e8a5d0889004106f557d27405e4
SHA256b1bd4c701a81afdb6ae2ab59e4a15a42e44edc82f1b3dd6804e5c11d4ed68af4
SHA512e46e218132212610f221315d4a0b523c41956b788f261a58f644dfac1e20315e1906cb6ddc5ecd3f73506a4348f974a9ce0a02a51cbc98a6425c77023a7f89e7
-
Filesize
76KB
MD5247a9a1ab8a9d50b768aea16f443ee52
SHA11b8ef45ad7df4db30e70051835585e526f7fe488
SHA2566c414fa302b351eb7df14144c5c36a7ddd181615cb540f012ff67005837c9796
SHA5126285e17579d1253b10f20e00f40aa8432e58a0e7b0b080c7ed52eafabae8f339f250897164409d1bc6512359557545998042fe41fca2e7b4ead85ab26918663f
-
Filesize
512B
MD56e373484373cd71faf69f7273ed1eb73
SHA1fb90a00d5b2bb431b25eedb78e2ad0ac7ba355ee
SHA256d096d41bddf5aca8ce2fe1a3076efa2266294a8068dcb7395c44a3a72aeabc5b
SHA512338433e217503d2e4246f72fa89b834d6014f9e76cee5f867ec497279334ea4632004d1a1615a775c84bdedf5a243132a7aba485a220c66f98c692ebff5b34ee
-
Filesize
140KB
MD54af1fe123d4c111b9755e04fd1e6f535
SHA1082139e1393a1a337199d0f25fddad33e23e56ac
SHA2569712623b49032c5a812c62d247bc5b0b7b11ebd7b91cc9e2fb84bb3c24ad6544
SHA51253756a3603efae02bff66cde800b790a7a288fe3dc143ae95821b33e4e1b8b3bfe4b4ee1d9a9935915a50e602866ffe73d3128f6b3c8f8bf77398ee56268096a
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD58da0abb0cead89d99e83609c4adef5e5
SHA10f9e52e0c9357f97cb6df815dda2589f2c8a8efc
SHA2567af6780ecbaae2c70482a85108755d364fefbfbde70f590b5fec5f2f21affef1
SHA512a0503bfe49c2e5d640c5b44f5d20fabc8d358b89911d9015e1743738f56592e790e3aae9f2976412a202bcd3c2850de07539e56b9960f43a5788b98b26fccf90
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
52KB
MD5a3ad13563faff37b5a1d3f8b8b08b409
SHA1a2002f17f5523aeda58a76d3ac92a254e9299264
SHA2561ffdcab369f3a272b8ef293e5908e182945444f1d7cb9e309a17657ead450c71
SHA5126d02e195f5139fd75788f4dd729c117b636f24e1eb22976f048b3e68183a49ec491fbe3d37b292a843d5fa36edf31918c1febe33f7c69c03aa1bfd964c258793
-
Filesize
512B
MD5160b7c9a635be7a4c7b8d796b0b3182f
SHA1f541fc4eb691146ff8956af04d29a562c6a79236
SHA2564391810121f4d10947cbb801d3d305f9130dd25f422eafee352273c667b20215
SHA5126dcb3ec66048548bcd01cc4bc78908f988e57a61d54882422d4b472238628219307ea2d75351579eb9eced2b232edfaf2d1a3001b008c66eabfa8bb4d36356e8
-
Filesize
68KB
MD56267bfa4cf580d55c190f98d67fb1045
SHA1aec4ef2248c15458ca3d0c251b7197b2dbd2a6f1
SHA256d26de62374bce7cb8e832e9f8244cfa2b879e253a667e4f176a54f70026f79e8
SHA512723805d9221026b19ab007c7cd4bea1742b1ca8597cf286c9e27d8921093bbae8921f622e61ddf22c17299f5ce48b8a3751da402debf3ce7418a0dae30b7822e
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
16KB
MD5a5f5351a51a0b1d5e2f05f3517f2a840
SHA1dd3b0981a1c69df1a1d4582e6836613f4619e5a0
SHA256617a35e5b4a639ff58e80d080bed8b093b6460be6b9e3031f39bbbe9a64f541c
SHA5128aea6907a2132adde0eb1b4015ec2be0d4d0cd3f2f4a61d72659dcd81970dcacaa1af607861be467f0498dc1c155192689d296d92a37a51cb167576b406c7763
-
Filesize
16KB
MD525416fc8ba19f4ccb342b24467d22572
SHA195f340e5a02ec7e05449ee7fa49bee7c07b99b91
SHA2566e028a9f466abec41ce6db35426ac8a55bbe3c676373cc8d1715c55f761ae60c
SHA5124c5ef5af7e3cd6952680fc3b946efdda17c7a5176ad482d20af53a83927f252f5915dcbaf524fdf75160224b9d3cef889b2c2534a9049c2c047b32af28c17861
-
Filesize
16KB
MD5b8243c3fb2f64cb80f80db8b6736561a
SHA18f5d8841fb26bda0c9505fe11508d278c5746381
SHA256f33a533660faa9ee0c5b4d7a78f239f94973a9dfb9de91fb91ecc93a1142e46f
SHA512c72adbd30af86992fc3d0d791afeb84147825965f4e9e80bf5b10519465acf20ece033a284702353b8fe7327d572d8436ff471a4da6439a3827e2633578634dd
-
Filesize
16KB
MD53b1521464c789b681f6f1c424def3275
SHA1a8f4cd8d5c13bc401bab8436f919035e6f5012bd
SHA256744455b14e8179773f857323296912cbed8fffa43ba621befc75ee99c9d3e7be
SHA512191332e72fad776cddbbb5628ac641630626b267c42c9ebf824651c02af715068b99761e80f0d644d21f60f23230f490a0ae49e8111da27e3171af689eaf61cd
-
Filesize
16KB
MD5ade57a9892c105eb146676b760e41e1a
SHA14ae761adbe22de8b6979c1e3b6f9129ab8ff2c11
SHA256273783621ede4e3a64953b0f7bf0d9fc8ea1d76a0d3d822f94f568a1d9a36eb6
SHA512aeaf10d02cc568f8f5a09a713bbfd0ebe83d7fd2f66903bc8a64e75ff83d9e438fb937c2f76b5424e540b10f6260ca29477d8eb7370f35cb3ba74ddf7892d8fc
-
Filesize
512B
MD5c0cd859f47ba04f91bfb31d126dceb21
SHA10d5ae21baba85b4a85788cf538644b55d5a2fae0
SHA2569c21f376ab20b3038f6695eaed3015bb45dd667b4439fa9fb647fc85389d4cc9
SHA512e6dcb9a5cb929a4e32cd9e023b0d1fbd1a594930e51a47f771315fd140b28edfd2fefaef4f6bb3af5e805696c6f398657244febf205a08a79f2fcd88ec775031
-
Filesize
36KB
MD553811100216fe38e2ca7ab153dbddcf7
SHA1de1e68256559be48d2e18dc9a24ea38e5dbfc22e
SHA2563683c8f4695d6cf5e26165acbea750c9efd4a3d0f0224f7cebbe51690a2e7178
SHA512a4055c0d47d677ac2d9bb58ff997afb9083e7a0be0d529c223cfdd1966c802b5aa858bfaa8fb785a3f86009b0e339fa42f9a219b84b4848d950412806c943fd6
-
Filesize
4KB
MD548fbda7bfa6616759b81abc5c8fbfa41
SHA1437348daf556ea98f024ea2160402f5807a0ec68
SHA256b3b92577f36f9e393c69b7593a51138a0c92f48566cf57031ca8f7b5b2ec7837
SHA512cba95c62bfc46c7961e7b33387614932f36e4b801ec044aba78756613a925ab340f0cb674810a0de0384cffc3d35aa939091c3593e07fcbe1dfa2677c8ed8833
-
Filesize
4KB
MD55c977ee7b9e76d547107432dde20df70
SHA115be380744b969e0bd24d07214cff2b16f233815
SHA256c38acd29ddb0b80d4bcd99bbeba1260a951166b4e4718ba74f58b3a53c83d187
SHA5126a9f64b45d81f76cb8f8a468d18c3489fd965e0a58ef6c840604b789777c0c4e58f443c62d51e145b9f8fe69e0c73a6afa8e64eb2229cbb2475607fb82308871
-
Filesize
4KB
MD5d280a089f5e2a78dafa385611ca0e660
SHA14b53048c8c21e225ff99199abb70ce27f5ed2eab
SHA256948583fc6d31577836e9ac25b5fd223c66e9faffd85be00bf98e175e645ba217
SHA5120fc54aa489861ed2b71588a76b6dab5ad5a9ed907c6affdde91f1d2d3fdf0bbfa1e253aeca8f3d66f0a89cc955ad3751e822eac8dde19d55729a8538e9834bf5
-
Filesize
4KB
MD54f6fd60bc1c3eba84ba910604396005e
SHA14113effbe807e44f942e365213d5324a5d9ce2f5
SHA256eae5d52897354a3e37105fd5e0a3aa60cb27438a8bf4756604eb4a6a9139def3
SHA512de12c6ad8ed3daab2eb17c2e92807912dbce862760c36e41ab15d4eabfa9f8c8ab2f1fa37516a979f6becbd48601d3aa2ee2244873980e351b31ff5bcc987582
-
Filesize
4KB
MD5df225695c4470165ec8855c2850197ca
SHA1f9c96020bcb0a40c6c804b58ed1da855ef951c09
SHA256783755766cb0d8b1290499590955c3f45e602ecd2d698deaf30fea6aa03f6107
SHA51227e71ca3694193c680a17c131e8635bc189b76707272c9cdd29e6f279d8e0c367cb5502bdeff7667aafd42af6deec4b62f57cda565c6a6bb7dd4b605733b6a31
-
Filesize
710B
MD59a2d54bacb626883c1842a223bc91b58
SHA1c73755bcdf660556e68b159f6659bbaa70031e8a
SHA25675631acd1c7c5010e699410a6efbe823fe27b6e13a20f30e19c04d2fa22ca143
SHA512a754acd41d7f68fe0a09bb83cd495d79f735ff9f20fa4f363122163292b09df80983e71eb313effe44077168aed038abb5a3b95da7a26980efccf6fba9ca3a5c
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-661DDD7B030200011061D5B53C3BF957.temp
Filesize438B
MD51262798fea503582add8d9979687c5d0
SHA108200cee81fb83a11816b973dbcfa5a2cc416eef
SHA256400dd0c46a43a7dd7491885648c521cfc2f4a36a2d63e13fa166ad739ae2973d
SHA5126560650bb9ce93af953b76594d1c26faec32d777e2a866657d2372712e2c87b69989a8112cd172c43f1cff7949d054b32ef9df43b7edfdabdbdeaa0a96bd4e4e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-661DDD7B030200011061D5B53C3BF957.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/661DDD7B030200011061D5B53C3BF957/report
Filesize732B
MD5e933c660db4a8644d4202764d16ebf03
SHA16f2fd490bdc919980d91de1473189cffaade19d6
SHA2565705f8744a01a6cd91199a98a2c1e1386e04661e93b41490ce7173d9c4fcd4e2
SHA512a986a3d617630cb55969154002f82e3e9eb5e3f7c9a230c32cd32fdb1f5f30357388990a0a9115707a4f697a039cf6d9f4703618b1ef28ea526cca2fc37ed639
-
Filesize
564B
MD500306767785c879e6aeb21e145229f4a
SHA11d225e2c8d22cd4f35fecd4ad62f5a879f998b75
SHA25698d73ee273444f926d32e3fd123ea91ed65346addabe828b2987fc9833bb845e
SHA512d485c15e13f3fded73664c1a8b0ed6091e86469b82bf82c386e7443abce74bd48fd2a5fd95f0f0aa04f903c783c84a434aea4b5043d726ccccea13e386018581
-
Filesize
90B
MD53730c7331b577d9083c8b4d23900372f
SHA12551b3d1a078d2a345719a45f9e4dadbe5cb99b2
SHA25669bd4e256292ae735d4860d78ebcd5603c689af43651fc9c4ac2d1ecdca262da
SHA512da9cc8ba568844fb12aba7a7883cc4ed9c9dd0261ddaa65ddf7ec3871ebfe354057023385d8365b87633e11dbf11a41b621f34dbaa3d05ccb7940ecc3346e66b
-
Filesize
36B
MD59bde7080f77f83bedf119d70625e21e8
SHA1ebf6de5b7b15d49d6a351c94c8249289db9d3340
SHA256d9eb9e9305c98266a54db615395ad8ac908d8c13338c3cae5d965d6e72d3a35e
SHA512adb341b749db0882416c808aace23d621679fc9e245ebe41205aee072ec928d8e1c3488e9d061225d4726c4354856a210e19e7c778460f95c5fb659cfad58b64
-
Filesize
512B
MD51c42bb35e2905df50be78e36ad9ce2a1
SHA10bece5699c286a5b4025613fe1cff865c5ad317d
SHA256a4960b49e6f3623da835b0615899db57c2937406fb53c06c7e1bae822ca32774
SHA5127c675c36e53615921cf5474ac94a1c7f611ff9036e055b6ecf6880d5e14ab886d61532c19162e0e13a87ecdfae932f12aad5a47250f84deddb51a32410cda596
-
Filesize
16KB
MD52541effe576bca117b18c01cbde79be5
SHA1462274794c44528d3928444656e48524b87d7570
SHA256d8d26255e7540e37c20089df1fa03a6e7913cc3f29de4ae8bb16b9525e58e703
SHA5125a5f522f1f8bb0ba6739bb10ff17efbf3274434585543cbf10b64d77fc291a1761d3c1ef2b599df019ccd4e77df5857f17c4e356322243ebceb0c9c5bd584f83
-
Filesize
108KB
MD56ac3e86583eaf6b21da2041a01852a60
SHA17e7c57b9743ba3d7714af572057a80e6c13384da
SHA25685583e9fafab1fdd452de3613a4da883765fdf286a10ba10dbbf49d6822cf050
SHA512a009cb5e8eb7e45155a7e01ee098d0230c2b68d9da67770a0f10b8e5d8a7ba58fecfb706cc09e5ef1a9e7b8bf0fbdfa03d193686e50959d6cbd6b1361b02aaa5